hypercore 11.0.11 → 11.0.13

package/index.js

@@ -146,6 +146,10 @@ class Hypercore extends EventEmitter {
     return crypto.discoveryKey(key)
   }
 
+  static blockEncryptionKey (key, encryptionKey) {
+    return BlockEncryption.blockEncryptionKey(key, encryptionKey)
+  }
+
   static getProtocolMuxer (stream) {
     return stream.noiseStream.userData
   }
@@ -226,6 +230,7 @@ class Hypercore extends EventEmitter {
 
   async setEncryptionKey (encryptionKey, opts) {
     if (!this.opened) await this.opening
+    if (this.core.unencrypted) return
     this.encryption = encryptionKey ? new BlockEncryption(encryptionKey, this.key, { compat: this.core.compat, ...opts }) : null
     if (!this.core.encryption) this.core.encryption = this.encryption
   }
@@ -313,7 +318,7 @@ class Hypercore extends EventEmitter {
 
     if (this.keyPair === null) this.keyPair = opts.keyPair || this.core.header.keyPair
 
-    if (!this.core.encryption) {
+    if (!this.core.encryption && !this.core.unencrypted) {
       const e = getEncryptionOption(opts)
       if (e) this.core.encryption = new BlockEncryption(e.key, this.key, { compat: this.core.compat, ...e })
     }
@@ -755,7 +760,8 @@ class Hypercore extends EventEmitter {
       block = b4a.from(block)
 
       if (this.encryption.compat !== this.core.compat) this._updateEncryption()
-      this.encryption.decrypt(index, block)
+      if (this.core.unencrypted) this.encryption = null
+      else this.encryption.decrypt(index, block)
     }
 
     return this._decode(encoding, block)
@@ -899,13 +905,13 @@ class Hypercore extends EventEmitter {
     const defaultKeyPair = this.state.name === null ? this.keyPair : null
 
     const { keyPair = defaultKeyPair, signature = null } = opts
-    const writable = !isDefault || !!signature || !!(keyPair && keyPair.secretKey)
+    const writable = !isDefault || !!signature || !!(keyPair && keyPair.secretKey) || opts.writable === true
 
     if (this._readonly || writable === false) throw SESSION_NOT_WRITABLE()
 
     blocks = Array.isArray(blocks) ? blocks : [blocks]
 
-    const preappend = this.encryption && this._preappend
+    const preappend = this.core.unencrypted ? null : (this.encryption && this._preappend)
 
     const buffers = this.encodeBatch !== null ? this.encodeBatch(blocks) : new Array(blocks.length)
 

package/lib/block-encryption.js

@@ -23,6 +23,12 @@ module.exports = class BlockEncryption {
     sodium.crypto_generichash(this.blindingKey, this.blockKey)
   }
 
+  static blockEncryptionKey (hypercoreKey, encryptionKey) {
+    const blockKey = b4a.alloc(sodium.crypto_stream_KEYBYTES)
+    sodium.crypto_generichash_batch(blockKey, [BLOCK_ENCRYPTION, hypercoreKey, encryptionKey])
+    return blockKey
+  }
+
   encrypt (index, block, fork) {
     const padding = block.subarray(0, this.padding)
     block = block.subarray(this.padding)

package/lib/core.js

@@ -41,6 +41,7 @@ module.exports = class Core {
     this.verifier = null
     this.truncating = 0
     this.updating = false
+    this.unencrypted = false
     this.skipBitfield = null
     this.globalCache = opts.globalCache || null
     this.autoClose = opts.autoClose !== false
@@ -258,13 +259,19 @@ module.exports = class Core {
       header.userData.push({ key, value: unslab(value) })
     }
 
-    // compat from earlier version that do not store contig length
-    // if (header.hints.contiguousLength === 0) {
-    //   while (bitfield.get(header.hints.contiguousLength)) header.hints.contiguousLength++
-    // }
+    const len = bitfield.findFirst(false, header.hints.contiguousLength)
+    if (header.hints.contiguousLength !== len) {
+      header.hints.contiguousLength = len
+      const tx = storage.write()
+      tx.setHints({ contiguousLength: len })
+      await tx.flush()
+    }
 
     // to unslab
-    if (header.manifest) header.manifest = Verifier.createManifest(header.manifest)
+    if (header.manifest) {
+      header.manifest = Verifier.createManifest(header.manifest)
+      this.unencrypted = header.manifest.unencrypted
+    }
 
     const verifier = header.manifest ? new Verifier(header.key, header.manifest, { crypto, legacy }) : null
 
@@ -329,6 +336,7 @@ module.exports = class Core {
     if (verifier.prologue) this.state.prologue = Object.assign({}, verifier.prologue)
 
     this.manifest = this.header.manifest = manifest
+    this.unencrypted = this.manifest.unencrypted
 
     tx.setAuth({
       key: this.header.key,
@@ -757,7 +765,7 @@ function parseHeader (info) {
     tree: info.head || getDefaultTree(),
     hints: {
       reorgs: [],
-      contiguousLength: 0
+      contiguousLength: info.hints ? info.hints.contiguousLength : 0
     }
   }
 }
@@ -769,11 +777,13 @@ async function getCoreInfo (storage) {
 
   const auth = r.getAuth()
   const head = r.getHead()
+  const hints = r.getHints()
 
   r.tryFlush()
 
   return {
     ...await auth,
-    head: await head
+    head: await head,
+    hints: await hints
   }
 }

package/lib/messages.js

@@ -136,7 +136,8 @@ const manifestv0 = {
         prologue: {
           hash: c.fixed32.decode(state),
           length: 0
-        }
+        },
+        unencrypted: false
       }
     }
 
@@ -147,7 +148,8 @@ const manifestv0 = {
         allowPatch: false,
         quorum: 1,
         signers: [signer.decode(state)],
-        prologue: null
+        prologue: null,
+        unencrypted: false
       }
     }
 
@@ -159,7 +161,8 @@ const manifestv0 = {
       allowPatch: (flags & 1) !== 0,
       quorum: c.uint.decode(state),
       signers: signerArray.decode(state),
-      prologue: null
+      prologue: null,
+      unencrypted: false
     }
   }
 }
@@ -180,7 +183,7 @@ const manifest = exports.manifest = {
     c.uint.encode(state, m.version)
     if (m.version === 0) return manifestv0.encode(state, m)
 
-    c.uint.encode(state, (m.allowPatch ? 1 : 0) | (m.prologue ? 2 : 0))
+    c.uint.encode(state, (m.allowPatch ? 1 : 0) | (m.prologue ? 2 : 0) | (m.unencrypted ? 4 : 0))
     hashes.encode(state, m.hash)
 
     c.uint.encode(state, m.quorum)
@@ -196,6 +199,7 @@ const manifest = exports.manifest = {
     const hash = hashes.decode(state)
     const quorum = c.uint.decode(state)
     const signers = signerArray.decode(state)
+    const unencrypted = (flags & 4) !== 0
 
     return {
       version: 1,
@@ -203,7 +207,8 @@ const manifest = exports.manifest = {
       allowPatch: (flags & 1) !== 0,
       quorum,
       signers,
-      prologue: (flags & 2) === 0 ? null : prologue.decode(state)
+      prologue: (flags & 2) === 0 ? null : prologue.decode(state),
+      unencrypted
     }
   }
 }

package/lib/session-state.js

@@ -537,7 +537,7 @@ module.exports = class SessionState {
         return
       }
 
-      if (p.drop) {
+      if (p.drop || p.truncated !== -1) {
         if (p.truncated !== b.start + b.length) throw INVALID_OPERATION('Atomic truncations must be contiguous')
         p.truncated = b.start
         return

package/lib/verifier.js

@@ -200,7 +200,8 @@ module.exports = class Verifier {
       allowPatch: !!inp.allowPatch,
       quorum: defaultQuorum(inp),
       signers: inp.signers ? inp.signers.map(parseSigner) : [],
-      prologue: null
+      prologue: null,
+      unencrypted: !!inp.unencrypted
     }
 
     if (inp.hash && inp.hash !== 'blake2b') throw BAD_ARGUMENT('Only Blake2b hashes are supported')

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "hypercore",
-  "version": "11.0.11",
+  "version": "11.0.13",
   "description": "Hypercore is a secure, distributed append-only log",
   "main": "index.js",
   "scripts": {