npm - hypercore - Versions diffs - 10.32.7 → 10.33.0 - Mend

hypercore 10.32.7 → 10.33.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/lib/caps.js CHANGED Viewed

@@ -25,11 +25,11 @@ exports.replicate = function (isInitiator, key, handshakeHash) {
   return out
 }
-exports.treeSignable = function (namespace, hash, length, fork) {
+exports.treeSignable = function (manifestHash, treeHash, length, fork) {
   const state = { start: 0, end: 112, buffer: b4a.allocUnsafe(112) }
-  c.raw.encode(state, TREE)
-  c.raw.encode(state, namespace)
-  c.raw.encode(state, hash)
+  c.fixed32.encode(state, TREE)
+  c.fixed32.encode(state, manifestHash)
+  c.fixed32.encode(state, treeHash)
   c.uint64.encode(state, length)
   c.uint64.encode(state, fork)
   return state.buffer
@@ -38,8 +38,8 @@ exports.treeSignable = function (namespace, hash, length, fork) {
 exports.treeSignableCompat = function (hash, length, fork, noHeader) {
   const end = noHeader ? 48 : 80
   const state = { start: 0, end, buffer: b4a.allocUnsafe(end) }
-  if (!noHeader) c.raw.encode(state, TREE) // ultra legacy mode, kill in future major
-  c.raw.encode(state, hash)
+  if (!noHeader) c.fixed32.encode(state, TREE) // ultra legacy mode, kill in future major
+  c.fixed32.encode(state, hash)
   c.uint64.encode(state, length)
   c.uint64.encode(state, fork)
   return state.buffer

package/lib/core.js CHANGED Viewed

@@ -158,7 +158,7 @@ module.exports = class Core {
       while (bitfield.get(header.hints.contiguousLength)) header.hints.contiguousLength++
     }
-    const verifier = header.manifest ? new Verifier(header.manifest, { compat: Verifier.isCompat(header.key, header.manifest), crypto, legacy }) : null
+    const verifier = header.manifest ? new Verifier(header.key, header.manifest, { crypto, legacy }) : null
     for (const e of entries) {
       if (e.userData) {
@@ -197,13 +197,12 @@ module.exports = class Core {
     if (!manifest && b4a.equals(keyPair.publicKey, this.header.key)) manifest = Verifier.defaultSignerManifest(this.header.key)
     if (!manifest) return
-    const compat = Verifier.isCompat(this.header.key, manifest)
-    const verifier = new Verifier(manifest, { compat, crypto: this.crypto, legacy: this._legacy })
+    const verifier = new Verifier(this.header.key, manifest, { crypto: this.crypto, legacy: this._legacy })
     if (verifier.prologue) this.tree.setPrologue(verifier.prologue)
-    this.compat = compat
     this.header.manifest = manifest
+    this.compat = verifier.compat
     this.verifier = verifier
     this._manifestFlushed = false
@@ -681,15 +680,15 @@ module.exports = class Core {
       }
     }
-    const verifier = this.verifier || new Verifier(manifest, { compat: Verifier.isCompat(this.header.key, manifest), crypto: this.crypto, legacy: this._legacy })
+    const verifier = this.verifier || new Verifier(this.header.key, manifest, { crypto: this.crypto, legacy: this._legacy })
     if (!verifier.verify(batch, batch.signature)) {
       throw INVALID_SIGNATURE('Proof contains an invalid signature')
     }
     if (!this.header.manifest) {
-      this.compat = Verifier.isCompat(this.header.key, manifest)
       this.header.manifest = manifest
+      this.compat = verifier.compat
       this.verifier = verifier
       this.onupdate(0b10000, null, null, null)
     }

package/lib/merkle-tree.js CHANGED Viewed

@@ -79,8 +79,8 @@ class MerkleTreeBatch {
     return this.hashCached
   }
-  signable (namespace) {
-    return caps.treeSignable(namespace, this.hash(), this.length, this.fork)
+  signable (manifestHash) {
+    return caps.treeSignable(manifestHash, this.hash(), this.length, this.fork)
   }
   signableCompat (noHeader) {

package/lib/verifier.js CHANGED Viewed

@@ -9,29 +9,35 @@ const multisig = require('./multisig')
 const caps = require('./caps')
 class Signer {
-  constructor (crypto, index, { signature = 'ed25519', publicKey, namespace = caps.DEFAULT_NAMESPACE } = {}) {
+  constructor (crypto, manifestHash, version, index, { signature = 'ed25519', publicKey, namespace = caps.DEFAULT_NAMESPACE } = {}) {
     if (!publicKey) throw BAD_ARGUMENT('public key is required for a signer')
     if (signature !== 'ed25519') throw BAD_ARGUMENT('Only Ed25519 signatures are supported')
     this.crypto = crypto
+    this.manifestHash = manifestHash
+    this.version = version
     this.signer = index
     this.signature = signature
     this.publicKey = publicKey
     this.namespace = namespace
   }
+  _ctx () {
+    return this.version === 0 ? this.namespace : this.manifestHash
+  }
   verify (batch, signature) {
-    return this.crypto.verify(batch.signable(this.namespace), signature, this.publicKey)
+    return this.crypto.verify(batch.signable(this._ctx()), signature, this.publicKey)
   }
   sign (batch, keyPair) {
-    return this.crypto.sign(batch.signable(this.namespace), keyPair.secretKey)
+    return this.crypto.sign(batch.signable(this._ctx()), keyPair.secretKey)
   }
 }
 class CompatSigner extends Signer {
   constructor (crypto, index, signer, legacy) {
-    super(crypto, index, signer)
+    super(crypto, null, 0, index, signer)
     this.legacy = legacy
   }
@@ -45,16 +51,24 @@ class CompatSigner extends Signer {
 }
 module.exports = class Verifier {
-  constructor (manifest, { compat = false, crypto = defaultCrypto, legacy = false } = {}) {
+  constructor (manifestHash, manifest, { compat = isCompat(manifestHash, manifest), crypto = defaultCrypto, legacy = false } = {}) {
+    const self = this
+    this.manifestHash = manifestHash
     this.compat = compat || manifest === null
     this.version = this.compat ? 0 : typeof manifest.version === 'number' ? manifest.version : 1
     this.hash = manifest.hash || 'blake2b'
     this.allowPatch = !this.compat && !!manifest.allowPatch
     this.quorum = this.compat ? 1 : defaultQuorum(manifest)
-    this.signers = manifest.signers
-      ? manifest.signers.map((s, index) => this.compat ? new CompatSigner(crypto, index, s, legacy) : new Signer(crypto, index, s))
-      : []
+    this.signers = manifest.signers ? manifest.signers.map(createSigner) : []
     this.prologue = this.compat ? null : (manifest.prologue || null)
+    function createSigner (signer, index) {
+      return self.compat
+        ? new CompatSigner(crypto, index, signer, legacy)
+        : new Signer(crypto, manifestHash, self.version, index, signer)
+    }
   }
   _verifyCompat (batch, signature) {
@@ -129,21 +143,22 @@ module.exports = class Verifier {
   // TODO: better api for this that is more ... multisig-ey
   sign (batch, keyPair) {
     if (!keyPair || !keyPair.secretKey) throw BAD_ARGUMENT('No key pair was passed')
-    if (this.signers.length > 1 || this.allowPatch) throw BAD_ARGUMENT('Can only sign directly for single signers')
-    const signature = this.signers[0].sign(batch, keyPair)
-    if (this.version !== 1) return signature
-    return this.assemble([{ signer: 0, signature, patch: 0, nodes: null }])
+    for (const s of this.signers) {
+      if (b4a.equals(s.publicKey, keyPair.publicKey)) {
+        const signature = s.sign(batch, keyPair)
+        if (this.signers.length !== 1 || this.version === 0) return signature
+        return this.assemble([{ signer: 0, signature, patch: 0, nodes: null }])
+      }
+    }
+    throw new BAD_ARGUMENT('Public key is not a declared signer')
   }
   assemble (inputs) {
     return this.version === 0 ? multisig.assemblev0(inputs) : multisig.assemble(inputs)
   }
-  manifestHash () {
-    return manifestHash(this)
-  }
   static manifestHash (manifest) {
     return manifestHash(manifest)
   }
@@ -163,6 +178,11 @@ module.exports = class Verifier {
     }
   }
+  static fromManifest (manifest, opts) {
+    const m = this.createManifest(manifest)
+    return new this(manifestHash(m), m, opts)
+  }
   static createManifest (inp) {
     if (!inp) return null
@@ -192,12 +212,11 @@ module.exports = class Verifier {
   }
   static isCompat (key, manifest) {
-    return !!(manifest && manifest.signers.length === 1 && b4a.equals(key, manifest.signers[0].publicKey))
+    return isCompat(key, manifest)
   }
   static sign (manifest, batch, keyPair, opts) {
-    const v = new Verifier(manifest, opts)
-    return v.sign(batch, keyPair)
+    return Verifier.fromManifest(manifest, opts).sign(batch, keyPair)
   }
 }
@@ -207,6 +226,10 @@ function toMap (nodes) {
   return m
 }
+function isCompat (key, manifest) {
+  return !!(manifest && manifest.signers.length === 1 && b4a.equals(key, manifest.signers[0].publicKey))
+}
 function defaultQuorum (man) {
   if (typeof man.quorum === 'number') return man.quorum
   if (!man.signers || !man.signers.length) return 0

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "hypercore",
-  "version": "10.32.7",
+  "version": "10.33.0",
   "description": "Hypercore is a secure, distributed append-only log",
   "main": "index.js",
   "scripts": {
@@ -34,7 +34,7 @@
     "messages.js",
     "lib/**.js"
   ],
-  "import": {
+  "imports": {
     "events": {
       "bare": "bare-events",
       "default": "events"