npm - forkoff - Versions diffs - 1.0.16 → 1.0.18 - Mend

forkoff 1.0.16 → 1.0.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (157) hide show

package/README.md +3 -6
package/dist/approval.d.ts +1 -0
package/dist/approval.js +9 -0
package/dist/config.d.ts +3 -0
package/dist/config.js +62 -16
package/dist/crypto/e2eeManager.d.ts +49 -52
package/dist/crypto/e2eeManager.js +256 -181
package/dist/crypto/encryption.d.ts +8 -10
package/dist/crypto/encryption.js +29 -94
package/dist/crypto/index.d.ts +10 -0
package/dist/crypto/index.js +22 -0
package/dist/crypto/keyExchange.d.ts +6 -20
package/dist/crypto/keyExchange.js +18 -110
package/dist/crypto/keyGeneration.d.ts +2 -13
package/dist/crypto/keyGeneration.js +14 -88
package/dist/crypto/keyStorage.d.ts +32 -5
package/dist/crypto/keyStorage.js +152 -8
package/dist/crypto/sessionPersistence.d.ts +7 -13
package/dist/crypto/sessionPersistence.js +108 -33
package/dist/crypto/types.d.ts +24 -3
package/dist/crypto/types.js +2 -1
package/dist/crypto/websocketE2EE.d.ts +6 -17
package/dist/crypto/websocketE2EE.js +21 -38
package/dist/index.js +203 -280
package/dist/integration.d.ts +0 -1
package/dist/integration.js +2 -4
package/dist/logger.d.ts +15 -0
package/dist/logger.js +209 -1
package/dist/server.d.ts +30 -0
package/dist/server.js +162 -0
package/dist/startup.js +15 -6
package/dist/terminal.d.ts +1 -0
package/dist/terminal.js +94 -1
package/dist/tools/claude-process.d.ts +8 -0
package/dist/tools/claude-process.js +199 -26
package/dist/tools/claude-sessions.d.ts +1 -0
package/dist/tools/claude-sessions.js +36 -10
package/dist/tools/detector.js +11 -3
package/dist/tools/permission-hook.js +94 -27
package/dist/tools/permission-ipc.d.ts +1 -0
package/dist/tools/permission-ipc.js +61 -14
package/dist/transcript-streamer.d.ts +1 -0
package/dist/transcript-streamer.js +18 -4
package/dist/usage-tracker.d.ts +45 -0
package/dist/usage-tracker.js +243 -0
package/dist/websocket.d.ts +43 -12
package/dist/websocket.js +418 -214
package/package.json +7 -5
package/dist/__tests__/cli-commands.test.d.ts +0 -6
package/dist/__tests__/cli-commands.test.d.ts.map +0 -1
package/dist/__tests__/cli-commands.test.js +0 -213
package/dist/__tests__/cli-commands.test.js.map +0 -1
package/dist/__tests__/crypto/e2e-integration.test.d.ts +0 -17
package/dist/__tests__/crypto/e2e-integration.test.d.ts.map +0 -1
package/dist/__tests__/crypto/e2e-integration.test.js +0 -338
package/dist/__tests__/crypto/e2e-integration.test.js.map +0 -1
package/dist/__tests__/crypto/e2eeManager.test.d.ts +0 -2
package/dist/__tests__/crypto/e2eeManager.test.d.ts.map +0 -1
package/dist/__tests__/crypto/e2eeManager.test.js +0 -242
package/dist/__tests__/crypto/e2eeManager.test.js.map +0 -1
package/dist/__tests__/crypto/encryption.test.d.ts +0 -2
package/dist/__tests__/crypto/encryption.test.d.ts.map +0 -1
package/dist/__tests__/crypto/encryption.test.js +0 -116
package/dist/__tests__/crypto/encryption.test.js.map +0 -1
package/dist/__tests__/crypto/keyExchange.test.d.ts +0 -2
package/dist/__tests__/crypto/keyExchange.test.d.ts.map +0 -1
package/dist/__tests__/crypto/keyExchange.test.js +0 -84
package/dist/__tests__/crypto/keyExchange.test.js.map +0 -1
package/dist/__tests__/crypto/keyGeneration.test.d.ts +0 -2
package/dist/__tests__/crypto/keyGeneration.test.d.ts.map +0 -1
package/dist/__tests__/crypto/keyGeneration.test.js +0 -61
package/dist/__tests__/crypto/keyGeneration.test.js.map +0 -1
package/dist/__tests__/crypto/keyStorage.test.d.ts +0 -2
package/dist/__tests__/crypto/keyStorage.test.d.ts.map +0 -1
package/dist/__tests__/crypto/keyStorage.test.js +0 -133
package/dist/__tests__/crypto/keyStorage.test.js.map +0 -1
package/dist/__tests__/crypto/websocketIntegration.test.d.ts +0 -2
package/dist/__tests__/crypto/websocketIntegration.test.d.ts.map +0 -1
package/dist/__tests__/crypto/websocketIntegration.test.js +0 -259
package/dist/__tests__/crypto/websocketIntegration.test.js.map +0 -1
package/dist/__tests__/startup.test.d.ts +0 -11
package/dist/__tests__/startup.test.d.ts.map +0 -1
package/dist/__tests__/startup.test.js +0 -241
package/dist/__tests__/startup.test.js.map +0 -1
package/dist/__tests__/tools/claude-process.test.d.ts +0 -8
package/dist/__tests__/tools/claude-process.test.d.ts.map +0 -1
package/dist/__tests__/tools/claude-process.test.js +0 -430
package/dist/__tests__/tools/claude-process.test.js.map +0 -1
package/dist/__tests__/tools/permission-hook.test.d.ts +0 -17
package/dist/__tests__/tools/permission-hook.test.d.ts.map +0 -1
package/dist/__tests__/tools/permission-hook.test.js +0 -616
package/dist/__tests__/tools/permission-hook.test.js.map +0 -1
package/dist/__tests__/tools/permission-ipc.test.d.ts +0 -11
package/dist/__tests__/tools/permission-ipc.test.d.ts.map +0 -1
package/dist/__tests__/tools/permission-ipc.test.js +0 -612
package/dist/__tests__/tools/permission-ipc.test.js.map +0 -1
package/dist/__tests__/websocket.test.d.ts +0 -13
package/dist/__tests__/websocket.test.d.ts.map +0 -1
package/dist/__tests__/websocket.test.js +0 -204
package/dist/__tests__/websocket.test.js.map +0 -1
package/dist/api.d.ts +0 -44
package/dist/api.d.ts.map +0 -1
package/dist/api.js +0 -76
package/dist/api.js.map +0 -1
package/dist/approval.d.ts.map +0 -1
package/dist/approval.js.map +0 -1
package/dist/config.d.ts.map +0 -1
package/dist/config.js.map +0 -1
package/dist/crypto/e2eeManager.d.ts.map +0 -1
package/dist/crypto/e2eeManager.js.map +0 -1
package/dist/crypto/encryption.d.ts.map +0 -1
package/dist/crypto/encryption.js.map +0 -1
package/dist/crypto/keyExchange.d.ts.map +0 -1
package/dist/crypto/keyExchange.js.map +0 -1
package/dist/crypto/keyGeneration.d.ts.map +0 -1
package/dist/crypto/keyGeneration.js.map +0 -1
package/dist/crypto/keyStorage.d.ts.map +0 -1
package/dist/crypto/keyStorage.js.map +0 -1
package/dist/crypto/sessionPersistence.d.ts.map +0 -1
package/dist/crypto/sessionPersistence.js.map +0 -1
package/dist/crypto/types.d.ts.map +0 -1
package/dist/crypto/types.js.map +0 -1
package/dist/crypto/websocketE2EE.d.ts.map +0 -1
package/dist/crypto/websocketE2EE.js.map +0 -1
package/dist/index.d.ts.map +0 -1
package/dist/index.js.map +0 -1
package/dist/integration.d.ts.map +0 -1
package/dist/integration.js.map +0 -1
package/dist/logger.d.ts.map +0 -1
package/dist/logger.js.map +0 -1
package/dist/startup.d.ts.map +0 -1
package/dist/startup.js.map +0 -1
package/dist/terminal.d.ts.map +0 -1
package/dist/terminal.js.map +0 -1
package/dist/tools/__tests__/claude-sessions.test.d.ts +0 -2
package/dist/tools/__tests__/claude-sessions.test.d.ts.map +0 -1
package/dist/tools/__tests__/claude-sessions.test.js +0 -306
package/dist/tools/__tests__/claude-sessions.test.js.map +0 -1
package/dist/tools/claude-hooks.d.ts.map +0 -1
package/dist/tools/claude-hooks.js.map +0 -1
package/dist/tools/claude-process.d.ts.map +0 -1
package/dist/tools/claude-process.js.map +0 -1
package/dist/tools/claude-sessions.d.ts.map +0 -1
package/dist/tools/claude-sessions.js.map +0 -1
package/dist/tools/detector.d.ts.map +0 -1
package/dist/tools/detector.js.map +0 -1
package/dist/tools/index.d.ts.map +0 -1
package/dist/tools/index.js.map +0 -1
package/dist/tools/permission-hook.d.ts.map +0 -1
package/dist/tools/permission-hook.js.map +0 -1
package/dist/tools/permission-ipc.d.ts.map +0 -1
package/dist/tools/permission-ipc.js.map +0 -1
package/dist/transcript-streamer.d.ts.map +0 -1
package/dist/transcript-streamer.js.map +0 -1
package/dist/websocket.d.ts.map +0 -1
package/dist/websocket.js.map +0 -1
package/jest.config.js +0 -18

package/dist/crypto/keyStorage.js CHANGED Viewed

@@ -39,10 +39,29 @@ exports.deletePrivateKey = deletePrivateKey;
 exports.storeSessionKey = storeSessionKey;
 exports.getSessionKey = getSessionKey;
 exports.clearSessionKeys = clearSessionKeys;
+exports.storeSigningKeyPair = storeSigningKeyPair;
+exports.getSigningKeyPair = getSigningKeyPair;
+exports.loadTrustedPeerKeys = loadTrustedPeerKeys;
+exports.getTrustedPeerKey = getTrustedPeerKey;
+exports.trustPeerKey = trustPeerKey;
+exports.removeTrustedPeerKey = removeTrustedPeerKey;
+/**
+ * Key Storage Service
+ * Stores E2EE identity keys via OS keychain (keytar) and session keys in memory.
+ * Updated to use NaCl-compatible SessionKeys (sharedKey instead of encryptionKey).
+ */
 const keytar = __importStar(require("keytar"));
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+const os = __importStar(require("os"));
 const SERVICE_NAME = 'forkoff-cli';
 // In-memory storage for session keys (not persisted)
 const sessionKeyStore = new Map();
+// In-memory cache of trusted peer identity keys
+const trustedPeerKeys = new Map();
+// Path to trusted keys file
+const TRUSTED_KEYS_DIR = path.join(os.homedir(), '.forkoff-cli');
+const TRUSTED_KEYS_FILE = path.join(TRUSTED_KEYS_DIR, 'trusted-keys.json');
 /**
  * Stores private key in OS keychain
  * @param deviceId - Device ID
@@ -53,7 +72,7 @@ async function storePrivateKey(deviceId, privateKey) {
         await keytar.setPassword(SERVICE_NAME, `e2ee-private-key-${deviceId}`, privateKey);
     }
     catch (error) {
-        console.error('Failed to store private key in keychain:', error);
+        console.error('Failed to store private key in keychain:', error.message);
         throw error;
     }
 }
@@ -68,7 +87,7 @@ async function getPrivateKey(deviceId) {
         return key;
     }
     catch (error) {
-        console.error('Failed to retrieve private key from keychain:', error);
+        console.error('Failed to retrieve private key from keychain:', error.message);
         return null;
     }
 }
@@ -81,26 +100,29 @@ async function deletePrivateKey(deviceId) {
         await keytar.deletePassword(SERVICE_NAME, `e2ee-private-key-${deviceId}`);
     }
     catch (error) {
-        console.error('Failed to delete private key from keychain:', error);
+        console.error('Failed to delete private key from keychain:', error.message);
         throw error;
     }
 }
 /**
- * Stores session encryption key in memory
+ * Stores session key in memory
  * Session keys are ephemeral and not persisted to disk
  *
  * @param deviceId - Target device ID
- * @param encryptionKey - AES-256-GCM encryption key (32 bytes)
+ * @param sharedKey - NaCl secretbox shared key (32 bytes)
  * @param sessionId - Unique session identifier
  */
-function storeSessionKey(deviceId, encryptionKey, sessionId) {
+function storeSessionKey(deviceId, sharedKey, sessionId) {
     sessionKeyStore.set(deviceId, {
-        encryptionKey,
+        sharedKey,
         sessionId,
+        deviceId,
+        messageCounter: 0,
+        lastReceivedCounter: -1,
     });
 }
 /**
- * Retrieves session encryption key from memory
+ * Retrieves session key from memory
  * @param deviceId - Target device ID
  * @returns SessionKeys or null if not found
  */
@@ -114,4 +136,126 @@ function getSessionKey(deviceId) {
 function clearSessionKeys() {
     sessionKeyStore.clear();
 }
+// --- Ed25519 Signing Key Pair (for identity verification) ---
+/**
+ * Stores the Ed25519 signing key pair in OS keychain
+ */
+async function storeSigningKeyPair(deviceId, keyPair) {
+    try {
+        await keytar.setPassword(SERVICE_NAME, `e2ee-signing-public-${deviceId}`, keyPair.publicKey);
+        await keytar.setPassword(SERVICE_NAME, `e2ee-signing-secret-${deviceId}`, keyPair.secretKey);
+    }
+    catch (error) {
+        console.error('Failed to store signing key pair in keychain:', error.message);
+        throw error;
+    }
+}
+/**
+ * Retrieves the Ed25519 signing key pair from OS keychain
+ */
+async function getSigningKeyPair(deviceId) {
+    try {
+        const publicKey = await keytar.getPassword(SERVICE_NAME, `e2ee-signing-public-${deviceId}`);
+        const secretKey = await keytar.getPassword(SERVICE_NAME, `e2ee-signing-secret-${deviceId}`);
+        if (!publicKey || !secretKey)
+            return null;
+        return { publicKey, secretKey };
+    }
+    catch (error) {
+        console.error('Failed to retrieve signing key pair from keychain:', error.message);
+        return null;
+    }
+}
+// --- Trusted Peer Identity Keys (TOFU) ---
+/**
+ * Load trusted peer keys from disk into memory.
+ * Called once at init time. Validates file ownership and permissions.
+ */
+function loadTrustedPeerKeys() {
+    try {
+        if (!fs.existsSync(TRUSTED_KEYS_FILE))
+            return;
+        const stat = fs.lstatSync(TRUSTED_KEYS_FILE);
+        if (stat.isSymbolicLink()) {
+            console.error('[Security] Symlink detected at trusted-keys.json, refusing to read');
+            return;
+        }
+        // Verify file permissions — reject if world-readable/writable (non-Windows)
+        if (process.platform !== 'win32') {
+            const mode = stat.mode & 0o777;
+            if (mode & 0o077) {
+                console.error(`[Security] trusted-keys.json has unsafe permissions (${mode.toString(8)}), refusing to load. Fix with: chmod 600 ${TRUSTED_KEYS_FILE}`);
+                return;
+            }
+        }
+        const data = JSON.parse(fs.readFileSync(TRUSTED_KEYS_FILE, 'utf-8'));
+        if (data && typeof data === 'object') {
+            let count = 0;
+            for (const [deviceId, pubKey] of Object.entries(data)) {
+                if (typeof pubKey === 'string' && pubKey.length > 0 && pubKey.length < 256) {
+                    trustedPeerKeys.set(deviceId, pubKey);
+                    count++;
+                }
+            }
+            // Loaded trusted peer keys
+        }
+    }
+    catch {
+        // File doesn't exist or is malformed — start fresh
+    }
+}
+/**
+ * Save trusted peer keys from memory to disk.
+ */
+function saveTrustedPeerKeys() {
+    try {
+        if (!fs.existsSync(TRUSTED_KEYS_DIR)) {
+            fs.mkdirSync(TRUSTED_KEYS_DIR, { recursive: true, mode: 0o700 });
+        }
+        const data = {};
+        for (const [deviceId, pubKey] of trustedPeerKeys) {
+            data[deviceId] = pubKey;
+        }
+        // Atomic write via temp file + rename to prevent TOCTOU race condition
+        const tmpPath = TRUSTED_KEYS_FILE + '.tmp.' + process.pid;
+        fs.writeFileSync(tmpPath, JSON.stringify(data, null, 2), { encoding: 'utf-8', mode: 0o600 });
+        fs.renameSync(tmpPath, TRUSTED_KEYS_FILE);
+    }
+    catch (error) {
+        console.error('Failed to save trusted peer keys:', error.message);
+    }
+}
+/**
+ * Get the trusted identity public key for a peer device (TOFU).
+ * Returns null if no key is stored (first contact).
+ */
+function getTrustedPeerKey(deviceId) {
+    return trustedPeerKeys.get(deviceId) ?? null;
+}
+/**
+ * Store a peer's identity public key (TOFU — Trust On First Use).
+ * Returns false if a DIFFERENT key is already stored (potential MITM).
+ */
+function trustPeerKey(deviceId, identityPublicKey) {
+    const existing = trustedPeerKeys.get(deviceId);
+    if (existing && existing !== identityPublicKey) {
+        return false; // Key mismatch — possible MITM
+    }
+    if (!existing) {
+        trustedPeerKeys.set(deviceId, identityPublicKey);
+        saveTrustedPeerKeys();
+        // TOFU: trusted new identity key
+    }
+    return true;
+}
+/**
+ * Remove a peer's trusted identity key (used on re-pair to reset TOFU).
+ */
+function removeTrustedPeerKey(deviceId) {
+    if (trustedPeerKeys.has(deviceId)) {
+        trustedPeerKeys.delete(deviceId);
+        saveTrustedPeerKeys();
+        // TOFU: removed trusted key for re-pair reset
+    }
+}
 //# sourceMappingURL=keyStorage.js.map

package/dist/crypto/sessionPersistence.d.ts CHANGED Viewed

@@ -1,33 +1,27 @@
 import { SessionKeys } from './types';
 /**
- * Persists a session key to disk
- * @param deviceId - Current device ID
- * @param targetDeviceId - Target device ID
- * @param sessionKeys - Session encryption keys
+ * Initialize session persistence with a key for encrypting session files at rest.
+ * Derives a 32-byte key from the identity private key using NaCl hash.
+ */
+export declare function initSessionPersistence(identityPrivateKeyB64: string): void;
+/**
+ * Persists a session key to disk, encrypted at rest.
  */
 export declare function persistSessionKey(deviceId: string, targetDeviceId: string, sessionKeys: SessionKeys): void;
 /**
- * Loads a persisted session key from disk
- * @param deviceId - Current device ID
- * @param targetDeviceId - Target device ID
- * @returns SessionKeys or null if not found
+ * Loads a persisted session key from disk, decrypting if encrypted.
  */
 export declare function loadPersistedSessionKey(deviceId: string, targetDeviceId: string): SessionKeys | null;
 /**
  * Deletes a persisted session
- * @param deviceId - Current device ID
- * @param targetDeviceId - Target device ID
  */
 export declare function deletePersistedSession(deviceId: string, targetDeviceId: string): void;
 /**
  * Deletes all persisted sessions for a device
- * @param deviceId - Current device ID
  */
 export declare function deleteAllPersistedSessions(deviceId: string): void;
 /**
  * Lists all persisted sessions for a device
- * @param deviceId - Current device ID
- * @returns Array of target device IDs with active sessions
  */
 export declare function listPersistedSessions(deviceId: string): string[];
 //# sourceMappingURL=sessionPersistence.d.ts.map

package/dist/crypto/sessionPersistence.js CHANGED Viewed

@@ -32,7 +32,11 @@ var __importStar = (this && this.__importStar) || (function () {
         return result;
     };
 })();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.initSessionPersistence = initSessionPersistence;
 exports.persistSessionKey = persistSessionKey;
 exports.loadPersistedSessionKey = loadPersistedSessionKey;
 exports.deletePersistedSession = deletePersistedSession;
@@ -41,51 +45,97 @@ exports.listPersistedSessions = listPersistedSessions;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const os = __importStar(require("os"));
+const tweetnacl_1 = __importDefault(require("tweetnacl"));
+const tweetnacl_util_1 = require("tweetnacl-util");
 /**
  * Session Persistence
- * Stores session keys to disk so they survive reconnections after IP changes
+ * Stores session keys to disk so they survive reconnections after IP changes.
+ * Session data is encrypted at rest using a key derived from the device's identity private key.
  */
 const SESSION_STORE_DIR = path.join(os.homedir(), '.forkoff-cli', 'sessions');
+// In-memory encryption key for session files (derived from identity key at init)
+let sessionFileKey = null;
 /**
- * Ensures the session store directory exists
+ * Initialize session persistence with a key for encrypting session files at rest.
+ * Derives a 32-byte key from the identity private key using NaCl hash.
  */
+function initSessionPersistence(identityPrivateKeyB64) {
+    const privateKey = (0, tweetnacl_util_1.decodeBase64)(identityPrivateKeyB64);
+    // Use NaCl hash to derive a deterministic 32-byte key from the private key
+    // SHA-512 first 32 bytes = consistent encryption key for session files
+    const hash = tweetnacl_1.default.hash(privateKey);
+    sessionFileKey = hash.slice(0, 32);
+}
 function ensureSessionStoreExists() {
     if (!fs.existsSync(SESSION_STORE_DIR)) {
-        fs.mkdirSync(SESSION_STORE_DIR, { recursive: true });
+        fs.mkdirSync(SESSION_STORE_DIR, { recursive: true, mode: 0o700 });
+    }
+    else {
+        // SECURITY: Validate existing dir isn't world/group-writable (non-Windows only)
+        if (process.platform !== 'win32') {
+            const stat = fs.statSync(SESSION_STORE_DIR);
+            const mode = stat.mode & 0o777;
+            if (mode & 0o022) { // group or other writable
+                throw new Error(`Session store has unsafe permissions (${mode.toString(8)})`);
+            }
+        }
     }
 }
-/**
- * Gets the file path for a device's session
- */
+function sanitizeDeviceIdForPath(id) {
+    // Strip path traversal and dangerous characters
+    return id.replace(/[\/\\\.]+/g, '_').replace(/\.\./g, '_').substring(0, 64);
+}
 function getSessionFilePath(deviceId, targetDeviceId) {
-    return path.join(SESSION_STORE_DIR, `${deviceId}-${targetDeviceId}.json`);
+    const safeDeviceId = sanitizeDeviceIdForPath(deviceId);
+    const safeTargetId = sanitizeDeviceIdForPath(targetDeviceId);
+    const filePath = path.join(SESSION_STORE_DIR, `${safeDeviceId}-${safeTargetId}.json`);
+    // Ensure resolved path is within SESSION_STORE_DIR
+    const resolved = path.resolve(filePath);
+    if (!resolved.startsWith(path.resolve(SESSION_STORE_DIR))) {
+        throw new Error('E2EE: Session file path escapes store directory');
+    }
+    return filePath;
 }
 /**
- * Persists a session key to disk
- * @param deviceId - Current device ID
- * @param targetDeviceId - Target device ID
- * @param sessionKeys - Session encryption keys
+ * Persists a session key to disk, encrypted at rest.
  */
 function persistSessionKey(deviceId, targetDeviceId, sessionKeys) {
     try {
         ensureSessionStoreExists();
-        const data = {
-            encryptionKey: Array.from(sessionKeys.encryptionKey), // Convert Uint8Array to Array for JSON
+        const plainData = JSON.stringify({
+            sharedKey: Array.from(sessionKeys.sharedKey),
             sessionId: sessionKeys.sessionId,
+            deviceId: sessionKeys.deviceId,
+            messageCounter: sessionKeys.messageCounter,
+            lastReceivedCounter: sessionKeys.lastReceivedCounter,
             timestamp: new Date().toISOString(),
-        };
+        });
         const filePath = getSessionFilePath(deviceId, targetDeviceId);
-        fs.writeFileSync(filePath, JSON.stringify(data, null, 2), 'utf8');
+        // SECURITY: Atomic write via temp + rename to prevent TOCTOU
+        const tmpPath = filePath + '.tmp.' + process.pid;
+        if (!sessionFileKey) {
+            // SECURITY: Refuse to persist session keys in plaintext — wait for key initialization
+            console.error('[Security] Session persistence key not initialized, refusing to write plaintext session');
+            return;
+        }
+        // Encrypt session data at rest
+        const nonce = tweetnacl_1.default.randomBytes(tweetnacl_1.default.secretbox.nonceLength);
+        const messageBytes = new TextEncoder().encode(plainData);
+        const ciphertext = tweetnacl_1.default.secretbox(messageBytes, nonce, sessionFileKey);
+        const encrypted = {
+            _encrypted: true,
+            nonce: (0, tweetnacl_util_1.encodeBase64)(nonce),
+            ciphertext: (0, tweetnacl_util_1.encodeBase64)(ciphertext),
+        };
+        fs.writeFileSync(tmpPath, JSON.stringify(encrypted), { encoding: 'utf8', mode: 0o600 });
+        fs.renameSync(tmpPath, filePath);
     }
     catch (error) {
-        console.error('Failed to persist session key:', error);
+        console.error('Failed to persist session key:', error.message);
     }
 }
 /**
- * Loads a persisted session key from disk
- * @param deviceId - Current device ID
- * @param targetDeviceId - Target device ID
- * @returns SessionKeys or null if not found
+ * Loads a persisted session key from disk, decrypting if encrypted.
  */
 function loadPersistedSessionKey(deviceId, targetDeviceId) {
     try {
@@ -93,30 +143,58 @@ function loadPersistedSessionKey(deviceId, targetDeviceId) {
         if (!fs.existsSync(filePath)) {
             return null;
         }
-        const data = JSON.parse(fs.readFileSync(filePath, 'utf8'));
+        const stat = fs.lstatSync(filePath);
+        if (stat.isSymbolicLink()) {
+            console.error('[Security] Symlink detected at session file, refusing to read');
+            return null;
+        }
+        const raw = fs.readFileSync(filePath, 'utf8');
+        let data;
+        const parsed = JSON.parse(raw);
+        if (parsed._encrypted && sessionFileKey) {
+            // Decrypt at-rest encryption
+            const nonce = (0, tweetnacl_util_1.decodeBase64)(parsed.nonce);
+            const ciphertext = (0, tweetnacl_util_1.decodeBase64)(parsed.ciphertext);
+            const decrypted = tweetnacl_1.default.secretbox.open(ciphertext, nonce, sessionFileKey);
+            if (!decrypted) {
+                console.error('[Security] Session file decryption failed — key may have changed');
+                fs.unlinkSync(filePath);
+                return null;
+            }
+            data = JSON.parse(new TextDecoder().decode(decrypted));
+        }
+        else if (parsed._encrypted && !sessionFileKey) {
+            // Encrypted but no key available — skip
+            console.error('[Security] Session file is encrypted but decryption key not available');
+            return null;
+        }
+        else {
+            // Legacy unencrypted format
+            data = parsed;
+        }
         // Check if session is expired (older than 24 hours)
         const timestamp = new Date(data.timestamp);
         const now = new Date();
         const hoursSinceCreation = (now.getTime() - timestamp.getTime()) / (1000 * 60 * 60);
         if (hoursSinceCreation > 24) {
-            // Session expired, delete it
             fs.unlinkSync(filePath);
             return null;
         }
         return {
-            encryptionKey: new Uint8Array(data.encryptionKey),
+            sharedKey: new Uint8Array(data.sharedKey),
             sessionId: data.sessionId,
+            deviceId: data.deviceId || targetDeviceId,
+            messageCounter: data.messageCounter || 0,
+            lastReceivedCounter: data.lastReceivedCounter || -1,
         };
     }
     catch (error) {
-        console.error('Failed to load persisted session key:', error);
+        console.error('Failed to load persisted session key:', error.message);
         return null;
     }
 }
 /**
  * Deletes a persisted session
- * @param deviceId - Current device ID
- * @param targetDeviceId - Target device ID
  */
 function deletePersistedSession(deviceId, targetDeviceId) {
     try {
@@ -126,12 +204,11 @@ function deletePersistedSession(deviceId, targetDeviceId) {
         }
     }
     catch (error) {
-        console.error('Failed to delete persisted session:', error);
+        console.error('Failed to delete persisted session:', error.message);
     }
 }
 /**
  * Deletes all persisted sessions for a device
- * @param deviceId - Current device ID
  */
 function deleteAllPersistedSessions(deviceId) {
     try {
@@ -146,13 +223,11 @@ function deleteAllPersistedSessions(deviceId) {
         }
     }
     catch (error) {
-        console.error('Failed to delete all persisted sessions:', error);
+        console.error('Failed to delete all persisted sessions:', error.message);
     }
 }
 /**
  * Lists all persisted sessions for a device
- * @param deviceId - Current device ID
- * @returns Array of target device IDs with active sessions
  */
 function listPersistedSessions(deviceId) {
     try {
@@ -163,10 +238,10 @@ function listPersistedSessions(deviceId) {
         const prefix = `${deviceId}-`;
         return files
             .filter((file) => file.startsWith(prefix) && file.endsWith('.json'))
-            .map((file) => file.substring(prefix.length, file.length - 5)); // Remove prefix and .json
+            .map((file) => file.substring(prefix.length, file.length - 5));
     }
     catch (error) {
-        console.error('Failed to list persisted sessions:', error);
+        console.error('Failed to list persisted sessions:', error.message);
         return [];
     }
 }

package/dist/crypto/types.d.ts CHANGED Viewed

@@ -1,17 +1,20 @@
 /**
  * E2EE Type Definitions for ForkOff CLI
  *
- * X25519 key exchange + AES-256-GCM encryption
+ * X25519 key exchange + NaCl secretbox (XSalsa20-Poly1305)
+ * Compatible with mobile app's tweetnacl implementation.
  */
+/** X25519 key pair for Diffie-Hellman key exchange */
 export interface E2EEKeyPair {
     publicKey: string;
     privateKey: string;
 }
+/** Encrypted payload using NaCl secretbox (XSalsa20-Poly1305) */
 export interface EncryptedPayload {
     ciphertext: string;
     nonce: string;
-    authTag: string;
 }
+/** Full encrypted message sent over WebSocket */
 export interface EncryptedMessage {
     senderDeviceId: string;
     recipientDeviceId: string;
@@ -20,16 +23,34 @@ export interface EncryptedMessage {
     messageCounter: number;
     timestamp: string;
 }
+/** Derived session keys for a specific device-to-device connection */
 export interface SessionKeys {
-    encryptionKey: Uint8Array;
+    sharedKey: Uint8Array;
     sessionId: string;
+    deviceId: string;
+    messageCounter: number;
+    lastReceivedCounter: number;
+}
+/** Ed25519 signing key pair for identity verification during key exchange */
+export interface SigningKeyPair {
+    publicKey: string;
+    secretKey: string;
 }
+/** Key exchange initiation (sender → recipient via server) */
 export interface KeyExchangeInit {
     senderDeviceId: string;
     ephemeralPublicKey: string;
+    identityPublicKey?: string;
+    signature?: string;
 }
+/** Key exchange acknowledgment (recipient → sender via server) */
 export interface KeyExchangeAck {
+    senderDeviceId: string;
     recipientDeviceId: string;
     ephemeralPublicKey: string;
+    identityPublicKey?: string;
+    signature?: string;
 }
+/** E2EE session status */
+export type E2EESessionStatus = 'none' | 'initiating' | 'established' | 'failed';
 //# sourceMappingURL=types.d.ts.map

package/dist/crypto/types.js CHANGED Viewed

@@ -2,7 +2,8 @@
 /**
  * E2EE Type Definitions for ForkOff CLI
  *
- * X25519 key exchange + AES-256-GCM encryption
+ * X25519 key exchange + NaCl secretbox (XSalsa20-Poly1305)
+ * Compatible with mobile app's tweetnacl implementation.
  */
 Object.defineProperty(exports, "__esModule", { value: true });
 //# sourceMappingURL=types.js.map

package/dist/crypto/websocketE2EE.d.ts CHANGED Viewed

@@ -1,7 +1,8 @@
 import { WebSocketClient } from '../websocket';
 /**
- * WebSocket E2EE Integration
- * Adds end-to-end encryption capabilities to WebSocket client
+ * WebSocket E2EE Integration (legacy wrapper)
+ * E2EE is now wired directly into WebSocketClient.
+ * This class remains for backward compatibility.
  */
 export declare class WebSocketE2EEIntegration {
     private wsClient;
@@ -11,30 +12,18 @@ export declare class WebSocketE2EEIntegration {
     /**
      * Initializes E2EE and sets up event handlers
      */
-    initialize(deviceId: string, apiUrl: string, authToken: string): Promise<void>;
-    /**
-     * Sets up WebSocket event handlers for E2EE
-     */
+    initialize(deviceId: string): Promise<void>;
     private setupEventHandlers;
     /**
      * Initiates key exchange with a target device
      */
-    initiateKeyExchange(targetDeviceId: string): Promise<void>;
+    initiateKeyExchange(targetDeviceId: string): void;
     /**
      * Encrypts and sends a message to a target device
      */
     sendEncryptedMessage(plaintext: string, targetDeviceId: string, sessionId: string): void;
-    /**
-     * Checks if E2EE session exists for a device
-     */
     hasSession(deviceId: string): boolean;
-    /**
-     * Checks if E2EE is enabled
-     */
     isEnabled(): boolean;
-    /**
-     * Cleans up E2EE sessions
-     */
     cleanup(): void;
     private emitKeyExchangeInit;
     private emitKeyExchangeAck;
@@ -43,5 +32,5 @@ export declare class WebSocketE2EEIntegration {
 /**
  * Factory function to create E2EE-enabled WebSocket client
  */
-export declare function createE2EEWebSocketClient(wsClient: WebSocketClient, deviceId: string, apiUrl: string, authToken: string): Promise<WebSocketE2EEIntegration>;
+export declare function createE2EEWebSocketClient(wsClient: WebSocketClient, deviceId: string): Promise<WebSocketE2EEIntegration>;
 //# sourceMappingURL=websocketE2EE.d.ts.map