koishi-plugin-argus 0.1.0 → 0.4.0

package/lib/blur.d.ts

@@ -1,11 +1,21 @@
 export type BlurMode = 'gaussian' | 'fast';
 export interface BlurOptions {
-    /** 模糊半径，越大越糊。 */
+    /** 模糊半径，越大越糊。0 = 不模糊。 */
     radius: number;
-    /** 模糊算法。`gaussian` 质量好但慢；`fast` 用 jimp.blur，速度快。 */
+    /** 兼容旧字段；photon 实现里 'gaussian' 会多过一次 box_blur。 */
     mode?: BlurMode;
 }
 /**
- * 加载任意常见格式（png/jpg/webp 等）的图片，应用模糊后输出 PNG buffer。
+ * 模糊算法（photon WASM 实现）：
+ *
+ * 把图缩到 1/N 尺寸（N 由 radius 决定），不做 upsample 直接编 JPEG。
+ * 缩小本身就是强力模糊（细节都被平均掉了），同时 JPEG 编码体积小、耗时短，
+ * 整体在 100ms 量级完成。聊天客户端展示时会自动放大，看起来就是糊图。
+ *
+ * - radius 0      → 直接编 JPEG（不模糊）
+ * - radius 1..50  → factor = round(radius / 4) + 2 ≈ 2-15 倍下采样
+ * - radius 51..200 → factor = round(radius / 6) + 4 ≈ 12-37 倍下采样
+ *
+ * `mode='gaussian'` 时多过一次 box_blur 让边缘柔和。
  */
-export declare function blurImage(input: Buffer, options: BlurOptions): Promise<Buffer>;
+export declare function blurImage(input: Buffer, options: BlurOptions): Buffer;

package/lib/cache.d.ts

@@ -6,8 +6,10 @@ import type { PeekBusyFrame } from './types';
 export interface CachedPeek {
     cachedAt: number;
     expiresAt: number;
-    /** 已经过模糊处理的最终 PNG buffer，busy 时为空。 */
+    /** 已经过模糊处理的最终 buffer，busy 时为空。 */
     image?: Buffer;
+    /** 缓存图片的 mime（'image/png' | 'image/jpeg'）。 */
+    mime?: string;
     /** busy 状态：客户端在玩游戏 / 全屏。 */
     busy?: PeekBusyFrame;
 }

package/lib/compress.d.ts

@@ -0,0 +1,17 @@
+export interface CompressOptions {
+    /** 目标体积上限（字节）。 */
+    targetBytes: number;
+    /** 起始 jpeg 质量。 */
+    initialQuality?: number;
+    /** 最低 jpeg 质量。 */
+    minQuality?: number;
+}
+/**
+ * 把图片压到 `targetBytes` 以内的 JPEG。
+ *
+ * 性能优先（photon WASM 实现）：
+ *  - 输入已经 ≤ target → 直接返回（0 ms）。
+ *  - 否则估算 quality 编一遍。命中就完事；不行再 resize 一次。
+ *  - photon 的 resize 偏慢（~180ms / 2560x1440），所以放在最后兜底。
+ */
+export declare function compressToBudget(input: Buffer, options: CompressOptions): Buffer;

package/lib/crypto.d.ts

@@ -0,0 +1,11 @@
+/**
+ * AES-256-GCM 加密。返回 base64(iv | tag | ciphertext)。
+ */
+export declare function encryptBuffer(plain: Buffer, token: string): string;
+/**
+ * 解密 encryptBuffer 的输出。token 不对 / 数据被改 / 格式不匹配都会抛错。
+ */
+export declare function decryptBuffer(payloadBase64: string, token: string): Buffer;
+/** 协议字段：标识 image 字段使用何种加密。当前只用一种。 */
+export declare const ENC_ALGO: "aes-256-gcm";
+export type EncAlgo = typeof ENC_ALGO;

package/lib/index.cjs

@@ -23,14 +23,14 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 // src/locales/zh-CN.schema.yml
 var require_zh_CN_schema = __commonJS({
   "src/locales/zh-CN.schema.yml"(exports2, module2) {
-    module2.exports = { $desc: "Argus 配置", $inner: { path: "WebSocket 服务挂载路径，必须以 / 开头。", token: "客户端鉴权 token；为空时所有连接都会被拒绝。", commandName: "主命令名（例如 peek、spy、look）。", blur: "默认模糊半径，越大越糊（0 = 不模糊）。", blurMode: { $desc: "模糊算法", $inner: ["高斯模糊（质量好，但慢）", "快速模糊（jimp.blur，速度快）"] }, minBlur: "命令里 -b 临时调小模糊时不可低于此值，防止裸奔。", maxImageBytes: "单张截图大小上限（字节）。", timeout: "等待客户端响应的超时（毫秒）。", cacheDuration: "截图缓存时长（毫秒）。在此期间内同一客户端 + 显示器的反复调用会直接返回缓存的图。设为 0 关闭缓存。默认 5 分钟。", registerAlias: "是否给每个连进来的客户端自动注册同名命令作为别名。", authority: "命令所需的最低权限等级。", forceAuthority: "使用 -f / --force 绕过缓存所需的最低权限等级。" } };
+    module2.exports = { $desc: "Argus 配置", $inner: { path: "WebSocket 服务挂载路径，必须以 / 开头。", token: "客户端鉴权 token；为空时所有连接都会被拒绝。", commandName: "主命令名（例如 peek、spy、look）。", blur: "默认模糊半径，越大越糊（0 = 不模糊）。", blurMode: { $desc: "模糊算法", $inner: ["高斯模糊（质量好，但慢）", "快速模糊（jimp.blur，速度快）"] }, minBlur: "命令里 -b 临时调小模糊时不可低于此值，防止裸奔。", maxImageKB: "单张截图（客户端→插件，加密后 base64）大小上限（KB）。超过会拒收。默认 8192（8MB）。", finalMaxKB: "发到群里的最终图片体积上限（KB）。插件做完模糊后会再压一遍 JPEG 到这个体积以内。默认 200。设 0 关闭。", timeout: "等待客户端响应的超时（毫秒）。", cacheDuration: "截图缓存时长（毫秒）。在此期间内同一客户端 + 显示器的反复调用会直接返回缓存的图。设为 0 关闭缓存。默认 5 分钟。", registerAlias: "是否给每个连进来的客户端自动注册同名命令作为别名。", authority: "命令所需的最低权限等级。", forceAuthority: "使用 -f / --force 绕过缓存所需的最低权限等级。" } };
   }
 });
 
 // src/locales/en-US.schema.yml
 var require_en_US_schema = __commonJS({
   "src/locales/en-US.schema.yml"(exports2, module2) {
-    module2.exports = { $desc: "Argus configuration", $inner: { path: "WebSocket mount path; must start with /.", token: "Auth token for clients; if empty all connections are rejected.", commandName: "Top-level command name (e.g. peek, spy, look).", blur: "Default blur radius; larger means blurrier (0 disables blur).", blurMode: { $desc: "Blur algorithm", $inner: ["Gaussian blur (better quality, slower)", "Fast blur (jimp.blur, faster)"] }, minBlur: "Lower bound for the temporary -b override, to prevent unblurred captures.", maxImageBytes: "Max screenshot size in bytes.", timeout: "Timeout (ms) waiting for a client response.", cacheDuration: "Screenshot cache duration in ms. Repeated calls within this window for the same client+display reuse the cached image. Set to 0 to disable. Default 5 minutes.", registerAlias: "Whether to register each connected client's name as a command alias.", authority: "Minimum authority level required to run the command.", forceAuthority: "Minimum authority level required to use -f / --force to bypass the cache." } };
+    module2.exports = { $desc: "Argus configuration", $inner: { path: "WebSocket mount path; must start with /.", token: "Auth token for clients; if empty all connections are rejected.", commandName: "Top-level command name (e.g. peek, spy, look).", blur: "Default blur radius; larger means blurrier (0 disables blur).", blurMode: { $desc: "Blur algorithm", $inner: ["Gaussian blur (better quality, slower)", "Fast blur (jimp.blur, faster)"] }, minBlur: "Lower bound for the temporary -b override, to prevent unblurred captures.", maxImageKB: "Max screenshot size (client -> plugin, encrypted base64) in KB. Larger payloads are rejected. Default 8192 (8MB).", finalMaxKB: "Final image size budget after blur (KB). The plugin recompresses to JPEG within this budget before sending to chat. Default 200. Set 0 to disable.", timeout: "Timeout (ms) waiting for a client response.", cacheDuration: "Screenshot cache duration in ms. Repeated calls within this window for the same client+display reuse the cached image. Set to 0 to disable. Default 5 minutes.", registerAlias: "Whether to register each connected client's name as a command alias.", authority: "Minimum authority level required to run the command.", forceAuthority: "Minimum authority level required to use -f / --force to bypass the cache." } };
   }
 });
 
@@ -304,25 +304,29 @@ __name(randomId, "randomId");
 var import_koishi = require("koishi");
 
 // src/blur.ts
-var import_core = require("@jimp/core");
-var import_jimp = require("jimp");
-var Jimp = (0, import_core.createJimp)({
-  formats: [...import_jimp.defaultFormats],
-  plugins: import_jimp.defaultPlugins
-});
-async function blurImage(input, options) {
+var import_node = require("@cf-wasm/photon/node");
+function blurImage(input, options) {
   const radius = clamp(Math.round(options.radius), 0, 200);
-  const image = await Jimp.read(input);
-  if (radius > 0) {
-    if (options.mode === "gaussian") {
-      const r = Math.max(1, Math.min(10, Math.round(radius / 20)));
-      image.gaussian(r);
-    } else {
-      const r = Math.max(1, Math.min(100, radius));
-      image.blur(r);
+  const img = import_node.PhotonImage.new_from_byteslice(new Uint8Array(input));
+  try {
+    if (radius === 0) {
+      return Buffer.from(img.get_bytes_jpeg(85));
+    }
+    const factor = radius <= 50 ? Math.round(radius / 4) + 2 : Math.round(radius / 6) + 4;
+    const w = img.get_width();
+    const h2 = img.get_height();
+    const sw = Math.max(2, Math.round(w / factor));
+    const sh = Math.max(2, Math.round(h2 / factor));
+    const small = (0, import_node.resize)(img, sw, sh, import_node.SamplingFilter.Triangle);
+    try {
+      if (options.mode === "gaussian") (0, import_node.box_blur)(small);
+      return Buffer.from(small.get_bytes_jpeg(85));
+    } finally {
+      small.free();
     }
+  } finally {
+    img.free();
   }
-  return await image.getBuffer("image/png");
 }
 __name(blurImage, "blurImage");
 function clamp(v, min, max) {
@@ -330,6 +334,47 @@ function clamp(v, min, max) {
 }
 __name(clamp, "clamp");
 
+// src/compress.ts
+var import_node2 = require("@cf-wasm/photon/node");
+function compressToBudget(input, options) {
+  const target = Math.max(8 * 1024, options.targetBytes);
+  if (input.length <= target) return input;
+  const initialQuality = options.initialQuality ?? 80;
+  const minQuality = options.minQuality ?? 40;
+  const img = import_node2.PhotonImage.new_from_byteslice(new Uint8Array(input));
+  try {
+    const ratioByteWise = target / input.length;
+    const estQ = Math.max(
+      minQuality,
+      Math.min(initialQuality, Math.round(initialQuality * ratioByteWise))
+    );
+    let buf = Buffer.from(img.get_bytes_jpeg(estQ));
+    if (buf.length <= target) return buf;
+    const q2 = Math.max(
+      minQuality,
+      Math.round(estQ * (target / buf.length) * 0.95)
+    );
+    if (q2 < estQ) {
+      buf = Buffer.from(img.get_bytes_jpeg(q2));
+      if (buf.length <= target) return buf;
+    }
+    const w = img.get_width();
+    const h2 = img.get_height();
+    const scale = Math.sqrt(target / buf.length) * 0.9;
+    const newW = Math.max(64, Math.round(w * scale));
+    const newH = Math.max(64, Math.round(h2 * scale));
+    const small = (0, import_node2.resize)(img, newW, newH, import_node2.SamplingFilter.Triangle);
+    try {
+      return Buffer.from(small.get_bytes_jpeg(q2));
+    } finally {
+      small.free();
+    }
+  } finally {
+    img.free();
+  }
+}
+__name(compressToBudget, "compressToBudget");
+
 // src/cache.ts
 var PeekCache = class {
   constructor(duration) {
@@ -393,6 +438,37 @@ function formatRemaining(ms) {
 }
 __name(formatRemaining, "formatRemaining");
 
+// src/crypto.ts
+var import_node_crypto = require("node:crypto");
+var ALGO = "aes-256-gcm";
+var IV_LEN = 12;
+var TAG_LEN = 16;
+var KEY_LEN = 32;
+var SALT = Buffer.from("argus.peek.v1", "utf8");
+var keyCache = /* @__PURE__ */ new Map();
+function deriveKey(token) {
+  let key = keyCache.get(token);
+  if (key) return key;
+  key = (0, import_node_crypto.scryptSync)(token, SALT, KEY_LEN);
+  keyCache.set(token, key);
+  return key;
+}
+__name(deriveKey, "deriveKey");
+function decryptBuffer(payloadBase64, token) {
+  const buf = Buffer.from(payloadBase64, "base64");
+  if (buf.length < IV_LEN + TAG_LEN) {
+    throw new Error("ciphertext_too_short");
+  }
+  const iv = buf.subarray(0, IV_LEN);
+  const tag = buf.subarray(IV_LEN, IV_LEN + TAG_LEN);
+  const ct = buf.subarray(IV_LEN + TAG_LEN);
+  const key = deriveKey(token);
+  const decipher = (0, import_node_crypto.createDecipheriv)(ALGO, key, iv);
+  decipher.setAuthTag(tag);
+  return Buffer.concat([decipher.update(ct), decipher.final()]);
+}
+__name(decryptBuffer, "decryptBuffer");
+
 // src/commands.ts
 function applyCommands(ctx, server, config, cache) {
   const cmd = ctx.command(
@@ -436,7 +512,7 @@ function applyCommands(ctx, server, config, cache) {
       }
       if (cached.image) {
         return [
-          import_koishi.h.image(cached.image, "image/png"),
+          import_koishi.h.image(cached.image, cached.mime ?? "image/png"),
           formatCacheNote(session, cached)
         ];
       }
@@ -449,15 +525,40 @@ function applyCommands(ctx, server, config, cache) {
         cache.set(cacheKey, { busy: response.frame });
         return formatBusy(session, client.name, response.frame);
       }
-      const buffer = Buffer.from(response.frame.image, "base64");
-      const output = await blurImage(buffer, {
+      let buffer;
+      try {
+        buffer = decodeImagePayload(response.frame, config.token);
+      } catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        ctx.logger.warn(
+          "argus decrypt failed for %s: %s",
+          client.name,
+          message
+        );
+        return session.text(".failed", ["decrypt_failed"]);
+      }
+      const blurStart = Date.now();
+      const blurred = blurImage(buffer, {
         radius,
         mode: config.blurMode
       });
+      const blurMs = Date.now() - blurStart;
+      const finalBudget = config.finalMaxKB * 1024;
+      const compressStart = Date.now();
+      const output = finalBudget > 0 && blurred.length > finalBudget ? compressToBudget(blurred, { targetBytes: finalBudget }) : blurred;
+      const compressMs = Date.now() - compressStart;
+      const mime = "image/jpeg";
+      ctx.logger.debug(
+        "peek pipeline: blur=%dms compress=%dms %dKB→%dKB",
+        blurMs,
+        compressMs,
+        Math.round(blurred.length / 1024),
+        Math.round(output.length / 1024)
+      );
       if (opts.blur === void 0 || opts.blur === config.blur) {
-        cache.set(cacheKey, { image: output });
+        cache.set(cacheKey, { image: output, mime });
       }
-      return import_koishi.h.image(output, "image/png");
+      return import_koishi.h.image(output, mime);
     } catch (err) {
       const message = err instanceof Error ? err.message : String(err);
       ctx.logger.warn(
@@ -564,6 +665,16 @@ function range(start, end) {
   return out;
 }
 __name(range, "range");
+function decodeImagePayload(frame, token) {
+  if (!frame.enc || frame.enc === "none") {
+    return Buffer.from(frame.image, "base64");
+  }
+  if (frame.enc === "aes-256-gcm") {
+    return decryptBuffer(frame.image, token);
+  }
+  throw new Error(`unsupported_enc:${frame.enc}`);
+}
+__name(decodeImagePayload, "decodeImagePayload");
 
 // src/index.ts
 var name = "argus";
@@ -575,7 +686,8 @@ var Config = import_koishi2.Schema.object({
   blur: import_koishi2.Schema.natural().min(0).max(200).default(40),
   blurMode: import_koishi2.Schema.union(["gaussian", "fast"]).default("fast"),
   minBlur: import_koishi2.Schema.natural().min(0).max(200).default(10),
-  maxImageBytes: import_koishi2.Schema.natural().default(8 * 1024 * 1024),
+  maxImageKB: import_koishi2.Schema.natural().default(8 * 1024),
+  finalMaxKB: import_koishi2.Schema.natural().default(200),
   timeout: import_koishi2.Schema.natural().default(15e3),
   cacheDuration: import_koishi2.Schema.natural().default(5 * 60 * 1e3),
   registerAlias: import_koishi2.Schema.boolean().default(true),
@@ -600,7 +712,7 @@ function apply(ctx, config) {
     path: config.path,
     token: config.token,
     timeout: config.timeout,
-    maxImageBytes: config.maxImageBytes,
+    maxImageBytes: config.maxImageKB * 1024,
     onClientChange: /* @__PURE__ */ __name((event) => {
       if (event.type === "connect") {
         ctx.emit("argus/client-connect", event.name);

package/lib/index.d.ts

@@ -9,7 +9,8 @@ export interface Config {
     blur: number;
     blurMode: BlurMode;
     minBlur: number;
-    maxImageBytes: number;
+    maxImageKB: number;
+    finalMaxKB: number;
     timeout: number;
     cacheDuration: number;
     registerAlias: boolean;

package/lib/index.mjs

@@ -8,14 +8,14 @@ var __commonJS = (cb, mod) => function __require() {
 // src/locales/zh-CN.schema.yml
 var require_zh_CN_schema = __commonJS({
   "src/locales/zh-CN.schema.yml"(exports, module) {
-    module.exports = { $desc: "Argus 配置", $inner: { path: "WebSocket 服务挂载路径，必须以 / 开头。", token: "客户端鉴权 token；为空时所有连接都会被拒绝。", commandName: "主命令名（例如 peek、spy、look）。", blur: "默认模糊半径，越大越糊（0 = 不模糊）。", blurMode: { $desc: "模糊算法", $inner: ["高斯模糊（质量好，但慢）", "快速模糊（jimp.blur，速度快）"] }, minBlur: "命令里 -b 临时调小模糊时不可低于此值，防止裸奔。", maxImageBytes: "单张截图大小上限（字节）。", timeout: "等待客户端响应的超时（毫秒）。", cacheDuration: "截图缓存时长（毫秒）。在此期间内同一客户端 + 显示器的反复调用会直接返回缓存的图。设为 0 关闭缓存。默认 5 分钟。", registerAlias: "是否给每个连进来的客户端自动注册同名命令作为别名。", authority: "命令所需的最低权限等级。", forceAuthority: "使用 -f / --force 绕过缓存所需的最低权限等级。" } };
+    module.exports = { $desc: "Argus 配置", $inner: { path: "WebSocket 服务挂载路径，必须以 / 开头。", token: "客户端鉴权 token；为空时所有连接都会被拒绝。", commandName: "主命令名（例如 peek、spy、look）。", blur: "默认模糊半径，越大越糊（0 = 不模糊）。", blurMode: { $desc: "模糊算法", $inner: ["高斯模糊（质量好，但慢）", "快速模糊（jimp.blur，速度快）"] }, minBlur: "命令里 -b 临时调小模糊时不可低于此值，防止裸奔。", maxImageKB: "单张截图（客户端→插件，加密后 base64）大小上限（KB）。超过会拒收。默认 8192（8MB）。", finalMaxKB: "发到群里的最终图片体积上限（KB）。插件做完模糊后会再压一遍 JPEG 到这个体积以内。默认 200。设 0 关闭。", timeout: "等待客户端响应的超时（毫秒）。", cacheDuration: "截图缓存时长（毫秒）。在此期间内同一客户端 + 显示器的反复调用会直接返回缓存的图。设为 0 关闭缓存。默认 5 分钟。", registerAlias: "是否给每个连进来的客户端自动注册同名命令作为别名。", authority: "命令所需的最低权限等级。", forceAuthority: "使用 -f / --force 绕过缓存所需的最低权限等级。" } };
   }
 });
 
 // src/locales/en-US.schema.yml
 var require_en_US_schema = __commonJS({
   "src/locales/en-US.schema.yml"(exports, module) {
-    module.exports = { $desc: "Argus configuration", $inner: { path: "WebSocket mount path; must start with /.", token: "Auth token for clients; if empty all connections are rejected.", commandName: "Top-level command name (e.g. peek, spy, look).", blur: "Default blur radius; larger means blurrier (0 disables blur).", blurMode: { $desc: "Blur algorithm", $inner: ["Gaussian blur (better quality, slower)", "Fast blur (jimp.blur, faster)"] }, minBlur: "Lower bound for the temporary -b override, to prevent unblurred captures.", maxImageBytes: "Max screenshot size in bytes.", timeout: "Timeout (ms) waiting for a client response.", cacheDuration: "Screenshot cache duration in ms. Repeated calls within this window for the same client+display reuse the cached image. Set to 0 to disable. Default 5 minutes.", registerAlias: "Whether to register each connected client's name as a command alias.", authority: "Minimum authority level required to run the command.", forceAuthority: "Minimum authority level required to use -f / --force to bypass the cache." } };
+    module.exports = { $desc: "Argus configuration", $inner: { path: "WebSocket mount path; must start with /.", token: "Auth token for clients; if empty all connections are rejected.", commandName: "Top-level command name (e.g. peek, spy, look).", blur: "Default blur radius; larger means blurrier (0 disables blur).", blurMode: { $desc: "Blur algorithm", $inner: ["Gaussian blur (better quality, slower)", "Fast blur (jimp.blur, faster)"] }, minBlur: "Lower bound for the temporary -b override, to prevent unblurred captures.", maxImageKB: "Max screenshot size (client -> plugin, encrypted base64) in KB. Larger payloads are rejected. Default 8192 (8MB).", finalMaxKB: "Final image size budget after blur (KB). The plugin recompresses to JPEG within this budget before sending to chat. Default 200. Set 0 to disable.", timeout: "Timeout (ms) waiting for a client response.", cacheDuration: "Screenshot cache duration in ms. Repeated calls within this window for the same client+display reuse the cached image. Set to 0 to disable. Default 5 minutes.", registerAlias: "Whether to register each connected client's name as a command alias.", authority: "Minimum authority level required to run the command.", forceAuthority: "Minimum authority level required to use -f / --force to bypass the cache." } };
   }
 });
 
@@ -281,25 +281,34 @@ __name(randomId, "randomId");
 import { h } from "koishi";
 
 // src/blur.ts
-import { createJimp } from "@jimp/core";
-import { defaultFormats, defaultPlugins } from "jimp";
-var Jimp = createJimp({
-  formats: [...defaultFormats],
-  plugins: defaultPlugins
-});
-async function blurImage(input, options) {
+import {
+  PhotonImage,
+  box_blur,
+  resize,
+  SamplingFilter
+} from "@cf-wasm/photon/node";
+function blurImage(input, options) {
   const radius = clamp(Math.round(options.radius), 0, 200);
-  const image = await Jimp.read(input);
-  if (radius > 0) {
-    if (options.mode === "gaussian") {
-      const r = Math.max(1, Math.min(10, Math.round(radius / 20)));
-      image.gaussian(r);
-    } else {
-      const r = Math.max(1, Math.min(100, radius));
-      image.blur(r);
+  const img = PhotonImage.new_from_byteslice(new Uint8Array(input));
+  try {
+    if (radius === 0) {
+      return Buffer.from(img.get_bytes_jpeg(85));
+    }
+    const factor = radius <= 50 ? Math.round(radius / 4) + 2 : Math.round(radius / 6) + 4;
+    const w = img.get_width();
+    const h2 = img.get_height();
+    const sw = Math.max(2, Math.round(w / factor));
+    const sh = Math.max(2, Math.round(h2 / factor));
+    const small = resize(img, sw, sh, SamplingFilter.Triangle);
+    try {
+      if (options.mode === "gaussian") box_blur(small);
+      return Buffer.from(small.get_bytes_jpeg(85));
+    } finally {
+      small.free();
     }
+  } finally {
+    img.free();
   }
-  return await image.getBuffer("image/png");
 }
 __name(blurImage, "blurImage");
 function clamp(v, min, max) {
@@ -307,6 +316,51 @@ function clamp(v, min, max) {
 }
 __name(clamp, "clamp");
 
+// src/compress.ts
+import {
+  PhotonImage as PhotonImage2,
+  resize as resize2,
+  SamplingFilter as SamplingFilter2
+} from "@cf-wasm/photon/node";
+function compressToBudget(input, options) {
+  const target = Math.max(8 * 1024, options.targetBytes);
+  if (input.length <= target) return input;
+  const initialQuality = options.initialQuality ?? 80;
+  const minQuality = options.minQuality ?? 40;
+  const img = PhotonImage2.new_from_byteslice(new Uint8Array(input));
+  try {
+    const ratioByteWise = target / input.length;
+    const estQ = Math.max(
+      minQuality,
+      Math.min(initialQuality, Math.round(initialQuality * ratioByteWise))
+    );
+    let buf = Buffer.from(img.get_bytes_jpeg(estQ));
+    if (buf.length <= target) return buf;
+    const q2 = Math.max(
+      minQuality,
+      Math.round(estQ * (target / buf.length) * 0.95)
+    );
+    if (q2 < estQ) {
+      buf = Buffer.from(img.get_bytes_jpeg(q2));
+      if (buf.length <= target) return buf;
+    }
+    const w = img.get_width();
+    const h2 = img.get_height();
+    const scale = Math.sqrt(target / buf.length) * 0.9;
+    const newW = Math.max(64, Math.round(w * scale));
+    const newH = Math.max(64, Math.round(h2 * scale));
+    const small = resize2(img, newW, newH, SamplingFilter2.Triangle);
+    try {
+      return Buffer.from(small.get_bytes_jpeg(q2));
+    } finally {
+      small.free();
+    }
+  } finally {
+    img.free();
+  }
+}
+__name(compressToBudget, "compressToBudget");
+
 // src/cache.ts
 var PeekCache = class {
   constructor(duration) {
@@ -370,6 +424,42 @@ function formatRemaining(ms) {
 }
 __name(formatRemaining, "formatRemaining");
 
+// src/crypto.ts
+import {
+  createCipheriv,
+  createDecipheriv,
+  randomBytes,
+  scryptSync
+} from "node:crypto";
+var ALGO = "aes-256-gcm";
+var IV_LEN = 12;
+var TAG_LEN = 16;
+var KEY_LEN = 32;
+var SALT = Buffer.from("argus.peek.v1", "utf8");
+var keyCache = /* @__PURE__ */ new Map();
+function deriveKey(token) {
+  let key = keyCache.get(token);
+  if (key) return key;
+  key = scryptSync(token, SALT, KEY_LEN);
+  keyCache.set(token, key);
+  return key;
+}
+__name(deriveKey, "deriveKey");
+function decryptBuffer(payloadBase64, token) {
+  const buf = Buffer.from(payloadBase64, "base64");
+  if (buf.length < IV_LEN + TAG_LEN) {
+    throw new Error("ciphertext_too_short");
+  }
+  const iv = buf.subarray(0, IV_LEN);
+  const tag = buf.subarray(IV_LEN, IV_LEN + TAG_LEN);
+  const ct = buf.subarray(IV_LEN + TAG_LEN);
+  const key = deriveKey(token);
+  const decipher = createDecipheriv(ALGO, key, iv);
+  decipher.setAuthTag(tag);
+  return Buffer.concat([decipher.update(ct), decipher.final()]);
+}
+__name(decryptBuffer, "decryptBuffer");
+
 // src/commands.ts
 function applyCommands(ctx, server, config, cache) {
   const cmd = ctx.command(
@@ -413,7 +503,7 @@ function applyCommands(ctx, server, config, cache) {
       }
       if (cached.image) {
         return [
-          h.image(cached.image, "image/png"),
+          h.image(cached.image, cached.mime ?? "image/png"),
           formatCacheNote(session, cached)
         ];
       }
@@ -426,15 +516,40 @@ function applyCommands(ctx, server, config, cache) {
         cache.set(cacheKey, { busy: response.frame });
         return formatBusy(session, client.name, response.frame);
       }
-      const buffer = Buffer.from(response.frame.image, "base64");
-      const output = await blurImage(buffer, {
+      let buffer;
+      try {
+        buffer = decodeImagePayload(response.frame, config.token);
+      } catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        ctx.logger.warn(
+          "argus decrypt failed for %s: %s",
+          client.name,
+          message
+        );
+        return session.text(".failed", ["decrypt_failed"]);
+      }
+      const blurStart = Date.now();
+      const blurred = blurImage(buffer, {
         radius,
         mode: config.blurMode
       });
+      const blurMs = Date.now() - blurStart;
+      const finalBudget = config.finalMaxKB * 1024;
+      const compressStart = Date.now();
+      const output = finalBudget > 0 && blurred.length > finalBudget ? compressToBudget(blurred, { targetBytes: finalBudget }) : blurred;
+      const compressMs = Date.now() - compressStart;
+      const mime = "image/jpeg";
+      ctx.logger.debug(
+        "peek pipeline: blur=%dms compress=%dms %dKB→%dKB",
+        blurMs,
+        compressMs,
+        Math.round(blurred.length / 1024),
+        Math.round(output.length / 1024)
+      );
       if (opts.blur === void 0 || opts.blur === config.blur) {
-        cache.set(cacheKey, { image: output });
+        cache.set(cacheKey, { image: output, mime });
       }
-      return h.image(output, "image/png");
+      return h.image(output, mime);
     } catch (err) {
       const message = err instanceof Error ? err.message : String(err);
       ctx.logger.warn(
@@ -541,6 +656,16 @@ function range(start, end) {
   return out;
 }
 __name(range, "range");
+function decodeImagePayload(frame, token) {
+  if (!frame.enc || frame.enc === "none") {
+    return Buffer.from(frame.image, "base64");
+  }
+  if (frame.enc === "aes-256-gcm") {
+    return decryptBuffer(frame.image, token);
+  }
+  throw new Error(`unsupported_enc:${frame.enc}`);
+}
+__name(decodeImagePayload, "decodeImagePayload");
 
 // src/index.ts
 var name = "argus";
@@ -552,7 +677,8 @@ var Config = Schema.object({
   blur: Schema.natural().min(0).max(200).default(40),
   blurMode: Schema.union(["gaussian", "fast"]).default("fast"),
   minBlur: Schema.natural().min(0).max(200).default(10),
-  maxImageBytes: Schema.natural().default(8 * 1024 * 1024),
+  maxImageKB: Schema.natural().default(8 * 1024),
+  finalMaxKB: Schema.natural().default(200),
   timeout: Schema.natural().default(15e3),
   cacheDuration: Schema.natural().default(5 * 60 * 1e3),
   registerAlias: Schema.boolean().default(true),
@@ -577,7 +703,7 @@ function apply(ctx, config) {
     path: config.path,
     token: config.token,
     timeout: config.timeout,
-    maxImageBytes: config.maxImageBytes,
+    maxImageBytes: config.maxImageKB * 1024,
     onClientChange: /* @__PURE__ */ __name((event) => {
       if (event.type === "connect") {
         ctx.emit("argus/client-connect", event.name);

package/lib/types.d.ts

@@ -30,8 +30,14 @@ export interface PeekRequestFrame {
 export interface PeekResultFrame {
     type: 'peek_result';
     id: string;
-    /** PNG/JPEG base64（不带 data: 前缀）。*/
+    /**
+     * 图片 buffer，base64 编码。
+     * `enc` 为 `aes-256-gcm` 时为 base64(iv|tag|ciphertext)，token 派生 key 解密。
+     * `enc` 缺省 / 为 `none` 时为图片原始字节的 base64（向后兼容旧 CLI）。
+     */
     image: string;
+    /** 加密算法。新版客户端始终发 `aes-256-gcm`。 */
+    enc?: 'aes-256-gcm' | 'none';
     mime?: string;
     width?: number;
     height?: number;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "koishi-plugin-argus",
   "description": "百眼巨人 Argus：让群友通过 /peek 命令偷窥你电脑屏幕的 Koishi 插件。",
-  "version": "0.1.0",
+  "version": "0.4.0",
   "main": "lib/index.cjs",
   "module": "lib/index.mjs",
   "typings": "lib/index.d.ts",
@@ -34,8 +34,7 @@
     "koishi": "^4.18.9"
   },
   "dependencies": {
-    "@jimp/core": "^1.6.0",
-    "jimp": "^1.6.0"
+    "@cf-wasm/photon": "^0.3.5"
   },
   "devDependencies": {
     "@types/ws": "^8.5.10",

package/readme.md

@@ -5,6 +5,14 @@
 插件本体作为 WebSocket 服务，配套 CLI 客户端 [`argus-eye`](https://www.npmjs.com/package/argus-eye)
 连接上来后，群里就能通过命令拉取实时模糊截图。
 
+## 安全说明
+
+- 客户端连接时必须带 `token`，错的直接踢。
+- 截图 buffer 在 CLI 端用 `AES-256-GCM` 加密后才上 WebSocket，
+  key 由 token 通过 scrypt 派生，IV 每帧随机。换句话说**抓包只能拿到密文**，
+  插件这边解出来再做模糊处理。token 写错或者被改包都会被 GCM 校验拒绝。
+- 默认 `authority: 1`，可调高到只允许特定群友 peek。
+
 ## 安装
 
 ```bash
@@ -62,7 +70,8 @@ npx argus-eye -s ws://your-koishi-host:5140/argus -t a-strong-secret -n dingyi
 | `blur` | `number` | `40` | 默认模糊半径（pixel）|
 | `blurMode` | `'gaussian' \| 'fast'` | `'fast'` | 模糊算法 |
 | `minBlur` | `number` | `10` | 命令里调小模糊时不可低于此值 |
-| `maxImageBytes` | `number` | `8 * 1024 * 1024` | 单张截图大小上限 |
+| `maxImageKB` | `number` | `8192` | 单张截图大小上限（KB） |
+| `finalMaxKB` | `number` | `200` | 发到群里的最终图片体积上限（KB），插件会做二次压缩；0 = 关闭 |
 | `timeout` | `number` | `15000` | 等待客户端响应超时（ms）|
 | `cacheDuration` | `number` | `300000` | 截图缓存时长（ms），默认 5 分钟，0 = 关闭缓存 |
 | `registerAlias` | `boolean` | `true` | 是否给每个客户端注册同名别名 |