cojson 0.7.0-alpha.7 → 0.7.0

package/src/coValues/group.ts

@@ -3,26 +3,9 @@ import { RawCoMap } from "./coMap.js";
 import { RawCoList } from "./coList.js";
 import { JsonObject } from "../jsonValue.js";
 import { RawBinaryCoStream, RawCoStream } from "./coStream.js";
-import {
-    Encrypted,
-    KeyID,
-    KeySecret,
-    createdNowUnique,
-    newRandomKeySecret,
-    seal,
-    encryptKeySecret,
-    getAgentSealerID,
-    Sealed,
-    newRandomSecretSeed,
-    agentSecretFromSecretSeed,
-    getAgentID,
-} from "../crypto.js";
+import { Encrypted, KeyID, KeySecret, Sealed } from "../crypto/crypto.js";
 import { AgentID, isAgentID } from "../ids.js";
-import {
-    RawAccount,
-    AccountID,
-    ControlledAccountOrAgent,
-} from "./account.js";
+import { RawAccount, AccountID, ControlledAccountOrAgent } from "./account.js";
 import { Role } from "../permissions.js";
 import { base58 } from "@scure/base";
 
@@ -65,7 +48,7 @@ export type GroupShape = {
  *  ```
  * */
 export class RawGroup<
-    Meta extends JsonObject | null = JsonObject | null
+    Meta extends JsonObject | null = JsonObject | null,
 > extends RawCoMap<GroupShape, Meta> {
     /**
      * Returns the current role of a given account.
@@ -98,7 +81,7 @@ export class RawGroup<
      */
     addMember(
         account: RawAccount | ControlledAccountOrAgent | Everyone,
-        role: Role
+        role: Role,
     ) {
         this.addMemberInternal(account, role);
     }
@@ -106,58 +89,58 @@ export class RawGroup<
     /** @internal */
     addMemberInternal(
         account: RawAccount | ControlledAccountOrAgent | AgentID | Everyone,
-        role: Role
+        role: Role,
     ) {
-            const currentReadKey = this.core.getCurrentReadKey();
+        const currentReadKey = this.core.getCurrentReadKey();
 
-            if (!currentReadKey.secret) {
-                throw new Error("Can't add member without read key secret");
-            }
+        if (!currentReadKey.secret) {
+            throw new Error("Can't add member without read key secret");
+        }
 
-            if (account === EVERYONE) {
-                if (!(role === "reader" || role === "writer")) {
-                    throw new Error(
-                        "Can't make everyone something other than reader or writer"
-                    );
-                }
-                this.set(account, role, "trusting");
-
-                if (this.get(account) !== role) {
-                    throw new Error("Failed to set role");
-                }
-
-                this.set(
-                    `${currentReadKey.id}_for_${EVERYONE}`,
-                    currentReadKey.secret,
-                    "trusting"
-                );
-            } else {
-                const memberKey =
-                    typeof account === "string" ? account : account.id;
-                const agent =
-                    typeof account === "string"
-                        ? account
-                        : account.currentAgentID();
-                this.set(memberKey, role, "trusting");
-
-                if (this.get(memberKey) !== role) {
-                    throw new Error("Failed to set role");
-                }
-
-                this.set(
-                    `${currentReadKey.id}_for_${memberKey}`,
-                    seal({
-                        message: currentReadKey.secret,
-                        from: this.core.node.account.currentSealerSecret(),
-                        to: getAgentSealerID(agent),
-                        nOnceMaterial: {
-                            in: this.id,
-                            tx: this.core.nextTransactionID(),
-                        },
-                    }),
-                    "trusting"
+        if (account === EVERYONE) {
+            if (!(role === "reader" || role === "writer")) {
+                throw new Error(
+                    "Can't make everyone something other than reader or writer",
                 );
             }
+            this.set(account, role, "trusting");
+
+            if (this.get(account) !== role) {
+                throw new Error("Failed to set role");
+            }
+
+            this.set(
+                `${currentReadKey.id}_for_${EVERYONE}`,
+                currentReadKey.secret,
+                "trusting",
+            );
+        } else {
+            const memberKey =
+                typeof account === "string" ? account : account.id;
+            const agent =
+                typeof account === "string"
+                    ? account
+                    : account.currentAgentID();
+            this.set(memberKey, role, "trusting");
+
+            if (this.get(memberKey) !== role) {
+                throw new Error("Failed to set role");
+            }
+
+            this.set(
+                `${currentReadKey.id}_for_${memberKey}`,
+                this.core.crypto.seal({
+                    message: currentReadKey.secret,
+                    from: this.core.node.account.currentSealerSecret(),
+                    to: this.core.crypto.getAgentSealerID(agent),
+                    nOnceMaterial: {
+                        in: this.id,
+                        tx: this.core.nextTransactionID(),
+                    },
+                }),
+                "trusting",
+            );
+        }
     }
 
     /** @internal */
@@ -177,7 +160,7 @@ export class RawGroup<
 
         if (!maybeCurrentReadKey.secret) {
             throw new Error(
-                "Can't rotate read key secret we don't have access to"
+                "Can't rotate read key secret we don't have access to",
             );
         }
 
@@ -186,39 +169,39 @@ export class RawGroup<
             secret: maybeCurrentReadKey.secret,
         };
 
-        const newReadKey = newRandomKeySecret();
+        const newReadKey = this.core.crypto.newRandomKeySecret();
 
-            for (const readerID of currentlyPermittedReaders) {
-                const reader = this.core.node.resolveAccountAgent(
-                    readerID,
-                    "Expected to know currently permitted reader"
-                );
-
-                this.set(
-                    `${newReadKey.id}_for_${readerID}`,
-                    seal({
-                        message: newReadKey.secret,
-                        from: this.core.node.account.currentSealerSecret(),
-                        to: getAgentSealerID(reader),
-                        nOnceMaterial: {
-                            in: this.id,
-                            tx: this.core.nextTransactionID(),
-                        },
-                    }),
-                    "trusting"
-                );
-            }
+        for (const readerID of currentlyPermittedReaders) {
+            const reader = this.core.node.resolveAccountAgent(
+                readerID,
+                "Expected to know currently permitted reader",
+            );
 
             this.set(
-                `${currentReadKey.id}_for_${newReadKey.id}`,
-                encryptKeySecret({
-                    encrypting: newReadKey,
-                    toEncrypt: currentReadKey,
-                }).encrypted,
-                "trusting"
+                `${newReadKey.id}_for_${readerID}`,
+                this.core.crypto.seal({
+                    message: newReadKey.secret,
+                    from: this.core.node.account.currentSealerSecret(),
+                    to: this.core.crypto.getAgentSealerID(reader),
+                    nOnceMaterial: {
+                        in: this.id,
+                        tx: this.core.nextTransactionID(),
+                    },
+                }),
+                "trusting",
             );
+        }
 
-            this.set("readKey", newReadKey.id, "trusting");
+        this.set(
+            `${currentReadKey.id}_for_${newReadKey.id}`,
+            this.core.crypto.encryptKeySecret({
+                encrypting: newReadKey,
+                toEncrypt: currentReadKey,
+            }).encrypted,
+            "trusting",
+        );
+
+        this.set("readKey", newReadKey.id, "trusting");
     }
 
     /**
@@ -234,10 +217,10 @@ export class RawGroup<
 
     /** @internal */
     removeMemberInternal(
-        account: RawAccount | ControlledAccountOrAgent | AgentID | Everyone
+        account: RawAccount | ControlledAccountOrAgent | AgentID | Everyone,
     ) {
         const memberKey = typeof account === "string" ? account : account.id;
-         this.set(memberKey, "revoked", "trusting");
+        this.set(memberKey, "revoked", "trusting");
         this.rotateReadKey();
     }
 
@@ -249,10 +232,11 @@ export class RawGroup<
      * @category 2. Role changing
      */
     createInvite(role: "reader" | "writer" | "admin"): InviteSecret {
-        const secretSeed = newRandomSecretSeed();
+        const secretSeed = this.core.crypto.newRandomSecretSeed();
 
-        const inviteSecret = agentSecretFromSecretSeed(secretSeed);
-        const inviteID = getAgentID(inviteSecret);
+        const inviteSecret =
+            this.core.crypto.agentSecretFromSecretSeed(secretSeed);
+        const inviteID = this.core.crypto.getAgentID(inviteSecret);
 
         this.addMemberInternal(inviteID, `${role}Invite` as Role);
 
@@ -268,7 +252,7 @@ export class RawGroup<
     createMap<M extends RawCoMap>(
         init?: M["_shape"],
         meta?: M["headerMeta"],
-        initPrivacy: "trusting" | "private" = "private"
+        initPrivacy: "trusting" | "private" = "private",
     ): M {
         const map = this.core.node
             .createCoValue({
@@ -278,7 +262,7 @@ export class RawGroup<
                     group: this.id,
                 },
                 meta: meta || null,
-                ...createdNowUnique(),
+                ...this.core.crypto.createdNowUnique(),
             })
             .getCurrentContent() as M;
 
@@ -300,7 +284,7 @@ export class RawGroup<
     createList<L extends RawCoList>(
         init?: L["_item"][],
         meta?: L["headerMeta"],
-        initPrivacy: "trusting" | "private" = "private"
+        initPrivacy: "trusting" | "private" = "private",
     ): L {
         const list = this.core.node
             .createCoValue({
@@ -310,7 +294,7 @@ export class RawGroup<
                     group: this.id,
                 },
                 meta: meta || null,
-                ...createdNowUnique(),
+                ...this.core.crypto.createdNowUnique(),
             })
             .getCurrentContent() as L;
 
@@ -333,14 +317,14 @@ export class RawGroup<
                     group: this.id,
                 },
                 meta: meta || null,
-                ...createdNowUnique(),
+                ...this.core.crypto.createdNowUnique(),
             })
             .getCurrentContent() as C;
     }
 
     /** @category 3. Value creation */
     createBinaryStream<C extends RawBinaryCoStream>(
-        meta: C["headerMeta"] = { type: "binary" }
+        meta: C["headerMeta"] = { type: "binary" },
     ): C {
         return this.core.node
             .createCoValue({
@@ -350,7 +334,7 @@ export class RawGroup<
                     group: this.id,
                 },
                 meta: meta,
-                ...createdNowUnique(),
+                ...this.core.crypto.createdNowUnique(),
             })
             .getCurrentContent() as C;
     }

package/src/coreToCoValue.ts

@@ -8,7 +8,7 @@ import { RawBinaryCoStream } from "./coValues/coStream.js";
 
 export function coreToCoValue(
     core: CoValueCore,
-    options?: { ignorePrivateTransactions: true }
+    options?: { ignorePrivateTransactions: true },
 ) {
     if (core.header.type === "comap") {
         if (core.header.ruleset.type === "group") {
@@ -17,7 +17,10 @@ export function coreToCoValue(
                 !options?.ignorePrivateTransactions
             ) {
                 if (core.id === core.node.account.id) {
-                    return new RawControlledAccount(core, core.node.account.agentSecret);
+                    return new RawControlledAccount(
+                        core,
+                        core.node.account.agentSecret,
+                    );
                 } else {
                     return new RawAccount(core);
                 }

package/src/crypto/PureJSCrypto.ts

@@ -0,0 +1,200 @@
+import { ed25519, x25519 } from "@noble/curves/ed25519";
+import { xsalsa20_poly1305, xsalsa20 } from "@noble/ciphers/salsa";
+import { JsonValue } from "../jsonValue.js";
+import { base58 } from "@scure/base";
+import { randomBytes } from "@noble/ciphers/webcrypto/utils";
+import { RawCoID, TransactionID } from "../ids.js";
+import { base64URLtoBytes, bytesToBase64url } from "../base64url.js";
+import { Stringified, stableStringify } from "../jsonStringify.js";
+import { blake3 } from "@noble/hashes/blake3";
+import {
+    CryptoProvider,
+    SignerSecret,
+    SignerID,
+    Signature,
+    textEncoder,
+    SealerSecret,
+    SealerID,
+    KeySecret,
+    Encrypted,
+    textDecoder,
+    Sealed,
+} from "./crypto.js";
+
+type Blake3State = ReturnType<typeof blake3.create>;
+
+export class PureJSCrypto extends CryptoProvider<Blake3State> {
+    static async create(): Promise<PureJSCrypto> {
+        return new PureJSCrypto();
+    }
+
+    randomBytes(length: number): Uint8Array {
+        return randomBytes(length);
+    }
+
+    emptyBlake3State(): Blake3State {
+        return blake3.create({});
+    }
+
+    blake3HashOnce(data: Uint8Array) {
+        return blake3(data);
+    }
+
+    blake3HashOnceWithContext(
+        data: Uint8Array,
+        { context }: { context: Uint8Array },
+    ) {
+        return blake3.create({}).update(context).update(data).digest();
+    }
+
+    blake3IncrementalUpdate(state: Blake3State, data: Uint8Array) {
+        return state.update(data);
+    }
+
+    blake3DigestForState(state: Blake3State): Uint8Array {
+        return state.clone().digest();
+    }
+
+    newEd25519SigningKey(): Uint8Array {
+        return ed25519.utils.randomPrivateKey();
+    }
+
+    getSignerID(secret: SignerSecret): SignerID {
+        return `signer_z${base58.encode(
+            ed25519.getPublicKey(
+                base58.decode(secret.substring("signerSecret_z".length)),
+            ),
+        )}`;
+    }
+
+    sign(secret: SignerSecret, message: JsonValue): Signature {
+        const signature = ed25519.sign(
+            textEncoder.encode(stableStringify(message)),
+            base58.decode(secret.substring("signerSecret_z".length)),
+        );
+        return `signature_z${base58.encode(signature)}`;
+    }
+
+    verify(signature: Signature, message: JsonValue, id: SignerID): boolean {
+        return ed25519.verify(
+            base58.decode(signature.substring("signature_z".length)),
+            textEncoder.encode(stableStringify(message)),
+            base58.decode(id.substring("signer_z".length)),
+        );
+    }
+
+    newX25519StaticSecret(): Uint8Array {
+        return x25519.utils.randomPrivateKey();
+    }
+
+    getSealerID(secret: SealerSecret): SealerID {
+        return `sealer_z${base58.encode(
+            x25519.getPublicKey(
+                base58.decode(secret.substring("sealerSecret_z".length)),
+            ),
+        )}`;
+    }
+
+    encrypt<T extends JsonValue, N extends JsonValue>(
+        value: T,
+        keySecret: KeySecret,
+        nOnceMaterial: N,
+    ): Encrypted<T, N> {
+        const keySecretBytes = base58.decode(
+            keySecret.substring("keySecret_z".length),
+        );
+        const nOnce = this.blake3HashOnce(
+            textEncoder.encode(stableStringify(nOnceMaterial)),
+        ).slice(0, 24);
+
+        const plaintext = textEncoder.encode(stableStringify(value));
+        const ciphertext = xsalsa20(keySecretBytes, nOnce, plaintext);
+        return `encrypted_U${bytesToBase64url(ciphertext)}` as Encrypted<T, N>;
+    }
+
+    decryptRaw<T extends JsonValue, N extends JsonValue>(
+        encrypted: Encrypted<T, N>,
+        keySecret: KeySecret,
+        nOnceMaterial: N,
+    ): Stringified<T> {
+        const keySecretBytes = base58.decode(
+            keySecret.substring("keySecret_z".length),
+        );
+        const nOnce = this.blake3HashOnce(
+            textEncoder.encode(stableStringify(nOnceMaterial)),
+        ).slice(0, 24);
+
+        const ciphertext = base64URLtoBytes(
+            encrypted.substring("encrypted_U".length),
+        );
+        const plaintext = xsalsa20(keySecretBytes, nOnce, ciphertext);
+
+        return textDecoder.decode(plaintext) as Stringified<T>;
+    }
+
+    seal<T extends JsonValue>({
+        message,
+        from,
+        to,
+        nOnceMaterial,
+    }: {
+        message: T;
+        from: SealerSecret;
+        to: SealerID;
+        nOnceMaterial: { in: RawCoID; tx: TransactionID };
+    }): Sealed<T> {
+        const nOnce = this.blake3HashOnce(
+            textEncoder.encode(stableStringify(nOnceMaterial)),
+        ).slice(0, 24);
+
+        const sealerPub = base58.decode(to.substring("sealer_z".length));
+
+        const senderPriv = base58.decode(
+            from.substring("sealerSecret_z".length),
+        );
+
+        const plaintext = textEncoder.encode(stableStringify(message));
+
+        const sharedSecret = x25519.getSharedSecret(senderPriv, sealerPub);
+
+        const sealedBytes = xsalsa20_poly1305(sharedSecret, nOnce).encrypt(
+            plaintext,
+        );
+
+        return `sealed_U${bytesToBase64url(sealedBytes)}` as Sealed<T>;
+    }
+
+    unseal<T extends JsonValue>(
+        sealed: Sealed<T>,
+        sealer: SealerSecret,
+        from: SealerID,
+        nOnceMaterial: { in: RawCoID; tx: TransactionID },
+    ): T | undefined {
+        const nOnce = this.blake3HashOnce(
+            textEncoder.encode(stableStringify(nOnceMaterial)),
+        ).slice(0, 24);
+
+        const sealerPriv = base58.decode(
+            sealer.substring("sealerSecret_z".length),
+        );
+
+        const senderPub = base58.decode(from.substring("sealer_z".length));
+
+        const sealedBytes = base64URLtoBytes(
+            sealed.substring("sealed_U".length),
+        );
+
+        const sharedSecret = x25519.getSharedSecret(sealerPriv, senderPub);
+
+        const plaintext = xsalsa20_poly1305(sharedSecret, nOnce).decrypt(
+            sealedBytes,
+        );
+
+        try {
+            return JSON.parse(textDecoder.decode(plaintext));
+        } catch (e) {
+            console.error("Failed to decrypt/parse sealed message", e);
+            return undefined;
+        }
+    }
+}