cojson 0.18.27 → 0.18.29

package/src/coValueCore/coValueCore.ts

@@ -42,13 +42,14 @@ import {
   BranchStartCommit,
 } from "./branching.js";
 import { type RawAccountID } from "../coValues/account.js";
-import { decodeTransactionChangesAndMeta } from "./decodeTransactionChangesAndMeta.js";
+import { decryptTransactionChangesAndMeta } from "./decryptTransactionChangesAndMeta.js";
 import {
   combineKnownStateSessions,
   CoValueKnownState,
   emptyKnownState,
   KnownStateSessions,
 } from "../knownState.js";
+import { safeParseJSON } from "../jsonStringify.js";
 
 export function idforHeader(
   header: CoValueHeader,
@@ -58,41 +59,102 @@ export function idforHeader(
   return `co_z${hash.slice("shortHash_z".length)}`;
 }
 
-export type VerifiedTransaction = {
+export class VerifiedTransaction {
   // The account or agent that made the transaction
   author: RawAccountID | AgentID;
   // An object containing the session ID and the transaction index
-  txID: TransactionID;
+  currentTxID: TransactionID;
+  // If this is a merged transaction, the TxID of the transaction inside the original branch
+  sourceTxID: TransactionID | undefined;
   tx: Transaction;
   // The Unix time when the transaction was made
-  madeAt: number;
-  // Whether the transaction has been validated, used to track if determinedValidTransactions needs to be check this
-  isValidated: boolean;
+  currentMadeAt: number;
+  // If this is a merged transaction, the madeAt of the transaction inside the original branch
+  sourceTxMadeAt: number | undefined;
   // The decoded changes of the transaction
   changes: JsonValue[] | undefined;
   // The decoded meta information of the transaction
   meta: JsonObject | undefined;
-
   // Whether the transaction is valid, as per membership rules
-  isValid: boolean;
-
-  // True if we encountered an error while decoding the changes
-  hasInvalidChanges: boolean;
-  // True if we encountered an error while parsing the meta
-  hasInvalidMeta: boolean;
-
+  isValid: boolean = false;
+  // Whether the transaction has been validated, used to track if determinedValidTransactions needs to check this
+  isValidated: boolean = false;
+  // True if the transaction has been decrypted
+  isDecrypted: boolean = false;
   // True if the meta information has been parsed and loaded in the CoValueCore
-  hasMetaBeenParsed: boolean;
-
+  hasMetaBeenParsed: boolean = false;
   // The previous verified transaction for the same session
   previous: VerifiedTransaction | undefined;
-};
 
-export type DecryptedTransaction = {
-  txID: TransactionID;
+  constructor(
+    sessionID: SessionID,
+    txIndex: number,
+    tx: Transaction,
+    branchId: RawCoID | undefined,
+    parsingCache:
+      | { changes: JsonValue[]; meta: JsonObject | undefined }
+      | undefined,
+    previous: VerifiedTransaction | undefined,
+  ) {
+    this.author = accountOrAgentIDfromSessionID(sessionID);
+
+    const txID = branchId
+      ? {
+          sessionID,
+          txIndex,
+          branch: branchId,
+        }
+      : {
+          sessionID,
+          txIndex,
+        };
+
+    this.currentTxID = txID;
+    this.sourceTxID = undefined;
+    this.tx = tx;
+    this.currentMadeAt = tx.madeAt;
+    this.sourceTxMadeAt = undefined;
+    this.isValidated = false;
+
+    this.previous = previous;
+
+    if (parsingCache) {
+      this.changes = parsingCache.changes;
+      this.meta = parsingCache.meta;
+    } else {
+      // Decoding the trusting transactions here because they might be useful in the permissions checks
+      if (this.tx.privacy === "trusting") {
+        this.changes = safeParseJSON(this.tx.changes);
+
+        if (this.tx.meta) {
+          this.meta = safeParseJSON(this.tx.meta);
+        }
+      }
+    }
+  }
+
+  // The TxID that refers to the current position in the session map
+  // If this is a merged transaction, the txID is the TxID of the merged transaction
+  get txID() {
+    return this.sourceTxID ?? this.currentTxID;
+  }
+
+  // The madeAt that refers to the time when the transaction was made
+  // If this is a merged transaction, the madeAt is the time when the transaction has been made in the branch
+  get madeAt() {
+    return this.sourceTxMadeAt ?? this.currentMadeAt;
+  }
+
+  isValidTransactionWithChanges(): this is {
+    changes: JsonValue[];
+    isValid: true;
+  } {
+    return Boolean(this.isValid && this.changes);
+  }
+}
+
+export type DecryptedTransaction = Omit<VerifiedTransaction, "changes"> & {
   changes: JsonValue[];
-  madeAt: number;
-  tx: Transaction;
 };
 
 export type AvailableCoValueCore = CoValueCore & { verified: VerifiedState };
@@ -119,8 +181,9 @@ export class CoValueCore {
   get verified() {
     return this._verified;
   }
-  private readonly peers = new Map<
-    PeerID,
+
+  private readonly loadingStatuses = new Map<
+    PeerID | "storage",
     | {
         type: "unknown" | "pending" | "available" | "unavailable";
       }
@@ -136,18 +199,10 @@ export class CoValueCore {
     new Set();
   private counter: UpDownCounter;
 
-  private constructor(
-    init: { header: CoValueHeader } | { id: RawCoID },
-    node: LocalNode,
-  ) {
+  constructor(id: RawCoID, node: LocalNode) {
     this.crypto = node.crypto;
-    if ("header" in init) {
-      this.id = idforHeader(init.header, node.crypto);
-      this._verified = new VerifiedState(this.id, node.crypto, init.header);
-    } else {
-      this.id = init.id;
-      this._verified = null;
-    }
+    this.id = id;
+    this._verified = null;
     this.node = node;
 
     this.counter = metrics
@@ -161,25 +216,14 @@ export class CoValueCore {
     this.updateCounter(null);
   }
 
-  static fromID(id: RawCoID, node: LocalNode): CoValueCore {
-    return new CoValueCore({ id }, node);
-  }
-
-  static fromHeader(
-    header: CoValueHeader,
-    node: LocalNode,
-  ): AvailableCoValueCore {
-    return new CoValueCore({ header }, node) as AvailableCoValueCore;
-  }
-
   get loadingState() {
     if (this.verified) {
       return "available";
-    } else if (this.peers.size === 0) {
+    } else if (this.loadingStatuses.size === 0) {
       return "unknown";
     }
 
-    for (const peer of this.peers.values()) {
+    for (const peer of this.loadingStatuses.values()) {
       if (peer.type === "pending") {
         return "loading";
       } else if (peer.type === "unknown") {
@@ -203,53 +247,38 @@ export class CoValueCore {
   }
 
   isErroredInPeer(peerId: PeerID) {
-    return this.peers.get(peerId)?.type === "errored";
+    return this.getLoadingStateForPeer(peerId) === "errored";
   }
 
-  waitForAvailableOrUnavailable(): Promise<CoValueCore> {
+  waitFor(callback: (value: CoValueCore) => boolean) {
     return new Promise<CoValueCore>((resolve) => {
-      const listener = (core: CoValueCore) => {
-        if (core.isAvailable() || core.loadingState === "unavailable") {
+      this.subscribe((core, unsubscribe) => {
+        if (callback(core)) {
+          unsubscribe();
           resolve(core);
-          this.listeners.delete(listener);
         }
-      };
-
-      this.listeners.add(listener);
-      listener(this);
+      }, true);
     });
   }
 
-  waitForAvailable(): Promise<CoValueCore> {
-    return new Promise<CoValueCore>((resolve) => {
-      const listener = (core: CoValueCore) => {
-        if (core.isAvailable()) {
-          resolve(core);
-          this.listeners.delete(listener);
-        }
-      };
+  waitForAvailableOrUnavailable(): Promise<CoValueCore> {
+    return this.waitFor(
+      (core) => core.isAvailable() || core.loadingState === "unavailable",
+    );
+  }
 
-      this.listeners.add(listener);
-      listener(this);
-    });
+  waitForAvailable(): Promise<CoValueCore> {
+    return this.waitFor((core) => core.isAvailable());
   }
 
   waitForFullStreaming(): Promise<CoValueCore> {
-    return new Promise<CoValueCore>((resolve) => {
-      const listener = (core: CoValueCore) => {
-        if (core.isAvailable() && !core.verified.isStreaming()) {
-          resolve(core);
-          this.listeners.delete(listener);
-        }
-      };
-
-      this.listeners.add(listener);
-      listener(this);
-    });
+    return this.waitFor(
+      (core) => core.isAvailable() && !core.verified.isStreaming(),
+    );
   }
 
-  getStateForPeer(peerId: PeerID) {
-    return this.peers.get(peerId);
+  getLoadingStateForPeer(peerId: PeerID) {
+    return this.loadingStatuses.get(peerId)?.type ?? "unknown";
   }
 
   private updateCounter(previousState: string | null) {
@@ -289,13 +318,13 @@ export class CoValueCore {
 
   markNotFoundInPeer(peerId: PeerID) {
     const previousState = this.loadingState;
-    this.peers.set(peerId, { type: "unavailable" });
+    this.loadingStatuses.set(peerId, { type: "unavailable" });
     this.updateCounter(previousState);
     this.scheduleNotifyUpdate();
   }
 
   markFoundInPeer(peerId: PeerID, previousState: string) {
-    this.peers.set(peerId, { type: "available" });
+    this.loadingStatuses.set(peerId, { type: "available" });
     this.updateCounter(previousState);
     this.scheduleNotifyUpdate();
   }
@@ -408,14 +437,14 @@ export class CoValueCore {
 
   markErrored(peerId: PeerID, error: TryAddTransactionsError) {
     const previousState = this.loadingState;
-    this.peers.set(peerId, { type: "errored", error });
+    this.loadingStatuses.set(peerId, { type: "errored", error });
     this.updateCounter(previousState);
     this.scheduleNotifyUpdate();
   }
 
   markPending(peerId: PeerID) {
     const previousState = this.loadingState;
-    this.peers.set(peerId, { type: "pending" });
+    this.loadingStatuses.set(peerId, { type: "pending" });
     this.updateCounter(previousState);
     this.scheduleNotifyUpdate();
   }
@@ -814,36 +843,19 @@ export class CoValueCore {
           continue;
         }
 
-        const txID = isBranched
-          ? {
-              sessionID,
-              txIndex,
-              branch: this.id,
-            }
-          : {
-              sessionID,
-              txIndex,
-            };
-
         const cache = this.parsingCache.get(tx);
         if (cache) {
           this.parsingCache.delete(tx);
         }
 
-        const verifiedTransaction = {
-          author: accountOrAgentIDfromSessionID(sessionID),
-          txID,
-          madeAt: tx.madeAt,
-          isValidated: false,
-          isValid: false,
-          changes: cache?.changes,
-          meta: cache?.meta,
-          hasInvalidChanges: false,
-          hasInvalidMeta: false,
-          hasMetaBeenParsed: false,
+        const verifiedTransaction = new VerifiedTransaction(
+          sessionID,
+          txIndex,
           tx,
-          previous: this.lastVerifiedTransactionBySessionID[sessionID],
-        };
+          isBranched ? this.id : undefined,
+          cache,
+          this.lastVerifiedTransactionBySessionID[sessionID],
+        );
 
         if (verifiedTransaction.madeAt > this.latestTxMadeAt) {
           this.latestTxMadeAt = verifiedTransaction.madeAt;
@@ -919,19 +931,33 @@ export class CoValueCore {
       const meta = transaction.meta as MergedTransactionMetadata;
 
       // Check if the transaction is a merge commit
-      const previousTransaction = transaction.previous?.txID;
-      const sessionID = meta.s ?? previousTransaction?.sessionID;
+      const previousTransaction = transaction.previous;
+      const sessionID = meta.s ?? previousTransaction?.txID.sessionID;
+
+      if (meta.t) {
+        transaction.sourceTxMadeAt = transaction.currentMadeAt - meta.t;
+      } else if (previousTransaction) {
+        transaction.sourceTxMadeAt = previousTransaction.madeAt;
+      }
+
+      // Check against tampering of the meta.t value to write transaction after the access revocation
+      if (
+        transaction.sourceTxMadeAt &&
+        transaction.sourceTxMadeAt > transaction.currentMadeAt
+      ) {
+        transaction.isValid = false;
+      }
 
       if (sessionID) {
-        transaction.txID = {
+        transaction.sourceTxID = {
           sessionID,
           txIndex: meta.mi,
-          branch: meta.b ?? previousTransaction?.branch,
+          branch: meta.b ?? previousTransaction?.txID.branch,
         };
       } else {
         logger.error("Merge commit without session ID", {
           txID: transaction.txID,
-          prev: previousTransaction ?? null,
+          prevTxID: previousTransaction?.txID ?? null,
         });
       }
     }
@@ -952,11 +978,10 @@ export class CoValueCore {
     this.determineValidTransactions();
 
     for (const transaction of this.verifiedTransactions) {
-      decodeTransactionChangesAndMeta(
-        this,
-        transaction,
-        ignorePrivateTransactions,
-      );
+      if (!ignorePrivateTransactions) {
+        decryptTransactionChangesAndMeta(this, transaction);
+      }
+
       this.parseMetaInformation(transaction);
     }
   }
@@ -987,7 +1012,7 @@ export class CoValueCore {
     const source = getBranchSource(this);
 
     for (const transaction of this.verifiedTransactions) {
-      if (!isValidTransactionWithChanges(transaction)) {
+      if (!transaction.isValidTransactionWithChanges()) {
         continue;
       }
 
@@ -997,7 +1022,8 @@ export class CoValueCore {
 
       options?.knownTransactions?.add(transaction.tx);
 
-      const { txID } = transaction;
+      // Using the currentTxID to filter the transactions, because the TxID is modified by the merge meta
+      const txID = transaction.currentTxID;
 
       const from = options?.from?.[txID.sessionID] ?? -1;
 
@@ -1121,8 +1147,8 @@ export class CoValueCore {
   }
 
   compareTransactions(
-    a: Pick<DecryptedTransaction, "madeAt" | "txID">,
-    b: Pick<DecryptedTransaction, "madeAt" | "txID">,
+    a: Pick<VerifiedTransaction, "madeAt" | "txID">,
+    b: Pick<VerifiedTransaction, "madeAt" | "txID">,
   ) {
     if (a.madeAt !== b.madeAt) {
       return a.madeAt - b.madeAt;
@@ -1195,7 +1221,7 @@ export class CoValueCore {
     }
   }
 
-  getGroup(): RawGroup {
+  safeGetGroup(): RawGroup | undefined {
     if (!this.verified) {
       throw new Error(
         "CoValueCore: getGroup called on coValue without verified state",
@@ -1203,7 +1229,7 @@ export class CoValueCore {
     }
 
     if (this.verified.header.ruleset.type !== "ownedByGroup") {
-      throw new Error("Only values owned by groups have groups");
+      return undefined;
     }
 
     return expectGroup(
@@ -1213,6 +1239,16 @@ export class CoValueCore {
     );
   }
 
+  getGroup(): RawGroup {
+    const group = this.safeGetGroup();
+
+    if (!group) {
+      throw new Error("Only values owned by groups have groups");
+    }
+
+    return group;
+  }
+
   getTx(txID: TransactionID): Transaction | undefined {
     return this.verified?.sessions.get(txID.sessionID)?.transactions[
       txID.txIndex
@@ -1244,10 +1280,34 @@ export class CoValueCore {
       return;
     }
 
-    const currentState = this.peers.get("storage");
+    const currentState = this.getLoadingStateForPeer("storage");
 
-    if (currentState && currentState.type !== "unknown") {
-      done?.(currentState.type === "available");
+    if (currentState === "pending") {
+      if (!done) {
+        // We don't need to notify the result to anyone, so we can return early
+        return;
+      }
+
+      // Loading the value
+      this.subscribe((state, unsubscribe) => {
+        const updatedState = state.getLoadingStateForPeer("storage");
+
+        if (updatedState === "available" || state.isAvailable()) {
+          unsubscribe();
+          done(true);
+        } else if (
+          updatedState === "errored" ||
+          updatedState === "unavailable"
+        ) {
+          unsubscribe();
+          done(false);
+        }
+      });
+      return;
+    }
+
+    if (currentState !== "unknown") {
+      done?.(currentState === "available");
       return;
     }
 
@@ -1273,7 +1333,7 @@ export class CoValueCore {
     }
 
     for (const peer of peers) {
-      const currentState = this.peers.get(peer.id)?.type ?? "unknown";
+      const currentState = this.getLoadingStateForPeer(peer.id);
 
       if (currentState === "unknown" || currentState === "unavailable") {
         this.markPending(peer.id);
@@ -1300,40 +1360,34 @@ export class CoValueCore {
       peer.trackLoadRequestSent(this.id);
     }
 
-    return new Promise<void>((resolve) => {
-      const markNotFound = () => {
-        if (this.peers.get(peer.id)?.type === "pending") {
-          logger.warn("Timeout waiting for peer to load coValue", {
-            id: this.id,
-            peerID: peer.id,
-          });
-          this.markNotFoundInPeer(peer.id);
-        }
-      };
-
-      const timeout = setTimeout(markNotFound, CO_VALUE_LOADING_CONFIG.TIMEOUT);
-      const removeCloseListener = peer.persistent
-        ? undefined
-        : peer.addCloseListener(markNotFound);
-
-      const listener = (state: CoValueCore) => {
-        const peerState = state.peers.get(peer.id);
-        if (
-          state.isAvailable() || // might have become available from another peer e.g. through handleNewContent
-          peerState?.type === "available" ||
-          peerState?.type === "errored" ||
-          peerState?.type === "unavailable"
-        ) {
-          this.listeners.delete(listener);
-          removeCloseListener?.();
-          clearTimeout(timeout);
-          resolve();
-        }
-      };
+    const markNotFound = () => {
+      if (this.getLoadingStateForPeer(peer.id) === "pending") {
+        logger.warn("Timeout waiting for peer to load coValue", {
+          id: this.id,
+          peerID: peer.id,
+        });
+        this.markNotFoundInPeer(peer.id);
+      }
+    };
 
-      this.listeners.add(listener);
-      listener(this);
-    });
+    const timeout = setTimeout(markNotFound, CO_VALUE_LOADING_CONFIG.TIMEOUT);
+    const removeCloseListener = peer.persistent
+      ? undefined
+      : peer.addCloseListener(markNotFound);
+
+    this.subscribe((state, unsubscribe) => {
+      const peerState = state.getLoadingStateForPeer(peer.id);
+      if (
+        state.isAvailable() || // might have become available from another peer e.g. through handleNewContent
+        peerState === "available" ||
+        peerState === "errored" ||
+        peerState === "unavailable"
+      ) {
+        unsubscribe();
+        removeCloseListener?.();
+        clearTimeout(timeout);
+      }
+    }, true);
   }
 }
 
@@ -1369,9 +1423,3 @@ export type TryAddTransactionsError =
   | ResolveAccountAgentError
   | InvalidHashError
   | InvalidSignatureError;
-
-function isValidTransactionWithChanges(
-  transaction: VerifiedTransaction,
-): transaction is VerifiedTransaction & { changes: JsonValue[] } {
-  return Boolean(transaction.isValid && transaction.changes);
-}

package/src/coValueCore/decryptTransactionChangesAndMeta.ts

@@ -0,0 +1,56 @@
+import { AvailableCoValueCore, VerifiedTransaction } from "./coValueCore.js";
+
+export function decryptTransactionChangesAndMeta(
+  coValue: AvailableCoValueCore,
+  transaction: VerifiedTransaction,
+) {
+  if (
+    !transaction.isValid ||
+    transaction.isDecrypted ||
+    transaction.tx.privacy === "trusting" // Trusting transactions are already decrypted
+  ) {
+    return;
+  }
+
+  const needsChagesParsing = !transaction.changes;
+  const needsMetaParsing = !transaction.meta && transaction.tx.meta;
+
+  if (!needsChagesParsing && !needsMetaParsing) {
+    return;
+  }
+
+  const readKey = coValue.getReadKey(transaction.tx.keyUsed);
+
+  if (!readKey) {
+    return;
+  }
+
+  if (needsChagesParsing) {
+    const changes = coValue.verified.decryptTransaction(
+      transaction.txID.sessionID,
+      transaction.txID.txIndex,
+      readKey,
+    );
+
+    if (changes) {
+      transaction.changes = changes;
+    }
+  }
+
+  if (needsMetaParsing) {
+    const meta = coValue.verified.decryptTransactionMeta(
+      transaction.txID.sessionID,
+      transaction.txID.txIndex,
+      readKey,
+    );
+
+    if (meta) {
+      transaction.meta = meta;
+    }
+  }
+
+  // We mark the transaction as decrypted even if the changes or meta have failed to be decrypted
+  // This is because, if we successfully extracted the readKey and the decrypt failed once it will always fail
+  // so better to log the error (we already do that) and mark the transaction as decrypted
+  transaction.isDecrypted = true;
+}

package/src/localNode.ts

@@ -116,7 +116,7 @@ export class LocalNode {
     let entry = this.coValues.get(id);
 
     if (!entry) {
-      entry = CoValueCore.fromID(id, this);
+      entry = new CoValueCore(id, this);
       this.coValues.set(id, entry);
     }