npm - cojson - Versions diffs - 0.7.0-alpha.5 → 0.7.0 - Mend

cojson 0.7.0-alpha.5 → 0.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (113) hide show

package/.eslintrc.cjs +3 -2
package/.prettierrc.js +9 -0
package/.turbo/turbo-build.log +3 -30
package/.turbo/turbo-lint.log +4 -0
package/.turbo/turbo-test.log +1106 -0
package/CHANGELOG.md +104 -0
package/README.md +3 -1
package/dist/base64url.test.js +25 -0
package/dist/base64url.test.js.map +1 -0
package/dist/coValueCore.js +60 -37
package/dist/coValueCore.js.map +1 -1
package/dist/coValues/account.js +16 -15
package/dist/coValues/account.js.map +1 -1
package/dist/coValues/coList.js +1 -1
package/dist/coValues/coList.js.map +1 -1
package/dist/coValues/coMap.js +17 -8
package/dist/coValues/coMap.js.map +1 -1
package/dist/coValues/group.js +13 -14
package/dist/coValues/group.js.map +1 -1
package/dist/coreToCoValue.js.map +1 -1
package/dist/crypto/PureJSCrypto.js +89 -0
package/dist/crypto/PureJSCrypto.js.map +1 -0
package/dist/crypto/WasmCrypto.js +127 -0
package/dist/crypto/WasmCrypto.js.map +1 -0
package/dist/crypto/crypto.js +151 -0
package/dist/crypto/crypto.js.map +1 -0
package/dist/ids.js +4 -2
package/dist/ids.js.map +1 -1
package/dist/index.js +6 -8
package/dist/index.js.map +1 -1
package/dist/jsonStringify.js.map +1 -1
package/dist/localNode.js +41 -38
package/dist/localNode.js.map +1 -1
package/dist/permissions.js +6 -6
package/dist/permissions.js.map +1 -1
package/dist/storage/FileSystem.js +61 -0
package/dist/storage/FileSystem.js.map +1 -0
package/dist/storage/chunksAndKnownStates.js +97 -0
package/dist/storage/chunksAndKnownStates.js.map +1 -0
package/dist/storage/index.js +265 -0
package/dist/storage/index.js.map +1 -0
package/dist/sync.js +29 -25
package/dist/sync.js.map +1 -1
package/dist/tests/account.test.js +58 -0
package/dist/tests/account.test.js.map +1 -0
package/dist/tests/coList.test.js +76 -0
package/dist/tests/coList.test.js.map +1 -0
package/dist/tests/coMap.test.js +136 -0
package/dist/tests/coMap.test.js.map +1 -0
package/dist/tests/coStream.test.js +172 -0
package/dist/tests/coStream.test.js.map +1 -0
package/dist/tests/coValueCore.test.js +114 -0
package/dist/tests/coValueCore.test.js.map +1 -0
package/dist/tests/crypto.test.js +118 -0
package/dist/tests/crypto.test.js.map +1 -0
package/dist/tests/cryptoImpl.test.js +113 -0
package/dist/tests/cryptoImpl.test.js.map +1 -0
package/dist/tests/group.test.js +34 -0
package/dist/tests/group.test.js.map +1 -0
package/dist/tests/permissions.test.js +1060 -0
package/dist/tests/permissions.test.js.map +1 -0
package/dist/tests/sync.test.js +816 -0
package/dist/tests/sync.test.js.map +1 -0
package/dist/tests/testUtils.js +12 -11
package/dist/tests/testUtils.js.map +1 -1
package/dist/typeUtils/accountOrAgentIDfromSessionID.js.map +1 -1
package/dist/typeUtils/isAccountID.js.map +1 -1
package/dist/typeUtils/isCoValue.js.map +1 -1
package/package.json +14 -27
package/src/base64url.test.ts +6 -5
package/src/coValue.ts +1 -1
package/src/coValueCore.ts +179 -126
package/src/coValues/account.ts +30 -32
package/src/coValues/coList.ts +11 -11
package/src/coValues/coMap.ts +27 -17
package/src/coValues/coStream.ts +17 -17
package/src/coValues/group.ts +93 -109
package/src/coreToCoValue.ts +5 -2
package/src/crypto/PureJSCrypto.ts +200 -0
package/src/crypto/WasmCrypto.ts +259 -0
package/src/crypto/crypto.ts +336 -0
package/src/ids.ts +8 -7
package/src/index.ts +24 -24
package/src/jsonStringify.ts +6 -4
package/src/jsonValue.ts +2 -2
package/src/localNode.ts +103 -109
package/src/media.ts +3 -3
package/src/permissions.ts +19 -21
package/src/storage/FileSystem.ts +152 -0
package/src/storage/chunksAndKnownStates.ts +139 -0
package/src/storage/index.ts +479 -0
package/src/streamUtils.ts +12 -12
package/src/sync.ts +79 -63
package/src/tests/account.test.ts +15 -15
package/src/tests/coList.test.ts +94 -0
package/src/tests/coMap.test.ts +162 -0
package/src/tests/coStream.test.ts +246 -0
package/src/tests/coValueCore.test.ts +36 -37
package/src/tests/crypto.test.ts +66 -72
package/src/tests/cryptoImpl.test.ts +183 -0
package/src/tests/group.test.ts +16 -17
package/src/tests/permissions.test.ts +269 -283
package/src/tests/sync.test.ts +122 -123
package/src/tests/testUtils.ts +24 -21
package/src/typeUtils/accountOrAgentIDfromSessionID.ts +1 -2
package/src/typeUtils/expectGroup.ts +1 -1
package/src/typeUtils/isAccountID.ts +0 -1
package/src/typeUtils/isCoValue.ts +1 -2
package/tsconfig.json +0 -1
package/dist/crypto.js +0 -254
package/dist/crypto.js.map +0 -1
package/src/crypto.ts +0 -484
package/src/tests/coValue.test.ts +0 -497

package/src/tests/permissions.test.ts CHANGED Viewed

@@ -1,35 +1,16 @@
-import { expect, test, beforeEach } from "vitest";
+import { expect, test } from "vitest";
 import { newRandomSessionID } from "../coValueCore.js";
 import { expectMap } from "../coValue.js";
-import { RawGroup } from "../coValues/group.js";
-import {
-    createdNowUnique,
-    newRandomKeySecret,
-    seal,
-    encryptKeySecret,
-    newRandomAgentSecret,
-    getAgentID,
-    getAgentSealerSecret,
-    getAgentSealerID,
-} from "../crypto.js";
 import {
     newGroup,
     newGroupHighLevel,
     groupWithTwoAdmins,
     groupWithTwoAdminsHighLevel,
 } from "./testUtils.js";
-import { ControlledAgent, cojsonReady } from "../index.js";
+import { ControlledAgent, WasmCrypto } from "../index.js";
 import { expectGroup } from "../typeUtils/expectGroup.js";
-import { webcrypto } from "node:crypto";
-if (!("crypto" in globalThis)) {
-    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    (globalThis as any).crypto = webcrypto;
-}
-beforeEach(async () => {
-    await cojsonReady;
-});
+const Crypto = await WasmCrypto.create();
 test("Initial admin can add another admin to a group", () => {
     groupWithTwoAdmins();
@@ -46,32 +27,32 @@ test("Added admin can add a third admin to a group", () => {
         groupCore
             .testWithDifferentAccount(
                 otherAdmin,
-                newRandomSessionID(otherAdmin.id)
+                newRandomSessionID(otherAdmin.id),
             )
-            .getCurrentContent()
+            .getCurrentContent(),
     );
     expect(groupAsOtherAdmin.get(otherAdmin.id)).toEqual("admin");
-    const thirdAdmin = node.createAccount("thirdAdmin");
+    const thirdAdmin = node.createAccount();
     groupAsOtherAdmin.set(thirdAdmin.id, "admin", "trusting");
     expect(groupAsOtherAdmin.get(thirdAdmin.id)).toEqual("admin");
 });
 test("Added adming can add a third admin to a group (high level)", () => {
-    const { group, otherAdmin, node } = groupWithTwoAdminsHighLevel();
+    const { group, otherAdmin } = groupWithTwoAdminsHighLevel();
     const groupAsOtherAdmin = expectGroup(
         group.core
             .testWithDifferentAccount(
                 otherAdmin,
-                newRandomSessionID(otherAdmin.id)
+                newRandomSessionID(otherAdmin.id),
             )
-            .getCurrentContent()
+            .getCurrentContent(),
     );
-    const thirdAdmin = groupAsOtherAdmin.core.node.createAccount("thirdAdmin");
+    const thirdAdmin = groupAsOtherAdmin.core.node.createAccount();
     groupAsOtherAdmin.addMember(thirdAdmin, "admin");
@@ -92,9 +73,9 @@ test("Admins can't demote other admins in a group", () => {
         groupCore
             .testWithDifferentAccount(
                 otherAdmin,
-                newRandomSessionID(otherAdmin.id)
+                newRandomSessionID(otherAdmin.id),
             )
-            .getCurrentContent()
+            .getCurrentContent(),
     );
     groupAsOtherAdmin.set(admin.id, "writer", "trusting");
@@ -108,13 +89,13 @@ test("Admins can't demote other admins in a group (high level)", () => {
         group.core
             .testWithDifferentAccount(
                 otherAdmin,
-                newRandomSessionID(otherAdmin.id)
+                newRandomSessionID(otherAdmin.id),
             )
-            .getCurrentContent()
+            .getCurrentContent(),
     );
     expect(() =>
-        groupAsOtherAdmin.addMemberInternal(admin.id, "writer")
+        groupAsOtherAdmin.addMemberInternal(admin.id, "writer"),
     ).toThrow("Failed to set role");
     expect(groupAsOtherAdmin.get(admin.id)).toEqual("admin");
@@ -122,7 +103,7 @@ test("Admins can't demote other admins in a group (high level)", () => {
 test("Admins an add writers to a group, who can't add admins, writers, or readers", () => {
     const { groupCore, node } = newGroup();
-    const writer = node.createAccount("writer");
+    const writer = node.createAccount();
     const groupContent = expectGroup(groupCore.getCurrentContent());
@@ -134,12 +115,12 @@ test("Admins an add writers to a group, who can't add admins, writers, or reader
     const groupAsWriter = expectGroup(
         groupCore
             .testWithDifferentAccount(writer, newRandomSessionID(writer.id))
-            .getCurrentContent()
+            .getCurrentContent(),
     );
     expect(groupAsWriter.get(writer.id)).toEqual("writer");
-    const otherAgent = node.createAccount("otherAgent");
+    const otherAgent = node.createAccount();
     groupAsWriter.set(otherAgent.id, "admin", "trusting");
     expect(groupAsWriter.get(otherAgent.id)).toBeUndefined();
@@ -154,7 +135,7 @@ test("Admins an add writers to a group, who can't add admins, writers, or reader
 test("Admins an add writers to a group, who can't add admins, writers, or readers (high level)", () => {
     const { group, node } = newGroupHighLevel();
-    const writer = node.createAccount("writer");
+    const writer = node.createAccount();
     group.addMember(writer, "writer");
     expect(group.get(writer.id)).toEqual("writer");
@@ -162,21 +143,21 @@ test("Admins an add writers to a group, who can't add admins, writers, or reader
     const groupAsWriter = expectGroup(
         group.core
             .testWithDifferentAccount(writer, newRandomSessionID(writer.id))
-            .getCurrentContent()
+            .getCurrentContent(),
     );
     expect(groupAsWriter.get(writer.id)).toEqual("writer");
-    const otherAgent = groupAsWriter.core.node.createAccount("otherAgent");
+    const otherAgent = groupAsWriter.core.node.createAccount();
     expect(() => groupAsWriter.addMember(otherAgent, "admin")).toThrow(
-        "Failed to set role"
+        "Failed to set role",
     );
     expect(() => groupAsWriter.addMember(otherAgent, "writer")).toThrow(
-        "Failed to set role"
+        "Failed to set role",
     );
     expect(() => groupAsWriter.addMember(otherAgent, "reader")).toThrow(
-        "Failed to set role"
+        "Failed to set role",
     );
     expect(groupAsWriter.get(otherAgent.id)).toBeUndefined();
@@ -184,7 +165,7 @@ test("Admins an add writers to a group, who can't add admins, writers, or reader
 test("Admins can add readers to a group, who can't add admins, writers, or readers", () => {
     const { groupCore, node } = newGroup();
-    const reader = node.createAccount("reader");
+    const reader = node.createAccount();
     const groupContent = expectGroup(groupCore.getCurrentContent());
@@ -194,12 +175,12 @@ test("Admins can add readers to a group, who can't add admins, writers, or reade
     const groupAsReader = expectGroup(
         groupCore
             .testWithDifferentAccount(reader, newRandomSessionID(reader.id))
-            .getCurrentContent()
+            .getCurrentContent(),
     );
     expect(groupAsReader.get(reader.id)).toEqual("reader");
-    const otherAgent = node.createAccount("otherAgent");
+    const otherAgent = node.createAccount();
     groupAsReader.set(otherAgent.id, "admin", "trusting");
     expect(groupAsReader.get(otherAgent.id)).toBeUndefined();
@@ -215,7 +196,7 @@ test("Admins can add readers to a group, who can't add admins, writers, or reade
 test("Admins can add readers to a group, who can't add admins, writers, or readers (high level)", () => {
     const { group, node } = newGroupHighLevel();
-    const reader = node.createAccount("reader");
+    const reader = node.createAccount();
     group.addMember(reader, "reader");
     expect(group.get(reader.id)).toEqual("reader");
@@ -223,21 +204,21 @@ test("Admins can add readers to a group, who can't add admins, writers, or reade
     const groupAsReader = expectGroup(
         group.core
             .testWithDifferentAccount(reader, newRandomSessionID(reader.id))
-            .getCurrentContent()
+            .getCurrentContent(),
     );
     expect(groupAsReader.get(reader.id)).toEqual("reader");
-    const otherAgent = groupAsReader.core.node.createAccount("otherAgent");
+    const otherAgent = groupAsReader.core.node.createAccount();
     expect(() => groupAsReader.addMember(otherAgent, "admin")).toThrow(
-        "Failed to set role"
+        "Failed to set role",
     );
     expect(() => groupAsReader.addMember(otherAgent, "writer")).toThrow(
-        "Failed to set role"
+        "Failed to set role",
     );
     expect(() => groupAsReader.addMember(otherAgent, "reader")).toThrow(
-        "Failed to set role"
+        "Failed to set role",
     );
     expect(groupAsReader.get(otherAgent.id)).toBeUndefined();
@@ -250,17 +231,17 @@ test("Admins can write to an object that is owned by their group", () => {
         type: "comap",
         ruleset: { type: "ownedByGroup", group: groupCore.id },
         meta: null,
-        ...createdNowUnique(),
+        ...Crypto.createdNowUnique(),
     });
-    let childContent = expectMap(childObject.getCurrentContent());
+    const childContent = expectMap(childObject.getCurrentContent());
     childContent.set("foo", "bar", "trusting");
     expect(childContent.get("foo")).toEqual("bar");
 });
 test("Admins can write to an object that is owned by their group (high level)", () => {
-    const { node, group } = newGroupHighLevel();
+    const { group } = newGroupHighLevel();
     const childObject = group.createMap();
@@ -271,7 +252,7 @@ test("Admins can write to an object that is owned by their group (high level)",
 test("Writers can write to an object that is owned by their group", () => {
     const { node, groupCore } = newGroup();
-    const writer = node.createAccount("writer");
+    const writer = node.createAccount();
     const group = expectGroup(groupCore.getCurrentContent());
     group.set(writer.id, "writer", "trusting");
@@ -281,16 +262,16 @@ test("Writers can write to an object that is owned by their group", () => {
         type: "comap",
         ruleset: { type: "ownedByGroup", group: groupCore.id },
         meta: null,
-        ...createdNowUnique(),
+        ...Crypto.createdNowUnique(),
     });
     const childObjectAsWriter = childObject.testWithDifferentAccount(
         writer,
-        newRandomSessionID(writer.id)
+        newRandomSessionID(writer.id),
     );
     const childContentAsWriter = expectMap(
-        childObjectAsWriter.getCurrentContent()
+        childObjectAsWriter.getCurrentContent(),
     );
     childContentAsWriter.set("foo", "bar", "trusting");
@@ -300,7 +281,7 @@ test("Writers can write to an object that is owned by their group", () => {
 test("Writers can write to an object that is owned by their group (high level)", () => {
     const { node, group } = newGroupHighLevel();
-    const writer = node.createAccount("writer");
+    const writer = node.createAccount();
     group.addMember(writer, "writer");
@@ -309,7 +290,7 @@ test("Writers can write to an object that is owned by their group (high level)",
     const childObjectAsWriter = expectMap(
         childObject.core
             .testWithDifferentAccount(writer, newRandomSessionID(writer.id))
-            .getCurrentContent()
+            .getCurrentContent(),
     );
     childObjectAsWriter.set("foo", "bar", "trusting");
@@ -319,7 +300,7 @@ test("Writers can write to an object that is owned by their group (high level)",
 test("Readers can not write to an object that is owned by their group", () => {
     const { node, groupCore } = newGroup();
-    const reader = node.createAccount("reader");
+    const reader = node.createAccount();
     const group = expectGroup(groupCore.getCurrentContent());
     group.set(reader.id, "reader", "trusting");
@@ -329,16 +310,16 @@ test("Readers can not write to an object that is owned by their group", () => {
         type: "comap",
         ruleset: { type: "ownedByGroup", group: groupCore.id },
         meta: null,
-        ...createdNowUnique(),
+        ...Crypto.createdNowUnique(),
     });
     const childObjectAsReader = childObject.testWithDifferentAccount(
         reader,
-        newRandomSessionID(reader.id)
+        newRandomSessionID(reader.id),
     );
     const childContentAsReader = expectMap(
-        childObjectAsReader.getCurrentContent()
+        childObjectAsReader.getCurrentContent(),
     );
     childContentAsReader.set("foo", "bar", "trusting");
@@ -348,7 +329,7 @@ test("Readers can not write to an object that is owned by their group", () => {
 test("Readers can not write to an object that is owned by their group (high level)", () => {
     const { node, group } = newGroupHighLevel();
-    const reader = node.createAccount("reader");
+    const reader = node.createAccount();
     group.addMember(reader, "reader");
@@ -357,7 +338,7 @@ test("Readers can not write to an object that is owned by their group (high leve
     const childObjectAsReader = expectMap(
         childObject.core
             .testWithDifferentAccount(reader, newRandomSessionID(reader.id))
-            .getCurrentContent()
+            .getCurrentContent(),
     );
     childObjectAsReader.set("foo", "bar", "trusting");
@@ -369,8 +350,8 @@ test("Admins can set group read key and then use it to create and read private t
     const groupContent = expectGroup(groupCore.getCurrentContent());
-    const { secret: readKey, id: readKeyID } = newRandomKeySecret();
-    const revelation = seal({
+    const { secret: readKey, id: readKeyID } = Crypto.newRandomKeySecret();
+    const revelation = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
         to: admin.currentSealerID(),
@@ -383,7 +364,7 @@ test("Admins can set group read key and then use it to create and read private t
     groupContent.set(`${readKeyID}_for_${admin.id}`, revelation, "trusting");
     expect(groupContent.get(`${readKeyID}_for_${admin.id}`)).toEqual(
-        revelation
+        revelation,
     );
     groupContent.set("readKey", readKeyID, "trusting");
@@ -396,7 +377,7 @@ test("Admins can set group read key and then use it to create and read private t
         type: "comap",
         ruleset: { type: "ownedByGroup", group: groupCore.id },
         meta: null,
-        ...createdNowUnique(),
+        ...Crypto.createdNowUnique(),
     });
     const childContent = expectMap(childObject.getCurrentContent());
@@ -406,7 +387,7 @@ test("Admins can set group read key and then use it to create and read private t
 });
 test("Admins can set group read key and then use it to create and read private transactions in owned objects (high level)", () => {
-    const { node, group, admin } = newGroupHighLevel();
+    const { group } = newGroupHighLevel();
     const childObject = group.createMap();
@@ -417,16 +398,16 @@ test("Admins can set group read key and then use it to create and read private t
 test("Admins can set group read key and then writers can use it to create and read private transactions in owned objects", () => {
     const { node, groupCore, admin } = newGroup();
-    const writer = node.createAccount("writer");
+    const writer = node.createAccount();
-    const { secret: readKey, id: readKeyID } = newRandomKeySecret();
+    const { secret: readKey, id: readKeyID } = Crypto.newRandomKeySecret();
     const groupContent = expectGroup(groupCore.getCurrentContent());
     groupContent.set(writer.id, "writer", "trusting");
     expect(groupContent.get(writer.id)).toEqual("writer");
-    const revelation1 = seal({
+    const revelation1 = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
         to: admin.currentSealerID(),
@@ -438,7 +419,7 @@ test("Admins can set group read key and then writers can use it to create and re
     groupContent.set(`${readKeyID}_for_${admin.id}`, revelation1, "trusting");
-    const revelation2 = seal({
+    const revelation2 = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
         to: writer.currentSealerID(),
@@ -456,18 +437,18 @@ test("Admins can set group read key and then writers can use it to create and re
         type: "comap",
         ruleset: { type: "ownedByGroup", group: groupCore.id },
         meta: null,
-        ...createdNowUnique(),
+        ...Crypto.createdNowUnique(),
     });
     const childObjectAsWriter = childObject.testWithDifferentAccount(
         writer,
-        newRandomSessionID(writer.id)
+        newRandomSessionID(writer.id),
     );
     expect(childObject.getCurrentReadKey().secret).toEqual(readKey);
     const childContentAsWriter = expectMap(
-        childObjectAsWriter.getCurrentContent()
+        childObjectAsWriter.getCurrentContent(),
     );
     childContentAsWriter.set("foo", "bar", "private");
@@ -475,9 +456,9 @@ test("Admins can set group read key and then writers can use it to create and re
 });
 test("Admins can set group read key and then writers can use it to create and read private transactions in owned objects (high level)", () => {
-    const { node, group, admin } = newGroupHighLevel();
+    const { node, group } = newGroupHighLevel();
-    const writer = node.createAccount("writer");
+    const writer = node.createAccount();
     group.addMember(writer, "writer");
@@ -486,7 +467,7 @@ test("Admins can set group read key and then writers can use it to create and re
     const childObjectAsWriter = expectMap(
         childObject.core
             .testWithDifferentAccount(writer, newRandomSessionID(writer.id))
-            .getCurrentContent()
+            .getCurrentContent(),
     );
     childObjectAsWriter.set("foo", "bar", "private");
@@ -496,16 +477,16 @@ test("Admins can set group read key and then writers can use it to create and re
 test("Admins can set group read key and then use it to create private transactions in owned objects, which readers can read", () => {
     const { node, groupCore, admin } = newGroup();
-    const reader = node.createAccount("reader");
+    const reader = node.createAccount();
-    const { secret: readKey, id: readKeyID } = newRandomKeySecret();
+    const { secret: readKey, id: readKeyID } = Crypto.newRandomKeySecret();
     const groupContent = expectGroup(groupCore.getCurrentContent());
     groupContent.set(reader.id, "reader", "trusting");
     expect(groupContent.get(reader.id)).toEqual("reader");
-    const revelation1 = seal({
+    const revelation1 = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
         to: admin.currentSealerID(),
@@ -517,7 +498,7 @@ test("Admins can set group read key and then use it to create private transactio
     groupContent.set(`${readKeyID}_for_${admin.id}`, revelation1, "trusting");
-    const revelation2 = seal({
+    const revelation2 = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
         to: reader.currentSealerID(),
@@ -535,7 +516,7 @@ test("Admins can set group read key and then use it to create private transactio
         type: "comap",
         ruleset: { type: "ownedByGroup", group: groupCore.id },
         meta: null,
-        ...createdNowUnique(),
+        ...Crypto.createdNowUnique(),
     });
     const childContent = expectMap(childObject.getCurrentContent());
@@ -545,22 +526,22 @@ test("Admins can set group read key and then use it to create private transactio
     const childObjectAsReader = childObject.testWithDifferentAccount(
         reader,
-        newRandomSessionID(reader.id)
+        newRandomSessionID(reader.id),
     );
     expect(childObjectAsReader.getCurrentReadKey().secret).toEqual(readKey);
     const childContentAsReader = expectMap(
-        childObjectAsReader.getCurrentContent()
+        childObjectAsReader.getCurrentContent(),
     );
     expect(childContentAsReader.get("foo")).toEqual("bar");
 });
 test("Admins can set group read key and then use it to create private transactions in owned objects, which readers can read (high level)", () => {
-    const { node, group, admin } = newGroupHighLevel();
+    const { node, group } = newGroupHighLevel();
-    const reader = node.createAccount("reader");
+    const reader = node.createAccount();
     group.addMember(reader, "reader");
@@ -572,7 +553,7 @@ test("Admins can set group read key and then use it to create private transactio
     const childContentAsReader = expectMap(
         childObject.core
             .testWithDifferentAccount(reader, newRandomSessionID(reader.id))
-            .getCurrentContent()
+            .getCurrentContent(),
     );
     expect(childContentAsReader.get("foo")).toEqual("bar");
@@ -581,18 +562,18 @@ test("Admins can set group read key and then use it to create private transactio
 test("Admins can set group read key and then use it to create private transactions in owned objects, which readers can read, even with a separate later revelation for the same read key", () => {
     const { node, groupCore, admin } = newGroup();
-    const reader1 = node.createAccount("reader1");
+    const reader1 = node.createAccount();
-    const reader2 = node.createAccount("reader2");
+    const reader2 = node.createAccount();
-    const { secret: readKey, id: readKeyID } = newRandomKeySecret();
+    const { secret: readKey, id: readKeyID } = Crypto.newRandomKeySecret();
     const groupContent = expectGroup(groupCore.getCurrentContent());
     groupContent.set(reader1.id, "reader", "trusting");
     expect(groupContent.get(reader1.id)).toEqual("reader");
-    const revelation1 = seal({
+    const revelation1 = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
         to: admin.currentSealerID(),
@@ -604,7 +585,7 @@ test("Admins can set group read key and then use it to create private transactio
     groupContent.set(`${readKeyID}_for_${admin.id}`, revelation1, "trusting");
-    const revelation2 = seal({
+    const revelation2 = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
         to: reader1.currentSealerID(),
@@ -622,7 +603,7 @@ test("Admins can set group read key and then use it to create private transactio
         type: "comap",
         ruleset: { type: "ownedByGroup", group: groupCore.id },
         meta: null,
-        ...createdNowUnique(),
+        ...Crypto.createdNowUnique(),
     });
     const childContent = expectMap(childObject.getCurrentContent());
@@ -632,18 +613,18 @@ test("Admins can set group read key and then use it to create private transactio
     const childObjectAsReader1 = childObject.testWithDifferentAccount(
         reader1,
-        newRandomSessionID(reader1.id)
+        newRandomSessionID(reader1.id),
     );
     expect(childObjectAsReader1.getCurrentReadKey().secret).toEqual(readKey);
     const childContentAsReader1 = expectMap(
-        childObjectAsReader1.getCurrentContent()
+        childObjectAsReader1.getCurrentContent(),
     );
     expect(childContentAsReader1.get("foo")).toEqual("bar");
-    const revelation3 = seal({
+    const revelation3 = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
         to: reader2.currentSealerID(),
@@ -657,24 +638,24 @@ test("Admins can set group read key and then use it to create private transactio
     const childObjectAsReader2 = childObject.testWithDifferentAccount(
         reader2,
-        newRandomSessionID(reader2.id)
+        newRandomSessionID(reader2.id),
     );
     expect(childObjectAsReader2.getCurrentReadKey().secret).toEqual(readKey);
     const childContentAsReader2 = expectMap(
-        childObjectAsReader2.getCurrentContent()
+        childObjectAsReader2.getCurrentContent(),
     );
     expect(childContentAsReader2.get("foo")).toEqual("bar");
 });
 test("Admins can set group read key and then use it to create private transactions in owned objects, which readers can read, even with a separate later revelation for the same read key (high level)", () => {
-    const { node, group, admin } = newGroupHighLevel();
+    const { node, group } = newGroupHighLevel();
-    const reader1 = node.createAccount("reader1");
+    const reader1 = node.createAccount();
-    const reader2 = node.createAccount("reader2");
+    const reader2 = node.createAccount();
     group.addMember(reader1, "reader");
@@ -686,7 +667,7 @@ test("Admins can set group read key and then use it to create private transactio
     const childContentAsReader1 = expectMap(
         childObject.core
             .testWithDifferentAccount(reader1, newRandomSessionID(reader1.id))
-            .getCurrentContent()
+            .getCurrentContent(),
     );
     expect(childContentAsReader1.get("foo")).toEqual("bar");
@@ -696,7 +677,7 @@ test("Admins can set group read key and then use it to create private transactio
     const childContentAsReader2 = expectMap(
         childObject.core
             .testWithDifferentAccount(reader2, newRandomSessionID(reader2.id))
-            .getCurrentContent()
+            .getCurrentContent(),
     );
     expect(childContentAsReader2.get("foo")).toEqual("bar");
@@ -707,8 +688,8 @@ test("Admins can set group read key, make a private transaction in an owned obje
     const groupContent = expectGroup(groupCore.getCurrentContent());
-    const { secret: readKey, id: readKeyID } = newRandomKeySecret();
-    const revelation1 = seal({
+    const { secret: readKey, id: readKeyID } = Crypto.newRandomKeySecret();
+    const revelation1 = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
         to: admin.currentSealerID(),
@@ -728,7 +709,7 @@ test("Admins can set group read key, make a private transaction in an owned obje
         type: "comap",
         ruleset: { type: "ownedByGroup", group: groupCore.id },
         meta: null,
-        ...createdNowUnique(),
+        ...Crypto.createdNowUnique(),
     });
     const childContent = expectMap(childObject.getCurrentContent());
@@ -736,9 +717,9 @@ test("Admins can set group read key, make a private transaction in an owned obje
     childContent.set("foo", "bar", "private");
     expect(childContent.get("foo")).toEqual("bar");
-    const { secret: readKey2, id: readKeyID2 } = newRandomKeySecret();
+    const { secret: readKey2, id: readKeyID2 } = Crypto.newRandomKeySecret();
-    const revelation2 = seal({
+    const revelation2 = Crypto.seal({
         message: readKey2,
         from: admin.currentSealerSecret(),
         to: admin.currentSealerID(),
@@ -785,13 +766,13 @@ test("Admins can set group read key, make a private transaction in an owned obje
         type: "comap",
         ruleset: { type: "ownedByGroup", group: groupCore.id },
         meta: null,
-        ...createdNowUnique(),
+        ...Crypto.createdNowUnique(),
     });
     const groupContent = expectGroup(groupCore.getCurrentContent());
-    const { secret: readKey, id: readKeyID } = newRandomKeySecret();
+    const { secret: readKey, id: readKeyID } = Crypto.newRandomKeySecret();
-    const revelation = seal({
+    const revelation = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
         to: admin.currentSealerID(),
@@ -814,11 +795,11 @@ test("Admins can set group read key, make a private transaction in an owned obje
     expect(childContent.get("foo")).toEqual("bar");
-    const reader = node.createAccount("reader");
+    const reader = node.createAccount();
-    const { secret: readKey2, id: readKeyID2 } = newRandomKeySecret();
+    const { secret: readKey2, id: readKeyID2 } = Crypto.newRandomKeySecret();
-    const revelation2 = seal({
+    const revelation2 = Crypto.seal({
         message: readKey2,
         from: admin.currentSealerSecret(),
         to: admin.currentSealerID(),
@@ -830,7 +811,7 @@ test("Admins can set group read key, make a private transaction in an owned obje
     groupContent.set(`${readKeyID2}_for_${admin.id}`, revelation2, "trusting");
-    const revelation3 = seal({
+    const revelation3 = Crypto.seal({
         message: readKey2,
         from: admin.currentSealerSecret(),
         to: reader.currentSealerID(),
@@ -844,11 +825,11 @@ test("Admins can set group read key, make a private transaction in an owned obje
     groupContent.set(
         `${readKeyID}_for_${readKeyID2}`,
-        encryptKeySecret({
+        Crypto.encryptKeySecret({
             toEncrypt: { id: readKeyID, secret: readKey },
             encrypting: { id: readKeyID2, secret: readKey2 },
         }).encrypted,
-        "trusting"
+        "trusting",
     );
     groupContent.set("readKey", readKeyID2, "trusting");
@@ -864,13 +845,13 @@ test("Admins can set group read key, make a private transaction in an owned obje
     const childObjectAsReader = childObject.testWithDifferentAccount(
         reader,
-        newRandomSessionID(reader.id)
+        newRandomSessionID(reader.id),
     );
     expect(childObjectAsReader.getCurrentReadKey().secret).toEqual(readKey2);
     const childContentAsReader = expectMap(
-        childObjectAsReader.getCurrentContent()
+        childObjectAsReader.getCurrentContent(),
     );
     expect(childContentAsReader.get("foo")).toEqual("bar");
@@ -893,7 +874,7 @@ test("Admins can set group read key, make a private transaction in an owned obje
     expect(childObject.core.getCurrentReadKey()).not.toEqual(firstReadKey);
-    const reader = node.createAccount("reader");
+    const reader = node.createAccount();
     group.addMember(reader, "reader");
@@ -903,7 +884,7 @@ test("Admins can set group read key, make a private transaction in an owned obje
     const childContentAsReader = expectMap(
         childObject.core
             .testWithDifferentAccount(reader, newRandomSessionID(reader.id))
-            .getCurrentContent()
+            .getCurrentContent(),
     );
     expect(childContentAsReader.get("foo")).toEqual("bar");
@@ -917,16 +898,16 @@ test("Admins can set group read rey, make a private transaction in an owned obje
         type: "comap",
         ruleset: { type: "ownedByGroup", group: groupCore.id },
         meta: null,
-        ...createdNowUnique(),
+        ...Crypto.createdNowUnique(),
     });
     const groupContent = expectGroup(groupCore.getCurrentContent());
-    const { secret: readKey, id: readKeyID } = newRandomKeySecret();
-    const reader = node.createAccount("reader");
+    const { secret: readKey, id: readKeyID } = Crypto.newRandomKeySecret();
+    const reader = node.createAccount();
-    const reader2 = node.createAccount("reader2");
+    const reader2 = node.createAccount();
-    const revelation1 = seal({
+    const revelation1 = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
         to: admin.currentSealerID(),
@@ -938,7 +919,7 @@ test("Admins can set group read rey, make a private transaction in an owned obje
     groupContent.set(`${readKeyID}_for_${admin.id}`, revelation1, "trusting");
-    const revelation2 = seal({
+    const revelation2 = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
         to: reader.currentSealerID(),
@@ -950,7 +931,7 @@ test("Admins can set group read rey, make a private transaction in an owned obje
     groupContent.set(`${readKeyID}_for_${reader.id}`, revelation2, "trusting");
-    const revelation3 = seal({
+    const revelation3 = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
         to: reader2.currentSealerID(),
@@ -978,25 +959,25 @@ test("Admins can set group read rey, make a private transaction in an owned obje
     let childObjectAsReader = childObject.testWithDifferentAccount(
         reader,
-        newRandomSessionID(reader.id)
+        newRandomSessionID(reader.id),
     );
     expect(
-        expectMap(childObjectAsReader.getCurrentContent()).get("foo")
+        expectMap(childObjectAsReader.getCurrentContent()).get("foo"),
     ).toEqual("bar");
     let childObjectAsReader2 = childObject.testWithDifferentAccount(
         reader,
-        newRandomSessionID(reader.id)
+        newRandomSessionID(reader.id),
     );
     expect(
-        expectMap(childObjectAsReader2.getCurrentContent()).get("foo")
+        expectMap(childObjectAsReader2.getCurrentContent()).get("foo"),
     ).toEqual("bar");
-    const { secret: readKey2, id: readKeyID2 } = newRandomKeySecret();
+    const { secret: readKey2, id: readKeyID2 } = Crypto.newRandomKeySecret();
-    const newRevelation1 = seal({
+    const newRevelation1 = Crypto.seal({
         message: readKey2,
         from: admin.currentSealerSecret(),
         to: admin.currentSealerID(),
@@ -1009,10 +990,10 @@ test("Admins can set group read rey, make a private transaction in an owned obje
     groupContent.set(
         `${readKeyID2}_for_${admin.id}`,
         newRevelation1,
-        "trusting"
+        "trusting",
     );
-    const newRevelation2 = seal({
+    const newRevelation2 = Crypto.seal({
         message: readKey2,
         from: admin.currentSealerSecret(),
         to: reader2.currentSealerID(),
@@ -1025,7 +1006,7 @@ test("Admins can set group read rey, make a private transaction in an owned obje
     groupContent.set(
         `${readKeyID2}_for_${reader2.id}`,
         newRevelation2,
-        "trusting"
+        "trusting",
     );
     groupContent.set("readKey", readKeyID2, "trusting");
@@ -1043,18 +1024,18 @@ test("Admins can set group read rey, make a private transaction in an owned obje
     // TODO: make sure these instances of coValues sync between each other so this isn't necessary?
     childObjectAsReader = childObject.testWithDifferentAccount(
         reader,
-        newRandomSessionID(reader.id)
+        newRandomSessionID(reader.id),
     );
     childObjectAsReader2 = childObject.testWithDifferentAccount(
         reader2,
-        newRandomSessionID(reader2.id)
+        newRandomSessionID(reader2.id),
     );
     expect(
-        expectMap(childObjectAsReader.getCurrentContent()).get("foo2")
+        expectMap(childObjectAsReader.getCurrentContent()).get("foo2"),
     ).toBeUndefined();
     expect(
-        expectMap(childObjectAsReader2.getCurrentContent()).get("foo2")
+        expectMap(childObjectAsReader2.getCurrentContent()).get("foo2"),
     ).toEqual("bar2");
 });
@@ -1072,9 +1053,9 @@ test("Admins can set group read rey, make a private transaction in an owned obje
     const secondReadKey = childObject.core.getCurrentReadKey();
-    const reader = node.createAccount("reader");
+    const reader = node.createAccount();
-    const reader2 = node.createAccount("reader2");
+    const reader2 = node.createAccount();
     group.addMember(reader, "reader");
     group.addMember(reader2, "reader");
@@ -1092,7 +1073,7 @@ test("Admins can set group read rey, make a private transaction in an owned obje
     const childContentAsReader2 = expectMap(
         childObject.core
             .testWithDifferentAccount(reader2, newRandomSessionID(reader2.id))
-            .getCurrentContent()
+            .getCurrentContent(),
     );
     expect(childContentAsReader2.get("foo")).toEqual("bar");
@@ -1103,8 +1084,8 @@ test("Admins can set group read rey, make a private transaction in an owned obje
         expectMap(
             childObject.core
                 .testWithDifferentAccount(reader, newRandomSessionID(reader.id))
-                .getCurrentContent()
-        ).get("foo3")
+                .getCurrentContent(),
+        ).get("foo3"),
     ).toBeUndefined();
 });
@@ -1115,29 +1096,29 @@ test("Can create two owned objects in the same group and they will have differen
         type: "comap",
         ruleset: { type: "ownedByGroup", group: groupCore.id },
         meta: null,
-        ...createdNowUnique(),
+        ...Crypto.createdNowUnique(),
     });
     const childObject2 = node.createCoValue({
         type: "comap",
         ruleset: { type: "ownedByGroup", group: groupCore.id },
         meta: null,
-        ...createdNowUnique(),
+        ...Crypto.createdNowUnique(),
     });
     expect(childObject1.id).not.toEqual(childObject2.id);
 });
 test("Admins can create an adminInvite, which can add an admin", () => {
-    const { node, groupCore, admin } = newGroup();
+    const { groupCore, admin } = newGroup();
-    const inviteSecret = newRandomAgentSecret();
-    const inviteID = getAgentID(inviteSecret);
+    const inviteSecret = Crypto.newRandomAgentSecret();
+    const inviteID = Crypto.getAgentID(inviteSecret);
     const group = expectGroup(groupCore.getCurrentContent());
-    const { secret: readKey, id: readKeyID } = newRandomKeySecret();
-    const revelation = seal({
+    const { secret: readKey, id: readKeyID } = Crypto.newRandomKeySecret();
+    const revelation = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
         to: admin.currentSealerID(),
@@ -1154,10 +1135,10 @@ test("Admins can create an adminInvite, which can add an admin", () => {
     expect(group.get(inviteID)).toEqual("adminInvite");
-    const revelationForInvite = seal({
+    const revelationForInvite = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
-        to: getAgentSealerID(inviteID),
+        to: Crypto.getAgentSealerID(inviteID),
         nOnceMaterial: {
             in: groupCore.id,
             tx: groupCore.nextTransactionID(),
@@ -1169,14 +1150,14 @@ test("Admins can create an adminInvite, which can add an admin", () => {
     const groupAsInvite = expectGroup(
         groupCore
             .testWithDifferentAccount(
-                new ControlledAgent(inviteSecret),
-                newRandomSessionID(inviteID)
+                new ControlledAgent(inviteSecret, Crypto),
+                newRandomSessionID(inviteID),
             )
-            .getCurrentContent()
+            .getCurrentContent(),
     );
-    const invitedAdminSecret = newRandomAgentSecret();
-    const invitedAdminID = getAgentID(invitedAdminSecret);
+    const invitedAdminSecret = Crypto.newRandomAgentSecret();
+    const invitedAdminID = Crypto.getAgentID(invitedAdminSecret);
     groupAsInvite.set(invitedAdminID, "admin", "trusting");
@@ -1186,10 +1167,10 @@ test("Admins can create an adminInvite, which can add an admin", () => {
     expect(readKeyAsInvite.secret).toBeDefined();
-    const revelation2 = seal({
+    const revelation2 = Crypto.seal({
         message: readKeyAsInvite.secret!,
-        from: getAgentSealerSecret(invitedAdminSecret),
-        to: getAgentSealerID(invitedAdminID),
+        from: Crypto.getAgentSealerSecret(invitedAdminSecret),
+        to: Crypto.getAgentSealerID(invitedAdminID),
         nOnceMaterial: {
             in: groupCore.id,
             tx: groupCore.nextTransactionID(),
@@ -1199,33 +1180,33 @@ test("Admins can create an adminInvite, which can add an admin", () => {
     groupAsInvite.set(
         `${readKeyAsInvite.id}_for_${invitedAdminID}`,
         revelation2,
-        "trusting"
+        "trusting",
     );
     expect(
-        groupAsInvite.get(`${readKeyAsInvite.id}_for_${invitedAdminID}`)
+        groupAsInvite.get(`${readKeyAsInvite.id}_for_${invitedAdminID}`),
     ).toEqual(revelation2);
 });
 test("Admins can create an adminInvite, which can add an admin (high-level)", async () => {
-    const { node, group, admin } = newGroupHighLevel();
+    const { node, group } = newGroupHighLevel();
     const inviteSecret = group.createInvite("admin");
-    const invitedAdminSecret = newRandomAgentSecret();
-    const invitedAdminID = getAgentID(invitedAdminSecret);
+    const invitedAdminSecret = Crypto.newRandomAgentSecret();
+    const invitedAdminID = Crypto.getAgentID(invitedAdminSecret);
     const nodeAsInvitedAdmin = node.testWithDifferentAccount(
-        new ControlledAgent(invitedAdminSecret),
-        newRandomSessionID(invitedAdminID)
+        new ControlledAgent(invitedAdminSecret, Crypto),
+        newRandomSessionID(invitedAdminID),
     );
     await nodeAsInvitedAdmin.acceptInvite(group.id, inviteSecret);
-    const thirdAdmin = newRandomAgentSecret();
-    const thirdAdminID = getAgentID(thirdAdmin);
+    const thirdAdmin = Crypto.newRandomAgentSecret();
+    const thirdAdminID = Crypto.getAgentID(thirdAdmin);
-    let groupAsInvitedAdmin = await nodeAsInvitedAdmin.load(group.id);
+    const groupAsInvitedAdmin = await nodeAsInvitedAdmin.load(group.id);
     if (groupAsInvitedAdmin === "unavailable") {
         throw new Error("groupAsInvitedAdmin is unavailable");
     }
@@ -1239,15 +1220,15 @@ test("Admins can create an adminInvite, which can add an admin (high-level)", as
 });
 test("Admins can create a writerInvite, which can add a writer", () => {
-    const { node, groupCore, admin } = newGroup();
+    const { groupCore, admin } = newGroup();
-    const inviteSecret = newRandomAgentSecret();
-    const inviteID = getAgentID(inviteSecret);
+    const inviteSecret = Crypto.newRandomAgentSecret();
+    const inviteID = Crypto.getAgentID(inviteSecret);
     const group = expectGroup(groupCore.getCurrentContent());
-    const { secret: readKey, id: readKeyID } = newRandomKeySecret();
-    const revelation = seal({
+    const { secret: readKey, id: readKeyID } = Crypto.newRandomKeySecret();
+    const revelation = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
         to: admin.currentSealerID(),
@@ -1264,10 +1245,10 @@ test("Admins can create a writerInvite, which can add a writer", () => {
     expect(group.get(inviteID)).toEqual("writerInvite");
-    const revelationForInvite = seal({
+    const revelationForInvite = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
-        to: getAgentSealerID(inviteID),
+        to: Crypto.getAgentSealerID(inviteID),
         nOnceMaterial: {
             in: groupCore.id,
             tx: groupCore.nextTransactionID(),
@@ -1279,14 +1260,14 @@ test("Admins can create a writerInvite, which can add a writer", () => {
     const groupAsInvite = expectGroup(
         groupCore
             .testWithDifferentAccount(
-                new ControlledAgent(inviteSecret),
-                newRandomSessionID(inviteID)
+                new ControlledAgent(inviteSecret, Crypto),
+                newRandomSessionID(inviteID),
             )
-            .getCurrentContent()
+            .getCurrentContent(),
     );
-    const invitedWriterSecret = newRandomAgentSecret();
-    const invitedWriterID = getAgentID(invitedWriterSecret);
+    const invitedWriterSecret = Crypto.newRandomAgentSecret();
+    const invitedWriterID = Crypto.getAgentID(invitedWriterSecret);
     groupAsInvite.set(invitedWriterID, "writer", "trusting");
@@ -1296,10 +1277,10 @@ test("Admins can create a writerInvite, which can add a writer", () => {
     expect(readKeyAsInvite.secret).toBeDefined();
-    const revelation2 = seal({
+    const revelation2 = Crypto.seal({
         message: readKeyAsInvite.secret!,
-        from: getAgentSealerSecret(invitedWriterSecret),
-        to: getAgentSealerID(invitedWriterID),
+        from: Crypto.getAgentSealerSecret(invitedWriterSecret),
+        to: Crypto.getAgentSealerID(invitedWriterID),
         nOnceMaterial: {
             in: groupCore.id,
             tx: groupCore.nextTransactionID(),
@@ -1309,25 +1290,25 @@ test("Admins can create a writerInvite, which can add a writer", () => {
     groupAsInvite.set(
         `${readKeyAsInvite.id}_for_${invitedWriterID}`,
         revelation2,
-        "trusting"
+        "trusting",
     );
     expect(
-        groupAsInvite.get(`${readKeyAsInvite.id}_for_${invitedWriterID}`)
+        groupAsInvite.get(`${readKeyAsInvite.id}_for_${invitedWriterID}`),
     ).toEqual(revelation2);
 });
 test("Admins can create a writerInvite, which can add a writer (high-level)", async () => {
-    const { node, group, admin } = newGroupHighLevel();
+    const { node, group } = newGroupHighLevel();
     const inviteSecret = group.createInvite("writer");
-    const invitedWriterSecret = newRandomAgentSecret();
-    const invitedWriterID = getAgentID(invitedWriterSecret);
+    const invitedWriterSecret = Crypto.newRandomAgentSecret();
+    const invitedWriterID = Crypto.getAgentID(invitedWriterSecret);
     const nodeAsInvitedWriter = node.testWithDifferentAccount(
-        new ControlledAgent(invitedWriterSecret),
-        newRandomSessionID(invitedWriterID)
+        new ControlledAgent(invitedWriterSecret, Crypto),
+        newRandomSessionID(invitedWriterID),
     );
     await nodeAsInvitedWriter.acceptInvite(group.id, inviteSecret);
@@ -1342,15 +1323,15 @@ test("Admins can create a writerInvite, which can add a writer (high-level)", as
 });
 test("Admins can create a readerInvite, which can add a reader", () => {
-    const { node, groupCore, admin } = newGroup();
+    const { groupCore, admin } = newGroup();
-    const inviteSecret = newRandomAgentSecret();
-    const inviteID = getAgentID(inviteSecret);
+    const inviteSecret = Crypto.newRandomAgentSecret();
+    const inviteID = Crypto.getAgentID(inviteSecret);
     const group = expectGroup(groupCore.getCurrentContent());
-    const { secret: readKey, id: readKeyID } = newRandomKeySecret();
-    const revelation = seal({
+    const { secret: readKey, id: readKeyID } = Crypto.newRandomKeySecret();
+    const revelation = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
         to: admin.currentSealerID(),
@@ -1367,10 +1348,10 @@ test("Admins can create a readerInvite, which can add a reader", () => {
     expect(group.get(inviteID)).toEqual("readerInvite");
-    const revelationForInvite = seal({
+    const revelationForInvite = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
-        to: getAgentSealerID(inviteID),
+        to: Crypto.getAgentSealerID(inviteID),
         nOnceMaterial: {
             in: groupCore.id,
             tx: groupCore.nextTransactionID(),
@@ -1382,14 +1363,14 @@ test("Admins can create a readerInvite, which can add a reader", () => {
     const groupAsInvite = expectGroup(
         groupCore
             .testWithDifferentAccount(
-                new ControlledAgent(inviteSecret),
-                newRandomSessionID(inviteID)
+                new ControlledAgent(inviteSecret, Crypto),
+                newRandomSessionID(inviteID),
             )
-            .getCurrentContent()
+            .getCurrentContent(),
     );
-    const invitedReaderSecret = newRandomAgentSecret();
-    const invitedReaderID = getAgentID(invitedReaderSecret);
+    const invitedReaderSecret = Crypto.newRandomAgentSecret();
+    const invitedReaderID = Crypto.getAgentID(invitedReaderSecret);
     groupAsInvite.set(invitedReaderID, "reader", "trusting");
@@ -1399,38 +1380,28 @@ test("Admins can create a readerInvite, which can add a reader", () => {
     expect(readKeyAsInvite.secret).toBeDefined();
-    const revelation2 = seal({
-        message: readKeyAsInvite.secret!,
-        from: getAgentSealerSecret(invitedReaderSecret),
-        to: getAgentSealerID(invitedReaderID),
-        nOnceMaterial: {
-            in: groupCore.id,
-            tx: groupCore.nextTransactionID(),
-        },
-    });
     groupAsInvite.set(
         `${readKeyAsInvite.id}_for_${invitedReaderID}`,
         revelation,
-        "trusting"
+        "trusting",
     );
     expect(
-        groupAsInvite.get(`${readKeyAsInvite.id}_for_${invitedReaderID}`)
+        groupAsInvite.get(`${readKeyAsInvite.id}_for_${invitedReaderID}`),
     ).toEqual(revelation);
 });
 test("Admins can create a readerInvite, which can add a reader (high-level)", async () => {
-    const { node, group, admin } = newGroupHighLevel();
+    const { node, group } = newGroupHighLevel();
     const inviteSecret = group.createInvite("reader");
-    const invitedReaderSecret = newRandomAgentSecret();
-    const invitedReaderID = getAgentID(invitedReaderSecret);
+    const invitedReaderSecret = Crypto.newRandomAgentSecret();
+    const invitedReaderID = Crypto.getAgentID(invitedReaderSecret);
     const nodeAsInvitedReader = node.testWithDifferentAccount(
-        new ControlledAgent(invitedReaderSecret),
-        newRandomSessionID(invitedReaderID)
+        new ControlledAgent(invitedReaderSecret, Crypto),
+        newRandomSessionID(invitedReaderID),
     );
     await nodeAsInvitedReader.acceptInvite(group.id, inviteSecret);
@@ -1445,15 +1416,15 @@ test("Admins can create a readerInvite, which can add a reader (high-level)", as
 });
 test("WriterInvites can not invite admins", () => {
-    const { node, groupCore, admin } = newGroup();
+    const { groupCore, admin } = newGroup();
-    const inviteSecret = newRandomAgentSecret();
-    const inviteID = getAgentID(inviteSecret);
+    const inviteSecret = Crypto.newRandomAgentSecret();
+    const inviteID = Crypto.getAgentID(inviteSecret);
     const group = expectGroup(groupCore.getCurrentContent());
-    const { secret: readKey, id: readKeyID } = newRandomKeySecret();
-    const revelation = seal({
+    const { secret: readKey, id: readKeyID } = Crypto.newRandomKeySecret();
+    const revelation = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
         to: admin.currentSealerID(),
@@ -1470,10 +1441,10 @@ test("WriterInvites can not invite admins", () => {
     expect(group.get(inviteID)).toEqual("writerInvite");
-    const revelationForInvite = seal({
+    const revelationForInvite = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
-        to: getAgentSealerID(inviteID),
+        to: Crypto.getAgentSealerID(inviteID),
         nOnceMaterial: {
             in: groupCore.id,
             tx: groupCore.nextTransactionID(),
@@ -1485,29 +1456,29 @@ test("WriterInvites can not invite admins", () => {
     const groupAsInvite = expectGroup(
         groupCore
             .testWithDifferentAccount(
-                new ControlledAgent(inviteSecret),
-                newRandomSessionID(inviteID)
+                new ControlledAgent(inviteSecret, Crypto),
+                newRandomSessionID(inviteID),
             )
-            .getCurrentContent()
+            .getCurrentContent(),
     );
-    const invitedAdminSecret = newRandomAgentSecret();
-    const invitedAdminID = getAgentID(invitedAdminSecret);
+    const invitedAdminSecret = Crypto.newRandomAgentSecret();
+    const invitedAdminID = Crypto.getAgentID(invitedAdminSecret);
     groupAsInvite.set(invitedAdminID, "admin", "trusting");
     expect(groupAsInvite.get(invitedAdminID)).toBeUndefined();
 });
 test("ReaderInvites can not invite admins", () => {
-    const { node, groupCore, admin } = newGroup();
+    const { groupCore, admin } = newGroup();
-    const inviteSecret = newRandomAgentSecret();
-    const inviteID = getAgentID(inviteSecret);
+    const inviteSecret = Crypto.newRandomAgentSecret();
+    const inviteID = Crypto.getAgentID(inviteSecret);
     const group = expectGroup(groupCore.getCurrentContent());
-    const { secret: readKey, id: readKeyID } = newRandomKeySecret();
-    const revelation = seal({
+    const { secret: readKey, id: readKeyID } = Crypto.newRandomKeySecret();
+    const revelation = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
         to: admin.currentSealerID(),
@@ -1524,10 +1495,10 @@ test("ReaderInvites can not invite admins", () => {
     expect(group.get(inviteID)).toEqual("readerInvite");
-    const revelationForInvite = seal({
+    const revelationForInvite = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
-        to: getAgentSealerID(inviteID),
+        to: Crypto.getAgentSealerID(inviteID),
         nOnceMaterial: {
             in: groupCore.id,
             tx: groupCore.nextTransactionID(),
@@ -1539,29 +1510,29 @@ test("ReaderInvites can not invite admins", () => {
     const groupAsInvite = expectGroup(
         groupCore
             .testWithDifferentAccount(
-                new ControlledAgent(inviteSecret),
-                newRandomSessionID(inviteID)
+                new ControlledAgent(inviteSecret, Crypto),
+                newRandomSessionID(inviteID),
             )
-            .getCurrentContent()
+            .getCurrentContent(),
     );
-    const invitedAdminSecret = newRandomAgentSecret();
-    const invitedAdminID = getAgentID(invitedAdminSecret);
+    const invitedAdminSecret = Crypto.newRandomAgentSecret();
+    const invitedAdminID = Crypto.getAgentID(invitedAdminSecret);
     groupAsInvite.set(invitedAdminID, "admin", "trusting");
     expect(groupAsInvite.get(invitedAdminID)).toBeUndefined();
 });
 test("ReaderInvites can not invite writers", () => {
-    const { node, groupCore, admin } = newGroup();
+    const { groupCore, admin } = newGroup();
-    const inviteSecret = newRandomAgentSecret();
-    const inviteID = getAgentID(inviteSecret);
+    const inviteSecret = Crypto.newRandomAgentSecret();
+    const inviteID = Crypto.getAgentID(inviteSecret);
     const group = expectGroup(groupCore.getCurrentContent());
-    const { secret: readKey, id: readKeyID } = newRandomKeySecret();
-    const revelation = seal({
+    const { secret: readKey, id: readKeyID } = Crypto.newRandomKeySecret();
+    const revelation = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
         to: admin.currentSealerID(),
@@ -1578,10 +1549,10 @@ test("ReaderInvites can not invite writers", () => {
     expect(group.get(inviteID)).toEqual("readerInvite");
-    const revelationForInvite = seal({
+    const revelationForInvite = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
-        to: getAgentSealerID(inviteID),
+        to: Crypto.getAgentSealerID(inviteID),
         nOnceMaterial: {
             in: groupCore.id,
             tx: groupCore.nextTransactionID(),
@@ -1593,14 +1564,14 @@ test("ReaderInvites can not invite writers", () => {
     const groupAsInvite = expectGroup(
         groupCore
             .testWithDifferentAccount(
-                new ControlledAgent(inviteSecret),
-                newRandomSessionID(inviteID)
+                new ControlledAgent(inviteSecret, Crypto),
+                newRandomSessionID(inviteID),
             )
-            .getCurrentContent()
+            .getCurrentContent(),
     );
-    const invitedWriterSecret = newRandomAgentSecret();
-    const invitedWriterID = getAgentID(invitedWriterSecret);
+    const invitedWriterSecret = Crypto.newRandomAgentSecret();
+    const invitedWriterID = Crypto.getAgentID(invitedWriterSecret);
     groupAsInvite.set(invitedWriterID, "writer", "trusting");
     expect(groupAsInvite.get(invitedWriterID)).toBeUndefined();
@@ -1613,12 +1584,12 @@ test("Can give read permission to 'everyone'", () => {
         type: "comap",
         ruleset: { type: "ownedByGroup", group: groupCore.id },
         meta: null,
-        ...createdNowUnique(),
+        ...Crypto.createdNowUnique(),
     });
     const group = expectGroup(groupCore.getCurrentContent());
-    const { secret: readKey, id: readKeyID } = newRandomKeySecret();
+    const { secret: readKey, id: readKeyID } = Crypto.newRandomKeySecret();
     group.set("everyone", "reader", "trusting");
     group.set("readKey", readKeyID, "trusting");
     group.set(`${readKeyID}_for_everyone`, readKey, "trusting");
@@ -1630,15 +1601,18 @@ test("Can give read permission to 'everyone'", () => {
     childContent.set("foo", "bar", "private");
     expect(childContent.get("foo")).toEqual("bar");
-    const newAccount = new ControlledAgent(newRandomAgentSecret());
+    const newAccount = new ControlledAgent(
+        Crypto.newRandomAgentSecret(),
+        Crypto,
+    );
     const childContent2 = expectMap(
         childObject
             .testWithDifferentAccount(
                 newAccount,
-                newRandomSessionID(newAccount.currentAgentID())
+                newRandomSessionID(newAccount.currentAgentID()),
             )
-            .getCurrentContent()
+            .getCurrentContent(),
     );
     expect(childContent2.get("foo")).toEqual("bar");
@@ -1656,33 +1630,36 @@ test("Can give read permissions to 'everyone' (high-level)", async () => {
     childObject.set("foo", "bar", "private");
     expect(childObject.get("foo")).toEqual("bar");
-    const newAccount = new ControlledAgent(newRandomAgentSecret());
+    const newAccount = new ControlledAgent(
+        Crypto.newRandomAgentSecret(),
+        Crypto,
+    );
     const childContent2 = expectMap(
         childObject.core
             .testWithDifferentAccount(
-                new ControlledAgent(newRandomAgentSecret()),
-                newRandomSessionID(newAccount.currentAgentID())
+                new ControlledAgent(Crypto.newRandomAgentSecret(), Crypto),
+                newRandomSessionID(newAccount.currentAgentID()),
             )
-            .getCurrentContent()
+            .getCurrentContent(),
     );
     expect(childContent2.get("foo")).toEqual("bar");
 });
-test("Can give write permission to 'everyone'", () => {
+test("Can give write permission to 'everyone'", async () => {
     const { node, groupCore } = newGroup();
     const childObject = node.createCoValue({
         type: "comap",
         ruleset: { type: "ownedByGroup", group: groupCore.id },
         meta: null,
-        ...createdNowUnique(),
+        ...Crypto.createdNowUnique(),
     });
     const group = expectGroup(groupCore.getCurrentContent());
-    const { secret: readKey, id: readKeyID } = newRandomKeySecret();
+    const { secret: readKey, id: readKeyID } = Crypto.newRandomKeySecret();
     group.set("everyone", "writer", "trusting");
     group.set("readKey", readKeyID, "trusting");
     group.set(`${readKeyID}_for_everyone`, readKey, "trusting");
@@ -1694,17 +1671,23 @@ test("Can give write permission to 'everyone'", () => {
     childContent.set("foo", "bar", "private");
     expect(childContent.get("foo")).toEqual("bar");
-    const newAccount = new ControlledAgent(newRandomAgentSecret());
+    const newAccount = new ControlledAgent(
+        Crypto.newRandomAgentSecret(),
+        Crypto,
+    );
     const childContent2 = expectMap(
         childObject
             .testWithDifferentAccount(
                 newAccount,
-                newRandomSessionID(newAccount.currentAgentID())
+                newRandomSessionID(newAccount.currentAgentID()),
             )
-            .getCurrentContent()
+            .getCurrentContent(),
     );
+    // TODO: resolve race condition
+    await new Promise((resolve) => setTimeout(resolve, 50));
     expect(childContent2.get("foo")).toEqual("bar");
     childContent2.set("foo", "bar2", "private");
@@ -1723,15 +1706,18 @@ test("Can give write permissions to 'everyone' (high-level)", async () => {
     childObject.set("foo", "bar", "private");
     expect(childObject.get("foo")).toEqual("bar");
-    const newAccount = new ControlledAgent(newRandomAgentSecret());
+    const newAccount = new ControlledAgent(
+        Crypto.newRandomAgentSecret(),
+        Crypto,
+    );
     const childContent2 = expectMap(
         childObject.core
             .testWithDifferentAccount(
                 newAccount,
-                newRandomSessionID(newAccount.currentAgentID())
+                newRandomSessionID(newAccount.currentAgentID()),
             )
-            .getCurrentContent()
+            .getCurrentContent(),
     );
     expect(childContent2.get("foo")).toEqual("bar");