forkoff 1.0.17 → 1.0.18

package/dist/crypto/encryption.js

@@ -1,111 +1,46 @@
 "use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || (function () {
-    var ownKeys = function(o) {
-        ownKeys = Object.getOwnPropertyNames || function (o) {
-            var ar = [];
-            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
-            return ar;
-        };
-        return ownKeys(o);
-    };
-    return function (mod) {
-        if (mod && mod.__esModule) return mod;
-        var result = {};
-        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
-        __setModuleDefault(result, mod);
-        return result;
-    };
-})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.encrypt = encrypt;
 exports.decrypt = decrypt;
-const crypto = __importStar(require("crypto"));
-const ALGORITHM = 'aes-256-gcm';
-const NONCE_LENGTH = 12; // 96 bits for AES-GCM
-const AUTH_TAG_LENGTH = 16; // 128 bits for AES-GCM
 /**
- * Encrypts plaintext using AES-256-GCM
- *
- * @param plaintext - Text to encrypt
- * @param key - 32-byte encryption key (AES-256)
- * @returns EncryptedPayload with Base64-encoded ciphertext, nonce, and authTag
+ * Encryption/Decryption Service
+ * Uses NaCl secretbox (XSalsa20-Poly1305) for symmetric encryption.
+ * Compatible with mobile app's tweetnacl implementation.
+ */
+const tweetnacl_1 = __importDefault(require("tweetnacl"));
+const tweetnacl_util_1 = require("tweetnacl-util");
+/**
+ * Encrypt a plaintext string using NaCl secretbox.
+ * @param plaintext - The message to encrypt
+ * @param key - 32-byte shared secret key
+ * @returns EncryptedPayload with Base64-encoded ciphertext and nonce
  */
 function encrypt(plaintext, key) {
-    if (key.length !== 32) {
-        throw new Error('Encryption key must be 32 bytes (256 bits)');
-    }
-    // Generate random nonce (12 bytes)
-    const nonce = crypto.randomBytes(NONCE_LENGTH);
-    // Create cipher
-    const cipher = crypto.createCipheriv(ALGORITHM, key, nonce);
-    // Encrypt
-    const ciphertext = Buffer.concat([
-        cipher.update(plaintext, 'utf8'),
-        cipher.final(),
-    ]);
-    // Get authentication tag
-    const authTag = cipher.getAuthTag();
-    if (authTag.length !== AUTH_TAG_LENGTH) {
-        throw new Error('Auth tag must be 16 bytes');
-    }
+    const nonce = tweetnacl_1.default.randomBytes(tweetnacl_1.default.secretbox.nonceLength); // 24 bytes
+    const messageBytes = (0, tweetnacl_util_1.decodeUTF8)(plaintext);
+    const ciphertext = tweetnacl_1.default.secretbox(messageBytes, nonce, key);
     return {
-        ciphertext: ciphertext.toString('base64'),
-        nonce: nonce.toString('base64'),
-        authTag: authTag.toString('base64'),
+        ciphertext: (0, tweetnacl_util_1.encodeBase64)(ciphertext),
+        nonce: (0, tweetnacl_util_1.encodeBase64)(nonce),
     };
 }
 /**
- * Decrypts ciphertext using AES-256-GCM
- *
- * @param payload - EncryptedPayload with Base64-encoded ciphertext, nonce, and authTag
- * @param key - 32-byte encryption key (AES-256)
- * @returns Decrypted plaintext
+ * Decrypt an EncryptedPayload back to plaintext.
+ * @param payload - The encrypted payload (ciphertext + nonce)
+ * @param key - 32-byte shared secret key (must match encryption key)
+ * @returns Decrypted plaintext string
  * @throws Error if decryption fails (wrong key, tampered data, etc.)
  */
 function decrypt(payload, key) {
-    if (key.length !== 32) {
-        throw new Error('Decryption key must be 32 bytes (256 bits)');
-    }
-    // Decode from Base64
-    const ciphertext = Buffer.from(payload.ciphertext, 'base64');
-    const nonce = Buffer.from(payload.nonce, 'base64');
-    const authTag = Buffer.from(payload.authTag, 'base64');
-    if (nonce.length !== NONCE_LENGTH) {
-        throw new Error('Nonce must be 12 bytes');
-    }
-    if (authTag.length !== AUTH_TAG_LENGTH) {
-        throw new Error('Auth tag must be 16 bytes');
-    }
-    try {
-        // Create decipher
-        const decipher = crypto.createDecipheriv(ALGORITHM, key, nonce);
-        // Set auth tag for verification
-        decipher.setAuthTag(authTag);
-        // Decrypt
-        const plaintext = Buffer.concat([
-            decipher.update(ciphertext),
-            decipher.final(),
-        ]);
-        return plaintext.toString('utf8');
-    }
-    catch (error) {
-        throw new Error(`Decryption failed: ${error instanceof Error ? error.message : 'unknown error'}`);
+    const ciphertext = (0, tweetnacl_util_1.decodeBase64)(payload.ciphertext);
+    const nonce = (0, tweetnacl_util_1.decodeBase64)(payload.nonce);
+    const decrypted = tweetnacl_1.default.secretbox.open(ciphertext, nonce, key);
+    if (!decrypted) {
+        throw new Error('E2EE: Decryption failed - message may be tampered or wrong key');
     }
+    return (0, tweetnacl_util_1.encodeUTF8)(decrypted);
 }
 //# sourceMappingURL=encryption.js.map

package/dist/crypto/index.d.ts

@@ -0,0 +1,10 @@
+/**
+ * E2EE Crypto Module - Barrel Export
+ */
+export { generateKeyPair } from './keyGeneration';
+export { computeSharedKey } from './keyExchange';
+export { encrypt, decrypt } from './encryption';
+export { storePrivateKey, getPrivateKey, storeSessionKey, getSessionKey, clearSessionKeys } from './keyStorage';
+export { E2EEManager } from './e2eeManager';
+export type { E2EEKeyPair, EncryptedPayload, EncryptedMessage, SessionKeys, KeyExchangeInit, KeyExchangeAck, E2EESessionStatus, } from './types';
+//# sourceMappingURL=index.d.ts.map

package/dist/crypto/index.js

@@ -0,0 +1,22 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.E2EEManager = exports.clearSessionKeys = exports.getSessionKey = exports.storeSessionKey = exports.getPrivateKey = exports.storePrivateKey = exports.decrypt = exports.encrypt = exports.computeSharedKey = exports.generateKeyPair = void 0;
+/**
+ * E2EE Crypto Module - Barrel Export
+ */
+var keyGeneration_1 = require("./keyGeneration");
+Object.defineProperty(exports, "generateKeyPair", { enumerable: true, get: function () { return keyGeneration_1.generateKeyPair; } });
+var keyExchange_1 = require("./keyExchange");
+Object.defineProperty(exports, "computeSharedKey", { enumerable: true, get: function () { return keyExchange_1.computeSharedKey; } });
+var encryption_1 = require("./encryption");
+Object.defineProperty(exports, "encrypt", { enumerable: true, get: function () { return encryption_1.encrypt; } });
+Object.defineProperty(exports, "decrypt", { enumerable: true, get: function () { return encryption_1.decrypt; } });
+var keyStorage_1 = require("./keyStorage");
+Object.defineProperty(exports, "storePrivateKey", { enumerable: true, get: function () { return keyStorage_1.storePrivateKey; } });
+Object.defineProperty(exports, "getPrivateKey", { enumerable: true, get: function () { return keyStorage_1.getPrivateKey; } });
+Object.defineProperty(exports, "storeSessionKey", { enumerable: true, get: function () { return keyStorage_1.storeSessionKey; } });
+Object.defineProperty(exports, "getSessionKey", { enumerable: true, get: function () { return keyStorage_1.getSessionKey; } });
+Object.defineProperty(exports, "clearSessionKeys", { enumerable: true, get: function () { return keyStorage_1.clearSessionKeys; } });
+var e2eeManager_1 = require("./e2eeManager");
+Object.defineProperty(exports, "E2EEManager", { enumerable: true, get: function () { return e2eeManager_1.E2EEManager; } });
+//# sourceMappingURL=index.js.map

package/dist/crypto/keyExchange.d.ts

@@ -1,24 +1,10 @@
 /**
- * Computes X25519 shared secret using ECDH
+ * Compute a shared secret key from a private key and a remote public key.
+ * Uses NaCl's box.before which performs X25519 ECDH + HSalsa20 key derivation.
  *
- * @param privateKey - Base64-encoded X25519 private key (32 bytes)
- * @param publicKey - Base64-encoded X25519 public key (32 bytes)
- * @returns Shared secret (32 bytes)
+ * @param myPrivateKeyB64 - Base64-encoded 32-byte private key
+ * @param theirPublicKeyB64 - Base64-encoded 32-byte public key
+ * @returns 32-byte shared key suitable for NaCl secretbox encryption
  */
-export declare function computeSharedSecret(privateKey: string, publicKey: string): Uint8Array;
-/**
- * Derives a session encryption key from a shared secret using HKDF
- *
- * @param sharedSecret - Shared secret from X25519 key exchange
- * @returns Derived session key (32 bytes for AES-256)
- */
-export declare function deriveSessionKey(sharedSecret: Uint8Array): Uint8Array;
-/**
- * Performs complete key exchange: computes shared secret and derives session key
- *
- * @param myPrivateKey - My Base64-encoded X25519 private key
- * @param theirPublicKey - Their Base64-encoded X25519 public key
- * @returns Derived session encryption key (32 bytes for AES-256-GCM)
- */
-export declare function performKeyExchange(myPrivateKey: string, theirPublicKey: string): Uint8Array;
+export declare function computeSharedKey(myPrivateKeyB64: string, theirPublicKeyB64: string): Uint8Array;
 //# sourceMappingURL=keyExchange.d.ts.map

package/dist/crypto/keyExchange.js

@@ -1,119 +1,27 @@
 "use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || (function () {
-    var ownKeys = function(o) {
-        ownKeys = Object.getOwnPropertyNames || function (o) {
-            var ar = [];
-            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
-            return ar;
-        };
-        return ownKeys(o);
-    };
-    return function (mod) {
-        if (mod && mod.__esModule) return mod;
-        var result = {};
-        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
-        __setModuleDefault(result, mod);
-        return result;
-    };
-})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.computeSharedSecret = computeSharedSecret;
-exports.deriveSessionKey = deriveSessionKey;
-exports.performKeyExchange = performKeyExchange;
-const crypto = __importStar(require("crypto"));
+exports.computeSharedKey = computeSharedKey;
 /**
- * Computes X25519 shared secret using ECDH
- *
- * @param privateKey - Base64-encoded X25519 private key (32 bytes)
- * @param publicKey - Base64-encoded X25519 public key (32 bytes)
- * @returns Shared secret (32 bytes)
- */
-function computeSharedSecret(privateKey, publicKey) {
-    const privateKeyBytes = Buffer.from(privateKey, 'base64');
-    const publicKeyBytes = Buffer.from(publicKey, 'base64');
-    if (privateKeyBytes.length !== 32) {
-        throw new Error('Private key must be 32 bytes');
-    }
-    if (publicKeyBytes.length !== 32) {
-        throw new Error('Public key must be 32 bytes');
-    }
-    // Create X25519 private key object from raw bytes
-    const privateKeyObject = crypto.createPrivateKey({
-        key: Buffer.concat([
-            // PKCS#8 header for X25519
-            Buffer.from([
-                0x30, 0x2e, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x6e,
-                0x04, 0x22, 0x04, 0x20,
-            ]),
-            privateKeyBytes,
-        ]),
-        format: 'der',
-        type: 'pkcs8',
-    });
-    // Create X25519 public key object from raw bytes
-    const publicKeyObject = crypto.createPublicKey({
-        key: Buffer.concat([
-            // SPKI header for X25519
-            Buffer.from([
-                0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x6e, 0x03, 0x21, 0x00,
-            ]),
-            publicKeyBytes,
-        ]),
-        format: 'der',
-        type: 'spki',
-    });
-    // Perform ECDH to compute shared secret
-    const sharedSecret = crypto.diffieHellman({
-        privateKey: privateKeyObject,
-        publicKey: publicKeyObject,
-    });
-    return new Uint8Array(sharedSecret);
-}
-/**
- * Derives a session encryption key from a shared secret using HKDF
- *
- * @param sharedSecret - Shared secret from X25519 key exchange
- * @returns Derived session key (32 bytes for AES-256)
+ * Key Exchange Service
+ * Performs X25519 Diffie-Hellman key exchange using NaCl box.before.
+ * Compatible with mobile app's tweetnacl implementation.
  */
-function deriveSessionKey(sharedSecret) {
-    if (sharedSecret.length !== 32) {
-        throw new Error('Shared secret must be 32 bytes');
-    }
-    // Use HKDF-SHA256 to derive session key
-    // Info string provides domain separation
-    const info = Buffer.from('forkoff-e2ee-session-key-v1', 'utf8');
-    const salt = Buffer.alloc(0); // Empty salt (optional for HKDF)
-    // Use synchronous HKDF (blocking but fast for 32-byte output)
-    const derivedKey = crypto.hkdfSync('sha256', Buffer.from(sharedSecret), salt, info, 32 // Output length: 32 bytes for AES-256
-    );
-    return new Uint8Array(derivedKey);
-}
+const tweetnacl_1 = __importDefault(require("tweetnacl"));
+const tweetnacl_util_1 = require("tweetnacl-util");
 /**
- * Performs complete key exchange: computes shared secret and derives session key
+ * Compute a shared secret key from a private key and a remote public key.
+ * Uses NaCl's box.before which performs X25519 ECDH + HSalsa20 key derivation.
  *
- * @param myPrivateKey - My Base64-encoded X25519 private key
- * @param theirPublicKey - Their Base64-encoded X25519 public key
- * @returns Derived session encryption key (32 bytes for AES-256-GCM)
+ * @param myPrivateKeyB64 - Base64-encoded 32-byte private key
+ * @param theirPublicKeyB64 - Base64-encoded 32-byte public key
+ * @returns 32-byte shared key suitable for NaCl secretbox encryption
  */
-function performKeyExchange(myPrivateKey, theirPublicKey) {
-    const sharedSecret = computeSharedSecret(myPrivateKey, theirPublicKey);
-    const sessionKey = deriveSessionKey(sharedSecret);
-    return sessionKey;
+function computeSharedKey(myPrivateKeyB64, theirPublicKeyB64) {
+    const myPrivateKey = (0, tweetnacl_util_1.decodeBase64)(myPrivateKeyB64);
+    const theirPublicKey = (0, tweetnacl_util_1.decodeBase64)(theirPublicKeyB64);
+    return tweetnacl_1.default.box.before(theirPublicKey, myPrivateKey);
 }
 //# sourceMappingURL=keyExchange.js.map

package/dist/crypto/keyGeneration.d.ts

@@ -1,18 +1,7 @@
 import { E2EEKeyPair } from './types';
 /**
- * Generates a random X25519 key pair for E2EE
- * Uses Node.js crypto module
- *
- * @returns E2EEKeyPair with Base64-encoded public and private keys (32 bytes each)
+ * Generate a new X25519 key pair for Diffie-Hellman key exchange.
+ * Uses NaCl's box keypair which generates X25519 keys.
  */
 export declare function generateKeyPair(): E2EEKeyPair;
-/**
- * Generates a deterministic X25519 key pair from a seed
- * Useful for testing and key derivation
- *
- * @param seed - 32-byte buffer to use as the private key seed
- * @returns E2EEKeyPair with Base64-encoded public and private keys
- * @throws Error if seed is not 32 bytes
- */
-export declare function generateKeyPairFromSeed(seed: Buffer): E2EEKeyPair;
 //# sourceMappingURL=keyGeneration.d.ts.map

package/dist/crypto/keyGeneration.js

@@ -1,99 +1,25 @@
 "use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || (function () {
-    var ownKeys = function(o) {
-        ownKeys = Object.getOwnPropertyNames || function (o) {
-            var ar = [];
-            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
-            return ar;
-        };
-        return ownKeys(o);
-    };
-    return function (mod) {
-        if (mod && mod.__esModule) return mod;
-        var result = {};
-        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
-        __setModuleDefault(result, mod);
-        return result;
-    };
-})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.generateKeyPair = generateKeyPair;
-exports.generateKeyPairFromSeed = generateKeyPairFromSeed;
-const crypto = __importStar(require("crypto"));
 /**
- * Generates a random X25519 key pair for E2EE
- * Uses Node.js crypto module
- *
- * @returns E2EEKeyPair with Base64-encoded public and private keys (32 bytes each)
+ * Key Generation Service
+ * Generates X25519 key pairs for E2EE using tweetnacl.
+ * Compatible with mobile app's tweetnacl implementation.
  */
-function generateKeyPair() {
-    const { publicKey, privateKey } = crypto.generateKeyPairSync('x25519', {
-        publicKeyEncoding: {
-            type: 'spki',
-            format: 'der',
-        },
-        privateKeyEncoding: {
-            type: 'pkcs8',
-            format: 'der',
-        },
-    });
-    // Extract raw 32-byte keys from DER-encoded buffers
-    // X25519 public key: last 32 bytes of SPKI
-    // X25519 private key: last 32 bytes of PKCS8
-    const rawPublicKey = publicKey.slice(-32);
-    const rawPrivateKey = privateKey.slice(-32);
-    return {
-        publicKey: rawPublicKey.toString('base64'),
-        privateKey: rawPrivateKey.toString('base64'),
-    };
-}
+const tweetnacl_1 = __importDefault(require("tweetnacl"));
+const tweetnacl_util_1 = require("tweetnacl-util");
 /**
- * Generates a deterministic X25519 key pair from a seed
- * Useful for testing and key derivation
- *
- * @param seed - 32-byte buffer to use as the private key seed
- * @returns E2EEKeyPair with Base64-encoded public and private keys
- * @throws Error if seed is not 32 bytes
+ * Generate a new X25519 key pair for Diffie-Hellman key exchange.
+ * Uses NaCl's box keypair which generates X25519 keys.
  */
-function generateKeyPairFromSeed(seed) {
-    if (seed.length !== 32) {
-        throw new Error('Seed must be exactly 32 bytes');
-    }
-    // In X25519, the private key IS the seed (32 random bytes)
-    // The public key is derived: publicKey = privateKey * basepoint
-    const privateKeyObject = crypto.createPrivateKey({
-        key: Buffer.concat([
-            Buffer.from([0x30, 0x2e, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x6e, 0x04, 0x22, 0x04, 0x20]),
-            seed,
-        ]),
-        format: 'der',
-        type: 'pkcs8',
-    });
-    const publicKeyObject = crypto.createPublicKey(privateKeyObject);
-    // Export raw keys
-    const publicKeyDER = publicKeyObject.export({ type: 'spki', format: 'der' });
-    const privateKeyDER = privateKeyObject.export({ type: 'pkcs8', format: 'der' });
-    const rawPublicKey = publicKeyDER.slice(-32);
-    const rawPrivateKey = privateKeyDER.slice(-32);
+function generateKeyPair() {
+    const keyPair = tweetnacl_1.default.box.keyPair();
     return {
-        publicKey: rawPublicKey.toString('base64'),
-        privateKey: rawPrivateKey.toString('base64'),
+        publicKey: (0, tweetnacl_util_1.encodeBase64)(keyPair.publicKey),
+        privateKey: (0, tweetnacl_util_1.encodeBase64)(keyPair.secretKey),
     };
 }
 //# sourceMappingURL=keyGeneration.js.map

package/dist/crypto/keyStorage.d.ts

@@ -1,4 +1,4 @@
-import { SessionKeys } from './types';
+import { SessionKeys, SigningKeyPair } from './types';
 /**
  * Stores private key in OS keychain
  * @param deviceId - Device ID
@@ -17,16 +17,16 @@ export declare function getPrivateKey(deviceId: string): Promise<string | null>;
  */
 export declare function deletePrivateKey(deviceId: string): Promise<void>;
 /**
- * Stores session encryption key in memory
+ * Stores session key in memory
  * Session keys are ephemeral and not persisted to disk
  *
  * @param deviceId - Target device ID
- * @param encryptionKey - AES-256-GCM encryption key (32 bytes)
+ * @param sharedKey - NaCl secretbox shared key (32 bytes)
  * @param sessionId - Unique session identifier
  */
-export declare function storeSessionKey(deviceId: string, encryptionKey: Uint8Array, sessionId: string): void;
+export declare function storeSessionKey(deviceId: string, sharedKey: Uint8Array, sessionId: string): void;
 /**
- * Retrieves session encryption key from memory
+ * Retrieves session key from memory
  * @param deviceId - Target device ID
  * @returns SessionKeys or null if not found
  */
@@ -36,4 +36,31 @@ export declare function getSessionKey(deviceId: string): SessionKeys | null;
  * Called on disconnect or logout
  */
 export declare function clearSessionKeys(): void;
+/**
+ * Stores the Ed25519 signing key pair in OS keychain
+ */
+export declare function storeSigningKeyPair(deviceId: string, keyPair: SigningKeyPair): Promise<void>;
+/**
+ * Retrieves the Ed25519 signing key pair from OS keychain
+ */
+export declare function getSigningKeyPair(deviceId: string): Promise<SigningKeyPair | null>;
+/**
+ * Load trusted peer keys from disk into memory.
+ * Called once at init time. Validates file ownership and permissions.
+ */
+export declare function loadTrustedPeerKeys(): void;
+/**
+ * Get the trusted identity public key for a peer device (TOFU).
+ * Returns null if no key is stored (first contact).
+ */
+export declare function getTrustedPeerKey(deviceId: string): string | null;
+/**
+ * Store a peer's identity public key (TOFU — Trust On First Use).
+ * Returns false if a DIFFERENT key is already stored (potential MITM).
+ */
+export declare function trustPeerKey(deviceId: string, identityPublicKey: string): boolean;
+/**
+ * Remove a peer's trusted identity key (used on re-pair to reset TOFU).
+ */
+export declare function removeTrustedPeerKey(deviceId: string): void;
 //# sourceMappingURL=keyStorage.d.ts.map