myceliumail 1.0.2 → 1.0.3

package/src/dashboard/routes.ts

@@ -0,0 +1,128 @@
+import type { FastifyInstance } from 'fastify';
+import { loadConfig } from '../lib/config.js';
+import * as storage from '../storage/supabase.js';
+import { loadKeyPair, decryptMessage, listOwnKeys } from '../lib/crypto.js';
+import type { Message } from '../types/index.js';
+
+// Try to decrypt a message using any available key
+function tryDecryptWithAllKeys(msg: Message): Message {
+    if (!msg.encrypted || !msg.ciphertext || !msg.nonce || !msg.senderPublicKey) {
+        return msg;
+    }
+
+    // Get all available keypairs
+    const ownKeys = listOwnKeys();
+
+    for (const agentId of ownKeys) {
+        const keyPair = loadKeyPair(agentId);
+        if (!keyPair) continue;
+
+        try {
+            const decryptedText = decryptMessage({
+                ciphertext: msg.ciphertext,
+                nonce: msg.nonce,
+                senderPublicKey: msg.senderPublicKey
+            }, keyPair);
+
+            if (decryptedText) {
+                const parsed = JSON.parse(decryptedText);
+                return {
+                    ...msg,
+                    subject: parsed.subject,
+                    body: parsed.body,
+                    decrypted: true,
+                    decryptedBy: agentId
+                } as Message & { decrypted: boolean; decryptedBy: string };
+            }
+        } catch (e) {
+            // Try next key
+        }
+    }
+
+    return msg;
+}
+
+export async function registerRoutes(fastify: FastifyInstance) {
+    const config = loadConfig();
+    const agentId = config.agentId;
+
+    // GET /api/inbox
+    fastify.get('/api/inbox', async (request, reply) => {
+        const messages = await storage.getInbox(agentId, { limit: 100 });
+
+        // Decrypt encrypted messages using all available keys
+        const decrypted = messages.map(tryDecryptWithAllKeys);
+
+        return { messages: decrypted, total: decrypted.length };
+    });
+
+    // GET /api/message/:id
+    fastify.get('/api/message/:id', async (request, reply) => {
+        const { id } = request.params as { id: string };
+        const message = await storage.getMessage(id);
+
+        if (!message) {
+            return reply.code(404).send({ error: 'Message not found' });
+        }
+
+        // Try all keys for decryption
+        return tryDecryptWithAllKeys(message);
+    });
+
+    // POST /api/message/:id/read
+    fastify.post('/api/message/:id/read', async (request, reply) => {
+        const { id } = request.params as { id: string };
+        const { readerId } = request.body as { readerId?: string };
+        await storage.markAsRead(id, readerId || agentId);
+        return { success: true };
+    });
+
+    // POST /api/message/:id/archive
+    fastify.post('/api/message/:id/archive', async (request, reply) => {
+        const { id } = request.params as { id: string };
+        await storage.archiveMessage(id);
+        return { success: true };
+    });
+
+    // DELETE /api/message/:id
+    fastify.delete('/api/message/:id', async (request, reply) => {
+        const { id } = request.params as { id: string };
+        const deleted = await storage.deleteMessage(id);
+        return { success: deleted };
+    });
+
+    // POST /api/send - Send a new message (supports multi-recipient)
+    fastify.post('/api/send', async (request, reply) => {
+        const { to, subject, body, from, attachments } = request.body as {
+            to: string | string[];
+            subject: string;
+            body: string;
+            from?: string;
+            attachments?: { name: string; type: string; data: string; size: number }[];
+        };
+
+        const sender = from || agentId;
+        const message = await storage.sendMessage(sender, to, subject, body, { attachments });
+        return { success: true, message };
+    });
+
+    // GET /api/stats
+    fastify.get('/api/stats', async (request, reply) => {
+        const messages = await storage.getInbox(agentId);
+        const unread = messages.filter(m => !m.readBy?.includes(agentId) && !m.read).length;
+        return {
+            total: messages.length,
+            unread,
+            encrypted: messages.filter(m => m.encrypted).length
+        };
+    });
+
+    // GET /api/config - Provide config for frontend Realtime
+    fastify.get('/api/config', async (request, reply) => {
+        return {
+            agentId: config.agentId,
+            supabaseUrl: config.supabaseUrl,
+            supabaseKey: config.supabaseKey
+        };
+    });
+}

package/src/dashboard/server.ts

@@ -0,0 +1,33 @@
+import Fastify from 'fastify';
+import fastifyStatic from '@fastify/static';
+import { join, dirname } from 'path';
+import { fileURLToPath } from 'url';
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = dirname(__filename);
+
+export async function startDashboard(port = 3737) {
+    const fastify = Fastify({ logger: true });
+
+    // Serve static files
+    await fastify.register(fastifyStatic, {
+        root: join(__dirname, 'public'),
+        prefix: '/'
+    });
+
+    // Register routes
+    // dynamic import to avoid circular dependencies if any, though here it is clean
+    const { registerRoutes } = await import('./routes.js');
+    await registerRoutes(fastify);
+
+    // Start server
+    try {
+        await fastify.listen({ port, host: '127.0.0.1' });
+        console.log(`🍄 Dashboard running on http://localhost:${port}`);
+    } catch (err) {
+        fastify.log.error(err);
+        process.exit(1);
+    }
+
+    return fastify;
+}

package/src/lib/config.ts

@@ -0,0 +1,104 @@
+/**
+ * Myceliumail Configuration
+ * 
+ * Handles loading agent configuration from environment or config file.
+ */
+
+import { existsSync, readFileSync, writeFileSync, mkdirSync } from 'fs';
+import { join } from 'path';
+import { homedir } from 'os';
+
+const CONFIG_DIR = join(homedir(), '.myceliumail');
+const CONFIG_FILE = join(CONFIG_DIR, 'config.json');
+
+export interface Config {
+    agentId: string;
+    supabaseUrl?: string;
+    supabaseKey?: string;
+    storageMode: 'auto' | 'supabase' | 'local';
+}
+
+/**
+ * Ensure config directory exists
+ */
+function ensureConfigDir(): void {
+    if (!existsSync(CONFIG_DIR)) {
+        mkdirSync(CONFIG_DIR, { recursive: true });
+    }
+}
+
+/**
+ * Load configuration from file or environment
+ */
+export function loadConfig(): Config {
+    // Environment variables take precedence
+    const envAgentId = process.env.MYCELIUMAIL_AGENT_ID || process.env.MYCELIUMAIL_AGENT;
+    const envSupabaseUrl = process.env.SUPABASE_URL;
+    const envSupabaseKey = process.env.SUPABASE_ANON_KEY;
+    const envStorageMode = process.env.MYCELIUMAIL_STORAGE as 'auto' | 'supabase' | 'local' | undefined;
+
+    // Try to load from config file
+    let fileConfig: Partial<Config> = {};
+    if (existsSync(CONFIG_FILE)) {
+        try {
+            const raw = readFileSync(CONFIG_FILE, 'utf-8');
+            const parsed = JSON.parse(raw);
+            fileConfig = {
+                agentId: parsed.agent_id,
+                supabaseUrl: parsed.supabase_url,
+                supabaseKey: parsed.supabase_key,
+                storageMode: parsed.storage_mode,
+            };
+        } catch {
+            // Invalid config file, ignore
+        }
+    }
+
+    // Merge with env taking precedence
+    const config: Config = {
+        agentId: envAgentId || fileConfig.agentId || 'anonymous',
+        supabaseUrl: envSupabaseUrl || fileConfig.supabaseUrl,
+        supabaseKey: envSupabaseKey || fileConfig.supabaseKey,
+        storageMode: envStorageMode || fileConfig.storageMode || 'auto',
+    };
+
+    return config;
+}
+
+/**
+ * Save configuration to file
+ */
+export function saveConfig(config: Partial<Config>): void {
+    ensureConfigDir();
+
+    // Load existing config
+    let existing: Record<string, string> = {};
+    if (existsSync(CONFIG_FILE)) {
+        try {
+            existing = JSON.parse(readFileSync(CONFIG_FILE, 'utf-8'));
+        } catch {
+            // Start fresh
+        }
+    }
+
+    // Merge
+    if (config.agentId) existing.agent_id = config.agentId;
+    if (config.supabaseUrl) existing.supabase_url = config.supabaseUrl;
+    if (config.supabaseKey) existing.supabase_key = config.supabaseKey;
+
+    writeFileSync(CONFIG_FILE, JSON.stringify(existing, null, 2));
+}
+
+/**
+ * Get config directory path
+ */
+export function getConfigDir(): string {
+    return CONFIG_DIR;
+}
+
+/**
+ * Check if Supabase is configured
+ */
+export function hasSupabaseConfig(config: Config): boolean {
+    return !!(config.supabaseUrl && config.supabaseKey);
+}

package/src/lib/crypto.ts

@@ -0,0 +1,210 @@
+/**
+ * Myceliumail Crypto Module
+ * 
+ * E2E encryption for agent messaging using TweetNaCl.
+ * Uses X25519 for key exchange and XSalsa20-Poly1305 for encryption.
+ */
+
+import nacl from 'tweetnacl';
+import util from 'tweetnacl-util';
+import { existsSync, mkdirSync, readFileSync, writeFileSync, readdirSync } from 'fs';
+import { join } from 'path';
+import { homedir } from 'os';
+
+// Key storage location
+const KEYS_DIR = join(homedir(), '.myceliumail', 'keys');
+
+export interface KeyPair {
+    publicKey: Uint8Array;
+    secretKey: Uint8Array;
+}
+
+export interface EncryptedMessage {
+    ciphertext: string;      // base64
+    nonce: string;           // base64
+    senderPublicKey: string; // base64
+}
+
+/**
+ * Ensure keys directory exists
+ */
+function ensureKeysDir(): void {
+    if (!existsSync(KEYS_DIR)) {
+        mkdirSync(KEYS_DIR, { recursive: true });
+    }
+}
+
+/**
+ * Generate a new keypair for an agent
+ */
+export function generateKeyPair(): KeyPair {
+    return nacl.box.keyPair();
+}
+
+/**
+ * Save keypair to local storage
+ */
+export function saveKeyPair(agentId: string, keyPair: KeyPair): void {
+    ensureKeysDir();
+    const serialized = {
+        publicKey: util.encodeBase64(keyPair.publicKey),
+        secretKey: util.encodeBase64(keyPair.secretKey),
+    };
+    const path = join(KEYS_DIR, `${agentId}.key.json`);
+    writeFileSync(path, JSON.stringify(serialized, null, 2), { mode: 0o600 });
+}
+
+/**
+ * Load keypair from local storage
+ */
+export function loadKeyPair(agentId: string): KeyPair | null {
+    const path = join(KEYS_DIR, `${agentId}.key.json`);
+    if (!existsSync(path)) return null;
+
+    try {
+        const data = JSON.parse(readFileSync(path, 'utf-8'));
+        return {
+            publicKey: util.decodeBase64(data.publicKey),
+            secretKey: util.decodeBase64(data.secretKey),
+        };
+    } catch {
+        return null;
+    }
+}
+
+/**
+ * Check if keypair exists for an agent
+ */
+export function hasKeyPair(agentId: string): boolean {
+    const path = join(KEYS_DIR, `${agentId}.key.json`);
+    return existsSync(path);
+}
+
+/**
+ * Get public key as base64 string
+ */
+export function getPublicKeyBase64(keyPair: KeyPair): string {
+    return util.encodeBase64(keyPair.publicKey);
+}
+
+/**
+ * Encrypt a message for a recipient
+ */
+export function encryptMessage(
+    message: string,
+    recipientPublicKey: Uint8Array,
+    senderKeyPair: KeyPair
+): EncryptedMessage {
+    const messageBytes = util.decodeUTF8(message);
+    const nonce = nacl.randomBytes(nacl.box.nonceLength);
+
+    const ciphertext = nacl.box(
+        messageBytes,
+        nonce,
+        recipientPublicKey,
+        senderKeyPair.secretKey
+    );
+
+    return {
+        ciphertext: util.encodeBase64(ciphertext),
+        nonce: util.encodeBase64(nonce),
+        senderPublicKey: util.encodeBase64(senderKeyPair.publicKey),
+    };
+}
+
+/**
+ * Decrypt a message from a sender
+ */
+export function decryptMessage(
+    encrypted: EncryptedMessage,
+    recipientKeyPair: KeyPair
+): string | null {
+    try {
+        const ciphertext = util.decodeBase64(encrypted.ciphertext);
+        const nonce = util.decodeBase64(encrypted.nonce);
+        const senderPublicKey = util.decodeBase64(encrypted.senderPublicKey);
+
+        const decrypted = nacl.box.open(
+            ciphertext,
+            nonce,
+            senderPublicKey,
+            recipientKeyPair.secretKey
+        );
+
+        if (!decrypted) return null;
+        return util.encodeUTF8(decrypted);
+    } catch {
+        return null;
+    }
+}
+
+/**
+ * Known keys registry - maps agent IDs to their public keys
+ */
+export function loadKnownKeys(): Record<string, string> {
+    const path = join(KEYS_DIR, 'known_keys.json');
+    if (!existsSync(path)) return {};
+    try {
+        return JSON.parse(readFileSync(path, 'utf-8'));
+    } catch {
+        return {};
+    }
+}
+
+/**
+ * Save a known key for an agent
+ */
+export function saveKnownKey(agentId: string, publicKeyBase64: string): void {
+    ensureKeysDir();
+    const keys = loadKnownKeys();
+    keys[agentId] = publicKeyBase64;
+    writeFileSync(join(KEYS_DIR, 'known_keys.json'), JSON.stringify(keys, null, 2));
+}
+
+/**
+ * Get known key for an agent
+ */
+export function getKnownKey(agentId: string): string | null {
+    const keys = loadKnownKeys();
+    return keys[agentId] || null;
+}
+
+/**
+ * Get all known keys
+ */
+export function getKnownKeys(): Record<string, string> {
+    return loadKnownKeys();
+}
+
+/**
+ * Delete a known key
+ */
+export function deleteKnownKey(agentId: string): boolean {
+    const keys = loadKnownKeys();
+    if (!(agentId in keys)) return false;
+    delete keys[agentId];
+    writeFileSync(join(KEYS_DIR, 'known_keys.json'), JSON.stringify(keys, null, 2));
+    return true;
+}
+
+/**
+ * List all own keypairs (for agents we have keys for)
+ */
+export function listOwnKeys(): string[] {
+    ensureKeysDir();
+    try {
+        const files = readdirSync(KEYS_DIR);
+        return files
+            .filter(f => f.endsWith('.key.json'))
+            .map(f => f.replace('.key.json', ''));
+    } catch {
+        return [];
+    }
+}
+
+/**
+ * Decode a base64 public key to Uint8Array
+ */
+export function decodePublicKey(base64: string): Uint8Array {
+    return util.decodeBase64(base64);
+}

package/src/lib/realtime.ts

@@ -0,0 +1,109 @@
+/**
+ * Supabase Realtime Module
+ * 
+ * Provides real-time subscription to new messages using Supabase Realtime.
+ */
+
+import { createClient, RealtimeChannel, SupabaseClient } from '@supabase/supabase-js';
+import { loadConfig, hasSupabaseConfig } from './config.js';
+
+interface RealtimeMessage {
+    id: string;
+    from_agent: string;
+    to_agent: string;
+    subject: string;
+    message: string;
+    encrypted: boolean;
+    read: boolean;
+    created_at: string;
+}
+
+export interface MessageCallback {
+    (message: RealtimeMessage): void;
+}
+
+export interface StatusCallback {
+    (status: 'SUBSCRIBED' | 'CLOSED' | 'CHANNEL_ERROR' | 'TIMED_OUT', error?: Error): void;
+}
+
+let supabaseClient: SupabaseClient | null = null;
+
+/**
+ * Get or create the Supabase client for Realtime
+ */
+function getClient(): SupabaseClient | null {
+    if (supabaseClient) return supabaseClient;
+
+    const config = loadConfig();
+
+    if (!hasSupabaseConfig(config)) {
+        console.error('❌ Supabase not configured. Set SUPABASE_URL and SUPABASE_ANON_KEY.');
+        return null;
+    }
+
+    supabaseClient = createClient(config.supabaseUrl!, config.supabaseKey!, {
+        realtime: {
+            params: {
+                eventsPerSecond: 10,
+            },
+        },
+    });
+
+    return supabaseClient;
+}
+
+/**
+ * Subscribe to new messages for a specific agent
+ */
+export function subscribeToMessages(
+    agentId: string,
+    onMessage: MessageCallback,
+    onStatus?: StatusCallback
+): RealtimeChannel | null {
+    const client = getClient();
+    if (!client) return null;
+
+    const channel = client
+        .channel('inbox-watch')
+        .on<RealtimeMessage>(
+            'postgres_changes',
+            {
+                event: 'INSERT',
+                schema: 'public',
+                table: 'agent_messages',
+                filter: `to_agent=eq.${agentId}`,
+            },
+            (payload) => {
+                onMessage(payload.new);
+            }
+        )
+        .subscribe((status, err) => {
+            if (onStatus) {
+                // Only pass error if it exists and has meaningful content
+                const error = err && (err.message || err.toString()) ? err : undefined;
+                onStatus(status as 'SUBSCRIBED' | 'CLOSED' | 'CHANNEL_ERROR' | 'TIMED_OUT', error);
+            }
+        });
+
+    return channel;
+}
+
+/**
+ * Unsubscribe from a channel
+ */
+export async function unsubscribe(channel: RealtimeChannel): Promise<void> {
+    const client = getClient();
+    if (client && channel) {
+        await client.removeChannel(channel);
+    }
+}
+
+/**
+ * Close all realtime connections
+ */
+export async function closeConnection(): Promise<void> {
+    if (supabaseClient) {
+        await supabaseClient.removeAllChannels();
+        supabaseClient = null;
+    }
+}