favalib 0.0.4 → 0.0.5

package/build/Command/BaseCommand.d.mts

@@ -30,9 +30,9 @@ declare abstract class BaseCommand<T extends CommandData = CommandData> {
     /**
      * Creates an undo command that, when executed, reverses the effects of this command.
      * @param VaultDataManager - The TwoFaLibMediator instance to use for creating the undo command.
-     * @returns A BaseCommand instance that undoes this command.
+     * @returns A BaseCommand instance that undoes this command or false if this command has no undo.
      */
-    abstract createUndoCommand(TwoFaLibMediator: TwoFaLibMediator): BaseCommand;
+    abstract createUndoCommand(TwoFaLibMediator: TwoFaLibMediator): BaseCommand | false;
     /**
      * Creates a new instance of the command with the provided data.
      * @param data - The data to use for creating the new command instance.

package/build/Command/commandConstructors.d.mts

@@ -2,10 +2,12 @@ import AddEntryCommand from './commands/AddEntryCommand.mjs';
 import AddSyncDeviceCommand from './commands/AddSyncDeviceCommand.mjs';
 import DeleteEntryCommand from './commands/DeleteEntryCommand.mjs';
 import UpdateEntryCommand from './commands/UpdateEntryCommand.mjs';
+import ChangeSyncDeviceMetaCommand from './commands/ChangeSyncDeviceMetaCommand.mjs';
 declare const commandConstructors: {
     AddEntry: typeof AddEntryCommand;
     DeleteEntry: typeof DeleteEntryCommand;
     UpdateEntry: typeof UpdateEntryCommand;
     AddSyncDevice: typeof AddSyncDeviceCommand;
+    ChangeSyncDeviceMeta: typeof ChangeSyncDeviceMetaCommand;
 };
 export default commandConstructors;

package/build/Command/commandConstructors.mjs

@@ -2,10 +2,12 @@ import AddEntryCommand from './commands/AddEntryCommand.mjs';
 import AddSyncDeviceCommand from './commands/AddSyncDeviceCommand.mjs';
 import DeleteEntryCommand from './commands/DeleteEntryCommand.mjs';
 import UpdateEntryCommand from './commands/UpdateEntryCommand.mjs';
+import ChangeSyncDeviceMetaCommand from './commands/ChangeSyncDeviceMetaCommand.mjs';
 const commandConstructors = {
     AddEntry: AddEntryCommand,
     DeleteEntry: DeleteEntryCommand,
     UpdateEntry: UpdateEntryCommand,
     AddSyncDevice: AddSyncDeviceCommand,
+    ChangeSyncDeviceMeta: ChangeSyncDeviceMetaCommand,
 };
 export default commandConstructors;

package/build/Command/commands/AddSyncDeviceCommand.d.mts

@@ -1,10 +1,9 @@
 import type TwoFaLibMediator from '../../TwoFaLibMediator.mjs';
 import Command from '../BaseCommand.mjs';
-import type { DeviceId, DeviceType } from '../../interfaces/SyncTypes.mjs';
+import type { DeviceId } from '../../interfaces/SyncTypes.mjs';
 import type { PublicKey } from '../../interfaces/CryptoLib.mjs';
 export interface AddSyncDeviceData {
     deviceId: DeviceId;
-    deviceType: DeviceType;
     publicKey: PublicKey;
 }
 /**
@@ -12,13 +11,13 @@ export interface AddSyncDeviceData {
  */
 declare class AddSyncDeviceCommand extends Command<AddSyncDeviceData> {
     /**
-     * Creates a new AddEntryCommand instance.
+     * Creates a new AddSyncDeviceCommand instance.
      * @inheritdoc
      * @param data - The data of the entry to be added.
      */
     constructor(data: AddSyncDeviceData, id?: string, timestamp?: number, version?: string, fromRemote?: boolean);
     /**
-     * Executes the command to add the entry to the vault.
+     * Executes the command to add a sync device
      * @inheritdoc
      * @throws {InvalidCommandError} If the command data is invalid.
      */

package/build/Command/commands/AddSyncDeviceCommand.mjs

@@ -5,7 +5,7 @@ import Command from '../BaseCommand.mjs';
  */
 class AddSyncDeviceCommand extends Command {
     /**
-     * Creates a new AddEntryCommand instance.
+     * Creates a new AddSyncDeviceCommand instance.
      * @inheritdoc
      * @param data - The data of the entry to be added.
      */
@@ -13,7 +13,7 @@ class AddSyncDeviceCommand extends Command {
         super('AddSyncDevice', data, id, timestamp, version, fromRemote);
     }
     /**
-     * Executes the command to add the entry to the vault.
+     * Executes the command to add a sync device
      * @inheritdoc
      * @throws {InvalidCommandError} If the command data is invalid.
      */

package/build/Command/commands/ChangeSyncDeviceMetaCommand.d.mts

@@ -0,0 +1,32 @@
+import type TwoFaLibMediator from '../../TwoFaLibMediator.mjs';
+import Command from '../BaseCommand.mjs';
+import type { DeviceFriendlyName, DeviceId, DeviceType } from '../../interfaces/SyncTypes.mjs';
+export interface ChangeSyncDeviceMetaData {
+    deviceId: DeviceId;
+    newMeta: {
+        deviceFriendlyName: DeviceFriendlyName;
+        deviceType: DeviceType;
+    };
+}
+/**
+ * Represents a command that when executed changes the meta info of a sync device
+ */
+declare class ChangeSyncDeviceMetaCommand extends Command<ChangeSyncDeviceMetaData> {
+    /**
+     * Creates a new ChangeSyncDeviceMetaCommand instance.
+     * @inheritdoc
+     * @param data - The id of the device to change and the new meta info
+     */
+    constructor(data: ChangeSyncDeviceMetaData, id?: string, timestamp?: number, version?: string, fromRemote?: boolean);
+    /**
+     * Executes the command to change the sync device metadata
+     * @inheritdoc
+     * @throws {InvalidCommandError} If the referenced sync device cannot be found
+     */
+    execute(mediator: TwoFaLibMediator): Promise<void>;
+    /**
+     * @inheritdoc
+     */
+    createUndoCommand(): Command;
+}
+export default ChangeSyncDeviceMetaCommand;

package/build/Command/commands/ChangeSyncDeviceMetaCommand.mjs

@@ -0,0 +1,37 @@
+import { InvalidCommandError, TwoFALibError } from '../../TwoFALibError.mjs';
+import Command from '../BaseCommand.mjs';
+/**
+ * Represents a command that when executed changes the meta info of a sync device
+ */
+class ChangeSyncDeviceMetaCommand extends Command {
+    /**
+     * Creates a new ChangeSyncDeviceMetaCommand instance.
+     * @inheritdoc
+     * @param data - The id of the device to change and the new meta info
+     */
+    constructor(data, id, timestamp, version, fromRemote = false) {
+        super('ChangeSyncDeviceMeta', data, id, timestamp, version, fromRemote);
+    }
+    /**
+     * Executes the command to change the sync device metadata
+     * @inheritdoc
+     * @throws {InvalidCommandError} If the referenced sync device cannot be found
+     */
+    execute(mediator) {
+        const syncManager = mediator.getComponent('syncManager');
+        // eslint-disable-next-line @typescript-eslint/dot-notation
+        const device = syncManager['syncDevices'].find((d) => d.deviceId === this.data.deviceId);
+        if (!device) {
+            throw new InvalidCommandError('Trying to change meta of device that is not found');
+        }
+        device.meta = this.data.newMeta;
+        return Promise.resolve();
+    }
+    /**
+     * @inheritdoc
+     */
+    createUndoCommand() {
+        throw new TwoFALibError('Not implemented yet');
+    }
+}
+export default ChangeSyncDeviceMetaCommand;

package/build/TwoFaLib.d.mts

@@ -1,7 +1,7 @@
 import { TypedEventTarget } from 'typescript-event-target';
 import type CryptoLib from './interfaces/CryptoLib.mjs';
 import type { EncryptedPrivateKey, EncryptedSymmetricKey, Passphrase, PrivateKey, PublicKey, Salt, SymmetricKey } from './interfaces/CryptoLib.mjs';
-import type { DeviceId, DeviceType } from './interfaces/SyncTypes.mjs';
+import type { DeviceFriendlyName, DeviceId, DeviceType } from './interfaces/SyncTypes.mjs';
 import type { TwoFaLibEventMapEvents } from './interfaces/Events.mjs';
 import type { PassphraseExtraDict } from './interfaces/PassphraseExtraDict.js';
 import type { Vault, VaultSyncState } from './interfaces/Vault.mjs';
@@ -15,13 +15,14 @@ declare class TwoFaLib extends TypedEventTarget<TwoFaLibEventMapEvents> {
     static readonly version = "0.0.1";
     readonly deviceId: DeviceId;
     readonly deviceType: DeviceType;
+    deviceFriendlyName: DeviceFriendlyName;
     private mediator;
     private readonly publicKey;
     private readonly privateKey;
     readonly ready: Promise<unknown>;
     /**
      * Constructs a new instance of TwoFaLib. If a serverUrl is provided, the library will use it for its sync operations.
-     * @param deviceType - A unique identifier for this device type (e.g. 2fa-cli).
+     * @param deviceType - The identifier for this device type (e.g. 2fa-cli).
      * @param cryptoLib - An instance of CryptoLib that is compatible with the environment.
      * @param passphraseExtraDict - Additional words to be used for passphrase strength evaluation.
      * @param privateKey - The private key used for cryptographic operations.

package/build/TwoFaLib.mjs

@@ -17,7 +17,7 @@ class TwoFaLib extends TypedEventTarget {
     static { this.version = '0.0.1'; }
     /**
      * Constructs a new instance of TwoFaLib. If a serverUrl is provided, the library will use it for its sync operations.
-     * @param deviceType - A unique identifier for this device type (e.g. 2fa-cli).
+     * @param deviceType - The identifier for this device type (e.g. 2fa-cli).
      * @param cryptoLib - An instance of CryptoLib that is compatible with the environment.
      * @param passphraseExtraDict - Additional words to be used for passphrase strength evaluation.
      * @param privateKey - The private key used for cryptographic operations.
@@ -35,6 +35,7 @@ class TwoFaLib extends TypedEventTarget {
      */
     constructor(deviceType, cryptoLib, passphraseExtraDict, privateKey, symmetricKey, encryptedPrivateKey, encryptedSymmetricKey, salt, publicKey, deviceId, vault, syncState) {
         super();
+        this.deviceFriendlyName = '';
         if (!deviceType) {
             throw new InitializationError('Device type is required');
         }
@@ -73,7 +74,7 @@ class TwoFaLib extends TypedEventTarget {
         }
         if (syncState?.serverUrl) {
             // Initiate the syncManager
-            this.mediator.registerComponent('syncManager', new SyncManager(this.mediator, this.deviceType, this.publicKey, this.privateKey, syncState, this.deviceId));
+            this.mediator.registerComponent('syncManager', new SyncManager(this.mediator, this.publicKey, this.privateKey, syncState, this.deviceId));
         }
         else {
             // If no syncmanager we're ready now, otherwise the syncmanager is responsible for emitting the ready event
@@ -152,7 +153,7 @@ class TwoFaLib extends TypedEventTarget {
             devices: [],
             commandSendQueue: [],
         };
-        const newSyncManager = new SyncManager(this.mediator, this.deviceType, this.publicKey, this.privateKey, newSyncState, this.deviceId);
+        const newSyncManager = new SyncManager(this.mediator, this.publicKey, this.privateKey, newSyncState, this.deviceId);
         const success = await new Promise((resolve) => {
             this.addEventListener(TwoFaLibEvent.ConnectionToSyncServerStatusChanged, (event) => {
                 if (event.detail.newStatus === ConnectionStatus.CONNECTED) {
@@ -176,9 +177,11 @@ class TwoFaLib extends TypedEventTarget {
                 throw new SyncError(`Failed to connect to server at ${serverUrl}, not setting`);
             }
         }
-        // connection succeeded (or force=true), switch to the new syncManager
+        // connection succeeded (or force=true)
+        // switch to the new syncManager
         this.mediator.unRegisterComponent('syncManager');
         this.mediator.registerComponent('syncManager', newSyncManager);
+        // save
         await this.forceSave();
     }
     /**

package/build/interfaces/CommandTypes.d.mts

@@ -2,6 +2,7 @@ import type { AddEntryData } from '../Command/commands/AddEntryCommand.mjs';
 import type { DeleteEntryData } from '../Command/commands/DeleteEntryCommand.mjs';
 import type { UpdateEntryData } from '../Command/commands/UpdateEntryCommand.mjs';
 import type { AddSyncDeviceData } from '../Command/commands/AddSyncDeviceCommand.mjs';
+import type { ChangeSyncDeviceMetaData } from '../Command/commands/ChangeSyncDeviceMetaCommand.mjs';
 export type SyncCommand = ({
     type: 'AddEntry';
     data: AddEntryData;
@@ -14,7 +15,10 @@ export type SyncCommand = ({
 } | {
     type: 'AddSyncDevice';
     data: AddSyncDeviceData;
+} | {
+    type: 'ChangeSyncDeviceMeta';
+    data: ChangeSyncDeviceMetaData;
 }) & {
     id: string;
 };
-export type CommandData = AddEntryData | DeleteEntryData | UpdateEntryData | AddSyncDeviceData;
+export type CommandData = AddEntryData | DeleteEntryData | UpdateEntryData | AddSyncDeviceData | ChangeSyncDeviceMetaData;

package/build/interfaces/SyncTypes.d.mts

@@ -3,11 +3,16 @@ import type { JPakeThreePass, Round1Result } from 'jpake-ts';
 import { PublicKey, SyncKey } from './CryptoLib.mjs';
 export type DeviceId = Tagged<string, 'DeviceId'>;
 export type DeviceType = Tagged<string, 'DeviceType'>;
+export type DeviceFriendlyName = Tagged<string, 'DeviceFriendlyName'>;
 export interface SyncDevice {
     deviceId: DeviceId;
-    deviceType: DeviceType;
     publicKey: PublicKey;
+    meta?: {
+        deviceType: DeviceType;
+        deviceFriendlyName: DeviceFriendlyName;
+    };
 }
+export type PublicSyncDevice = Omit<SyncDevice, 'publicKey'>;
 export interface BaseAddDeviceFlow {
     jpak: JPakeThreePass;
     addDevicePassword: Uint8Array;
@@ -22,14 +27,12 @@ export interface AddDeviceFlowInitiator_Initiated extends BaseAddDeviceFlow {
 export interface AddDeviceFlowInitiator_SyncKeyCreated extends Omit<AddDeviceFlowInitiator_Initiated, 'state' | 'resolveContinuePromise'> {
     state: 'initiator:syncKeyCreated';
     responderDeviceId: DeviceId;
-    responderDeviceType: DeviceType;
     syncKey: SyncKey;
 }
 export interface AddDeviceFlowResponder_Initiated extends BaseAddDeviceFlow {
     state: 'responder:initated';
-    initiatorDeviceId: DeviceId;
     responderDeviceId: DeviceId;
-    initiatorDeviceType: DeviceType;
+    initiatorDeviceId: DeviceId;
 }
 export interface AddDeviceFlowResponder_SyncKeyCreated extends Omit<AddDeviceFlowResponder_Initiated, 'state'> {
     state: 'responder:syncKeyCreated';
@@ -39,7 +42,6 @@ export type ActiveAddDeviceFlow = AddDeviceFlowInitiator_Initiated | AddDeviceFl
 export interface InitiateAddDeviceFlowResult {
     addDevicePassword: string;
     initiatorDeviceId: DeviceId;
-    initiatorDeviceType: DeviceType;
     timestamp: number;
     pass1Result: Record<keyof Round1Result, string>;
 }

package/build/main.d.mts

@@ -3,10 +3,10 @@ import type Entry from './interfaces/Entry.mjs';
 import type { EntryId, NewEntry, EntryMeta, EntryType, TotpPayload, Token, EntryMetaWithToken } from './interfaces/Entry.mjs';
 import type CryptoLib from './interfaces/CryptoLib.mjs';
 import type { Encrypted, EncryptedPrivateKey, EncryptedSymmetricKey, EncryptedPublicKey, PrivateKey, SymmetricKey, PublicKey, Passphrase, Salt } from './interfaces/CryptoLib.mjs';
-import type { SyncDevice, DeviceId, DeviceType } from './interfaces/SyncTypes.mjs';
+import type { PublicSyncDevice, DeviceId, DeviceType, DeviceFriendlyName } from './interfaces/SyncTypes.mjs';
 import type { EncryptedVaultStateString, LockedRepresentationString } from './interfaces/Vault.mjs';
 import { TwoFALibError, InitializationError, AuthenticationError, EntryNotFoundError, TokenGenerationError } from './TwoFALibError.mjs';
 import { TwoFaLibEvent } from './TwoFaLibEvent.mjs';
 import { getTwoFaLibVaultCreationUtils } from './utils/creationUtils.mjs';
 export { TwoFaLib, TwoFALibError, getTwoFaLibVaultCreationUtils, InitializationError, AuthenticationError, EntryNotFoundError, TokenGenerationError, TwoFaLibEvent, };
-export type { Entry, EntryId, NewEntry, EntryMeta, EntryMetaWithToken, EntryType, TotpPayload, Token, EncryptedVaultStateString, LockedRepresentationString, CryptoLib, Encrypted, EncryptedPrivateKey, EncryptedPublicKey, EncryptedSymmetricKey, PrivateKey, SymmetricKey, PublicKey, Passphrase, Salt, DeviceId, DeviceType, SyncDevice, };
+export type { Entry, EntryId, NewEntry, EntryMeta, EntryMetaWithToken, EntryType, TotpPayload, Token, EncryptedVaultStateString, LockedRepresentationString, CryptoLib, Encrypted, EncryptedPrivateKey, EncryptedPublicKey, EncryptedSymmetricKey, PrivateKey, SymmetricKey, PublicKey, Passphrase, Salt, DeviceId, DeviceType, DeviceFriendlyName, PublicSyncDevice, };

package/build/subclasses/CommandManager.mjs

@@ -49,8 +49,15 @@ class CommandManager {
         const command = this.executedCommands.pop();
         if (command) {
             const undoCommand = command.createUndoCommand(this.mediator);
-            await undoCommand.execute(this.mediator);
-            this.undoneCommands.push(command);
+            // check if the last command was undoable
+            if (undoCommand) {
+                await undoCommand.execute(this.mediator);
+                this.undoneCommands.push(command);
+            }
+            else {
+                // if it was not, skip it
+                await this.undo();
+            }
         }
     }
     /**

package/build/subclasses/PersistentStorageManager.mjs

@@ -55,7 +55,8 @@ class PersistentStorageManager {
             vault,
             deviceId: this.deviceId,
             sync: {
-                devices: this.syncManager?.syncDevices ?? [],
+                // eslint-disable-next-line @typescript-eslint/dot-notation
+                devices: this.syncManager ? this.syncManager['syncDevices'] : [],
                 serverUrl: this.syncManager?.serverUrl,
                 commandSendQueue: this.syncManager?.getCommandSendQueue() ?? [],
             },

package/build/subclasses/SyncManager.d.mts

@@ -1,11 +1,10 @@
-import { SyncDevice, DeviceId, DeviceType } from '../interfaces/SyncTypes.mjs';
+import { SyncDevice, DeviceId, PublicSyncDevice } from '../interfaces/SyncTypes.mjs';
 import type { PrivateKey, PublicKey } from '../interfaces/CryptoLib.mjs';
 import type Command from '../Command/BaseCommand.mjs';
 import type TwoFaLibMediator from '../TwoFaLibMediator.mjs';
 import { VaultSyncStateWithServerUrl } from '../interfaces/Vault.mjs';
 import { SyncCommandFromServer } from 'favaserver/ServerMessage';
 import { SyncCommandFromClient } from 'favaserver/ClientMessage';
-import type { AddSyncDeviceData } from '../Command/commands/AddSyncDeviceCommand.mjs';
 export declare enum ConnectionStatus {
     CONNECTING = 0,
     CONNECTED = 1,
@@ -17,14 +16,13 @@ export declare enum ConnectionStatus {
  */
 declare class SyncManager {
     private readonly mediator;
-    private readonly deviceType;
     private readonly publicKey;
     private readonly privateKey;
     private ws?;
     private activeAddDeviceFlow?;
     private readonly reconnectInterval;
     readonly serverUrl: string;
-    syncDevices: SyncDevice[];
+    private syncDevices;
     deviceId: DeviceId;
     private readyEventEmitted;
     private commandSendQueue;
@@ -37,17 +35,21 @@ declare class SyncManager {
      * @returns The command send queue.
      */
     getCommandSendQueue(): SyncCommandFromClient[];
+    /**
+     * Public getter for the sync devices
+     * @returns The sync devices (without their public key)
+     */
+    getSyncDevices(): PublicSyncDevice[];
     /**
      * Creates an instance of SyncManager.
      * @param mediator - The mediator for accessing other components.
-     * @param deviceType - The type of the device.
      * @param publicKey - The public key of the device.
      * @param privateKey - The private key of the device.
      * @param syncState - The state of the sync.
      * @param deviceId - The unique identifier of the device.
      * @throws {InitializationError} If initialization fails (e.g., if the server URL is invalid).
      */
-    constructor(mediator: TwoFaLibMediator, deviceType: DeviceType, publicKey: PublicKey, privateKey: PrivateKey, syncState: VaultSyncStateWithServerUrl, deviceId: DeviceId);
+    constructor(mediator: TwoFaLibMediator, publicKey: PublicKey, privateKey: PrivateKey, syncState: VaultSyncStateWithServerUrl, deviceId: DeviceId);
     private get libraryLoader();
     private get cryptoLib();
     private get persistentStorageManager();
@@ -130,8 +132,9 @@ declare class SyncManager {
     respondToAddDeviceFlow(initiatorData: string | Uint8Array | File, initiatorDataType: 'text' | 'qr'): Promise<void>;
     private finishAddDeviceFlowKeyExchangeInitiator;
     private finishAddDeviceFlowKeyExchangeResponder;
-    private sendInitialVaultData;
+    private sendFullVaultData;
     private importInitialVaultState;
+    private importVaultState;
     /**
      * Cancels the active add sync device flow.
      * @throws {SyncNoServerConnectionError} If there is no server connection.
@@ -156,11 +159,20 @@ declare class SyncManager {
      * @throws {CryptoError} If decryption fails.
      */
     receiveCommands(encryptedCommands: SyncCommandFromServer[]): Promise<void>;
+    /**
+     * Sends vault data to the server for each sync device
+     */
+    private resilver;
     /**
      * Add a sync device
      * @param deviceInfo - The info about the device
+     * @param saveAfter - Whether to save the new vault after adding it (set to false when adding multiple devices)
+     */
+    addSyncDevice(deviceInfo: SyncDevice, saveAfter?: boolean): Promise<void>;
+    /**
+     * Requests a resilver of the vault
      */
-    addSyncDevice(deviceInfo: AddSyncDeviceData): Promise<void>;
+    requestResilver(): void;
     /**
      * Function to call when the server connection should be closed
      */

package/build/subclasses/SyncManager.mjs

@@ -30,19 +30,29 @@ class SyncManager {
     getCommandSendQueue() {
         return this.commandSendQueue;
     }
+    /**
+     * Public getter for the sync devices
+     * @returns The sync devices (without their public key)
+     */
+    getSyncDevices() {
+        return this.syncDevices
+            .filter((d) => d.deviceId !== this.deviceId)
+            .map((d) => ({
+            deviceId: d.deviceId,
+            meta: d.meta,
+        }));
+    }
     /**
      * Creates an instance of SyncManager.
      * @param mediator - The mediator for accessing other components.
-     * @param deviceType - The type of the device.
      * @param publicKey - The public key of the device.
      * @param privateKey - The private key of the device.
      * @param syncState - The state of the sync.
      * @param deviceId - The unique identifier of the device.
      * @throws {InitializationError} If initialization fails (e.g., if the server URL is invalid).
      */
-    constructor(mediator, deviceType, publicKey, privateKey, syncState, deviceId) {
+    constructor(mediator, publicKey, privateKey, syncState, deviceId) {
         this.mediator = mediator;
-        this.deviceType = deviceType;
         this.publicKey = publicKey;
         this.privateKey = privateKey;
         this.reconnectInterval = IN_TESTING ? 100 : 5000; // 5 seconds
@@ -60,6 +70,11 @@ class SyncManager {
         this.commandSendQueue = commandSendQueue;
         this.serverUrl = serverUrl;
         this.initServerConnection();
+        // add ourselves to the list of syncdevices if we're missing
+        void this.addSyncDevice({
+            deviceId: deviceId,
+            publicKey: this.publicKey,
+        }, false);
         // if not yet connected after 2 tries, emit ready event so we can continue
         this.connectionFailedTimeout = setTimeout(() => {
             if (!this.readyEventEmitted && !this.webSocketConnected) {
@@ -186,7 +201,7 @@ class SyncManager {
                     round1Result: jsonToUint8Array(unconvertedPass2Result.round1Result),
                     round2Result: jsonToUint8Array(unconvertedPass2Result.round2Result),
                 };
-                void this.finishAddDeviceFlowKeyExchangeInitiator(pass2Result, data.responderDeviceId, data.responderDeviceType);
+                void this.finishAddDeviceFlowKeyExchangeInitiator(pass2Result, data.responderDeviceId);
                 break;
             }
             case 'JPAKEPass3': {
@@ -198,13 +213,21 @@ class SyncManager {
             case 'publicKey': {
                 const { data } = message;
                 const { responderEncryptedPublicKey } = data;
-                void this.sendInitialVaultData(responderEncryptedPublicKey);
+                void this.sendFullVaultData(responderEncryptedPublicKey);
+                break;
+            }
+            case 'initialVault': {
+                const { data } = message;
+                const { encryptedVaultData } = data;
+                void this.importInitialVaultState(encryptedVaultData);
                 break;
             }
             case 'vault': {
                 const { data } = message;
-                const { encryptedVaultData, initiatorEncryptedPublicKey } = data;
-                void this.importInitialVaultState(encryptedVaultData, initiatorEncryptedPublicKey);
+                const { encryptedVaultData, encryptedSymmetricKey, fromDeviceId } = data;
+                void this.cryptoLib
+                    .decrypt(this.privateKey, encryptedSymmetricKey)
+                    .then((symmetricKey) => this.importVaultState(encryptedVaultData, symmetricKey, fromDeviceId));
                 break;
             }
             case 'syncCommandsReceived': {
@@ -217,6 +240,12 @@ class SyncManager {
                 void this.receiveCommands(commands);
                 break;
             }
+            case 'startResilver': {
+                // const { data } = message
+                // todo: check for missing deviceIds
+                void this.resilver();
+                break;
+            }
         }
     }
     attemptReconnect() {
@@ -259,7 +288,6 @@ class SyncManager {
         });
         // register this add device request at the server
         this.sendToServer('addSyncDeviceInitialiseData', {
-            initiatorDeviceType: this.deviceType,
             initiatorDeviceId: this.deviceId,
             timestamp,
             nonce: await this.getNonce(),
@@ -269,7 +297,6 @@ class SyncManager {
         const returnData = {
             addDevicePassword: uint8ArrayToBase64(addDevicePassword),
             initiatorDeviceId: this.deviceId,
-            initiatorDeviceType: this.deviceType,
             timestamp,
             pass1Result: {
                 G1: uint8ArrayToHex(pass1Result.G1),
@@ -306,12 +333,11 @@ class SyncManager {
         if (this.activeAddDeviceFlow) {
             throw new SyncAddDeviceFlowConflictError();
         }
-        const { addDevicePassword, initiatorDeviceId, timestamp, pass1Result, initiatorDeviceType: initiatorDeviceIdentifier, } = await decodeInitiatorData(initiatorData, initiatorDataType, await this.libraryLoader.getJsQrLib(), this.libraryLoader.getCanvasLib.bind(this));
+        const { addDevicePassword, initiatorDeviceId, timestamp, pass1Result } = await decodeInitiatorData(initiatorData, initiatorDataType, await this.libraryLoader.getJsQrLib(), this.libraryLoader.getCanvasLib.bind(this));
         if (!addDevicePassword ||
             !initiatorDeviceId ||
             !timestamp ||
-            !pass1Result ||
-            !initiatorDeviceIdentifier) {
+            !pass1Result) {
             throw new SyncError('Missing required fields in initiator data');
         }
         // Decode the base64 password
@@ -337,7 +363,6 @@ class SyncManager {
             addDevicePassword: decodedPassword,
             responderDeviceId: this.deviceId,
             initiatorDeviceId: initiatorDeviceId,
-            initiatorDeviceType: initiatorDeviceIdentifier,
             timestamp: Date.now(),
         };
         // respond to this add device request at the server
@@ -347,10 +372,9 @@ class SyncManager {
             pass2Result,
             responderDeviceId: this.deviceId,
             initiatorDeviceId: initiatorDeviceId,
-            responderDeviceType: this.deviceType,
         });
     }
-    async finishAddDeviceFlowKeyExchangeInitiator(pass2Result, responderDeviceId, responderDeviceType) {
+    async finishAddDeviceFlowKeyExchangeInitiator(pass2Result, responderDeviceId) {
         if (!this.ws || !this.webSocketConnected) {
             throw new SyncNoServerConnectionError();
         }
@@ -370,7 +394,6 @@ class SyncManager {
             ...this.activeAddDeviceFlow,
             state: 'initiator:syncKeyCreated',
             responderDeviceId: responderDeviceId,
-            responderDeviceType: responderDeviceType,
             syncKey,
         };
     }
@@ -400,7 +423,7 @@ class SyncManager {
             initiatorDeviceId: this.activeAddDeviceFlow.initiatorDeviceId,
         });
     }
-    async sendInitialVaultData(responderEncryptedPublicKey) {
+    async sendFullVaultData(responderEncryptedPublicKey) {
         if (!this.ws || !this.webSocketConnected) {
             throw new SyncNoServerConnectionError();
         }
@@ -415,51 +438,46 @@ class SyncManager {
         const decryptedPublicKey = await this.cryptoLib.decryptSymmetric(syncKey, responderEncryptedPublicKey);
         // get the vault data (encrypted with the sync key)
         const encryptedVaultData = await this.persistentStorageManager.getEncryptedVaultState(syncKey);
-        const initiatorEncryptedPublicKey = await this.cryptoLib.encryptSymmetric(syncKey, this.publicKey);
         // Send the encrypted vault data to the server
-        this.sendToServer('vault', {
+        this.sendToServer('initialVault', {
             nonce: await this.getNonce(),
             encryptedVaultData,
             initiatorDeviceId: this.activeAddDeviceFlow.initiatorDeviceId,
-            initiatorEncryptedPublicKey,
         });
-        // save the added the sync device, done via command so this is synced to
-        // all the other (already existing) sync devices
+        // save the added the sync device, done via command so this is synced to all sync devices
+        // this also re-adds the sync device to the just added sync device, which syncDevices list is now equal to our own
         const command = AddSyncDeviceCommand.create({
             deviceId: this.activeAddDeviceFlow.responderDeviceId,
-            deviceType: this.activeAddDeviceFlow.responderDeviceType,
             publicKey: decryptedPublicKey,
         });
         await this.commandManager.execute(command);
         // all done
         this.activeAddDeviceFlow = undefined;
     }
-    async importInitialVaultState(encryptedVaultState, encryptedPublicKey) {
+    async importInitialVaultState(encryptedVaultState) {
         if (this.activeAddDeviceFlow?.state !== 'responder:syncKeyCreated') {
             throw new SyncInWrongStateError(`Expected responder:syncKeyCreated, got ${this.activeAddDeviceFlow?.state}`);
         }
-        const syncKey = this.activeAddDeviceFlow.syncKey;
-        // Decrypt the received public key
-        const decryptedPublicKey = await this.cryptoLib.decryptSymmetric(syncKey, encryptedPublicKey);
-        const vaultState = JSON.parse(await this.cryptoLib.decryptSymmetric(syncKey, encryptedVaultState));
-        if (vaultState.deviceId !== this.activeAddDeviceFlow.initiatorDeviceId) {
-            throw new SyncError(`DeviceId mismatch when importing, expected ${this.activeAddDeviceFlow.initiatorDeviceId} got ${vaultState.deviceId}`);
-        }
-        this.syncDevices = vaultState.sync.devices;
-        this.mediator
-            .getComponent('vaultDataManager')
-            .replaceVault(vaultState.vault);
-        // Update the sync devices list with the initiator's information
-        // Not done as a command as all other devices already have the senders info
-        await this.addSyncDevice({
-            deviceId: this.activeAddDeviceFlow.initiatorDeviceId,
-            deviceType: this.activeAddDeviceFlow.initiatorDeviceType,
-            publicKey: decryptedPublicKey,
-        });
+        await this.importVaultState(encryptedVaultState, this.activeAddDeviceFlow.syncKey, this.activeAddDeviceFlow.initiatorDeviceId);
         // Reset the active add device flow
         this.activeAddDeviceFlow = undefined;
         this.dispatchLibEvent(TwoFaLibEvent.ConnectToExistingVaultFinished);
     }
+    async importVaultState(encryptedVaultState, symmetricKey, expectedDeviceId) {
+        const vaultState = JSON.parse(await this.cryptoLib.decryptSymmetric(symmetricKey, encryptedVaultState));
+        if (vaultState.deviceId !== expectedDeviceId) {
+            throw new SyncError(`DeviceId mismatch when importing, expected ${expectedDeviceId} got ${vaultState.deviceId}`);
+        }
+        this.syncDevices = vaultState.sync.devices;
+        for (const device of vaultState.sync.devices) {
+            await this.addSyncDevice(device, false);
+        }
+        const vaultDataManager = this.mediator.getComponent('vaultDataManager');
+        for (const entry of vaultState.vault) {
+            await vaultDataManager.addEntry(entry, false);
+        }
+        await this.persistentStorageManager.save();
+    }
     /**
      * Cancels the active add sync device flow.
      * @throws {SyncNoServerConnectionError} If there is no server connection.
@@ -487,6 +505,10 @@ class SyncManager {
     async sendCommand(command) {
         const commandJson = command.toJSON();
         await Promise.all(this.syncDevices.map(async (device) => {
+            if (device.deviceId === this.deviceId) {
+                // skip ourselves
+                return;
+            }
             const symmetricKey = await this.cryptoLib.createSymmetricKey();
             const encryptedSymmetricKey = await this.cryptoLib.encrypt(device.publicKey, symmetricKey);
             const encryptedCommand = await this.cryptoLib.encryptSymmetric(symmetricKey, JSON.stringify({
@@ -558,20 +580,50 @@ class SyncManager {
             });
         }
     }
+    /**
+     * Sends vault data to the server for each sync device
+     */
+    async resilver() {
+        for (const device of this.syncDevices) {
+            if (device.deviceId === this.deviceId) {
+                continue;
+            }
+            const symmetricKey = await this.cryptoLib.createSymmetricKey();
+            const encryptedSymmetricKey = await this.cryptoLib.encrypt(device.publicKey, symmetricKey);
+            const encryptedVaultData = await this.persistentStorageManager.getEncryptedVaultState(symmetricKey);
+            this.sendToServer('vault', {
+                forDeviceId: device.deviceId,
+                nonce: await this.getNonce(),
+                encryptedVaultData,
+                encryptedSymmetricKey,
+            });
+        }
+    }
     /**
      * Add a sync device
      * @param deviceInfo - The info about the device
+     * @param saveAfter - Whether to save the new vault after adding it (set to false when adding multiple devices)
      */
-    async addSyncDevice(deviceInfo) {
-        if (deviceInfo.deviceId === this.deviceId) {
-            // This is the command that adds this device to all sync devices
-            // besides the sender after the device add flow. We don't want to
-            // add ourselves to our syncDevices
+    async addSyncDevice(deviceInfo, saveAfter = true) {
+        if (this.syncDevices.some((d) => d.deviceId === deviceInfo.deviceId)) {
+            // we already have this device
             return;
         }
         this.log('info', `Adding syncdevice ${deviceInfo.deviceId} to ${this.deviceId}`);
-        this.syncDevices.push(deviceInfo);
-        await this.persistentStorageManager.save();
+        this.syncDevices.push({
+            ...deviceInfo,
+        });
+        if (saveAfter) {
+            await this.persistentStorageManager.save();
+        }
+    }
+    /**
+     * Requests a resilver of the vault
+     */
+    requestResilver() {
+        this.sendToServer('startResilver', {
+            deviceIds: this.syncDevices.map((d) => d.deviceId),
+        });
     }
     /**
      * Function to call when the server connection should be closed

package/build/subclasses/VaultDataManager.d.mts

@@ -42,10 +42,11 @@ declare class VaultDataManager {
     generateTokenForEntry(id: EntryId, timestamp?: number): Token;
     /**
      * Add a new entry to the vault.
-     * @param entry - The entry data to add (without an ID, as it will be generated).
+     * @param entry - The entry data to add
+     * @param saveAfter - Whether to save the new vault after adding it (set to false when adding multiple entries)
      * @returns A promise that resolves when the entry is added.
      */
-    addEntry(entry: Entry): Promise<void>;
+    addEntry(entry: Entry, saveAfter?: boolean): Promise<void>;
     /**
      * Delete an entry from the vault.
      * @param entryId - The identifier of the entry to delete.

package/build/subclasses/VaultDataManager.mjs

@@ -70,12 +70,19 @@ class VaultDataManager {
     }
     /**
      * Add a new entry to the vault.
-     * @param entry - The entry data to add (without an ID, as it will be generated).
+     * @param entry - The entry data to add
+     * @param saveAfter - Whether to save the new vault after adding it (set to false when adding multiple entries)
      * @returns A promise that resolves when the entry is added.
      */
-    async addEntry(entry) {
+    async addEntry(entry, saveAfter = true) {
+        if (this.vault.find((e) => e.id === entry.id)) {
+            // We already have this entry
+            return;
+        }
         this.vault.push(entry);
-        await this.persistentStorageManager.save();
+        if (saveAfter) {
+            await this.persistentStorageManager.save();
+        }
     }
     /**
      * Delete an entry from the vault.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "favalib",
-  "version": "0.0.4",
+  "version": "0.0.5",
   "description": "",
   "type": "module",
   "exports": {