openclaw-core 1.0.0

package/dist/resonance/SignalManager.js

@@ -0,0 +1,118 @@
+import crypto from "node:crypto";
+import { EventEmitter } from "node:events";
+export class SignalManager extends EventEmitter {
+    agentDid;
+    privateKey = null;
+    trustedPeers = new Map();
+    groups = new Map();
+    db = null;
+    memory = null;
+    constructor(agentDid, memory, db) {
+        super();
+        this.setMaxListeners(100);
+        this.agentDid = agentDid;
+        this.memory = memory ?? null;
+        this.db = db ?? null;
+    }
+    setAgentId(did) { this.agentDid = did; }
+    setPrivateKey(pk) { this.privateKey = pk; }
+    sign(payload) {
+        if (this.privateKey) {
+            try {
+                const sign = crypto.createSign("ed25519");
+                sign.update(payload);
+                const keyBuf = Buffer.from(this.privateKey, "hex");
+                const privKey = crypto.createPrivateKey({ key: keyBuf, format: "der", type: "pkcs8" });
+                return sign.sign(privKey).toString("hex");
+            }
+            catch {
+            }
+        }
+        const secret = process.env.SIGNAL_HMAC_SECRET || "lobster-default-hmac-key";
+        return crypto.createHmac("sha256", secret).update(payload).digest("hex");
+    }
+    verify(payload, signature, publicKey) {
+        if (publicKey) {
+            try {
+                const verify = crypto.createVerify("ed25519");
+                verify.update(payload);
+                const pubKey = crypto.createPublicKey({ key: Buffer.from(publicKey, "hex"), format: "der", type: "spki" });
+                return verify.verify(pubKey, Buffer.from(signature, "hex"));
+            }
+            catch { }
+        }
+        const expected = this.sign(payload);
+        return crypto.timingSafeEqual(Buffer.from(expected, "hex"), Buffer.from(signature, "hex"));
+    }
+    async sendTo(targetDid, type, payload) {
+        const canonical = JSON.stringify({ from: this.agentDid, to: targetDid, type, payload, ts: Date.now() });
+        const signal = {
+            id: crypto.randomUUID(),
+            from: this.agentDid,
+            to: targetDid,
+            type,
+            payload,
+            signature: this.sign(canonical),
+            timestamp: Date.now(),
+        };
+        this.emit(type, signal);
+        this.emit("*", signal);
+        if (this.db) {
+            await this.db.query("INSERT INTO signals { id: $id, from: $from, to: $to, type: $type, payload: $payload, signature: $sig, timestamp: time::now() }", { id: signal.id, from: signal.from, to: signal.to, type: signal.type, payload: signal.payload, sig: signal.signature }).catch((e) => console.error("[SignalManager] DB persist failed:", e));
+        }
+        return signal;
+    }
+    async sendSecure(targetDid, content) {
+        const peer = this.trustedPeers.get(targetDid);
+        let encryptedContent = content;
+        let encrypted = false;
+        if (peer?.publicKey) {
+            try {
+                const sharedKey = crypto.createHash("sha256")
+                    .update(`${this.agentDid}:${targetDid}`)
+                    .digest();
+                const iv = crypto.randomBytes(12);
+                const cipher = crypto.createCipheriv("aes-256-gcm", sharedKey, iv);
+                const enc = Buffer.concat([cipher.update(content, "utf8"), cipher.final()]);
+                const tag = cipher.getAuthTag();
+                encryptedContent = JSON.stringify({
+                    iv: iv.toString("hex"),
+                    data: enc.toString("hex"),
+                    tag: tag.toString("hex"),
+                });
+                encrypted = true;
+            }
+            catch (e) {
+                console.warn("[SignalManager] E2EE encryption failed, sending plaintext.", e);
+            }
+        }
+        return this.sendTo(targetDid, "SECURE_MESSAGE", { content: encryptedContent, encrypted });
+    }
+    async addTrustedPeer(did, publicKey) {
+        this.trustedPeers.set(did, { did, publicKey, addedAt: Date.now() });
+        if (this.db) {
+            await this.db.query("UPSERT trusted_peers SET did=$did, public_key=$pk, added_at=time::now()", { did, pk: publicKey }).catch(() => { });
+        }
+    }
+    removePeer(did) { this.trustedPeers.delete(did); }
+    async joinGroup(groupId) {
+        if (!this.groups.has(groupId))
+            this.groups.set(groupId, new Set());
+        this.groups.get(groupId).add(this.agentDid);
+    }
+    async sync(since) {
+        if (!this.db)
+            return [];
+        const result = await this.db.query("SELECT * FROM signals WHERE timestamp > $since ORDER BY timestamp ASC", { since });
+        if (Array.isArray(result) && result[0] && typeof result[0] === 'object' && 'result' in result[0]) {
+            return result[0].result;
+        }
+        return (Array.isArray(result) ? result : []);
+    }
+    async queryAuditLogs(limit = 50) {
+        if (!this.db)
+            return [];
+        const result = await this.db.query("SELECT * FROM signals ORDER BY timestamp DESC LIMIT $limit", { limit });
+        return result[0]?.result || result[0] || [];
+    }
+}

package/dist/services/PeerDiscovery.d.ts

@@ -0,0 +1,47 @@
+export interface DiscoveredNode {
+    did: string;
+    url: string;
+    publicKey: string;
+    source: 'MDNS' | 'DHT' | 'MANUAL' | 'GOSSIP';
+    discoveredAt: Date;
+}
+export interface IPeerRegistry {
+    get(did: string): {
+        status: string;
+    } | undefined;
+    connect(url: string, isLocal: boolean): Promise<void>;
+}
+export declare class PeerDiscovery {
+    private localDid;
+    private localUrl;
+    private localPublicKey;
+    private peerRegistry;
+    private db;
+    private mdnsSocket;
+    private discoveryTimer;
+    private announceTimer;
+    private dhtNodes;
+    private knownDids;
+    private running;
+    private dhtRoutingTable;
+    private dhtPort;
+    private dhtSocket;
+    constructor(localDid: string, localUrl: string, localPublicKey: string);
+    updateIdentity(did: string, url: string, publicKey: string): void;
+    init(peerRegistry: IPeerRegistry, db?: {
+        query: (q: string, p?: Record<string, unknown>) => Promise<unknown>;
+    }): Promise<void>;
+    private startMDNS;
+    private handleMDNSMessage;
+    private announceMDNS;
+    private startDHT;
+    private bootstrapDHT;
+    private handleDHTMessage;
+    private respondToFindNode;
+    private announceDHT;
+    private onDiscovery;
+    announce(): void;
+    scan(): Promise<void>;
+    getDiscovered(): DiscoveredNode[];
+    destroy(): void;
+}

package/dist/services/PeerDiscovery.js

@@ -0,0 +1,217 @@
+import dgram from "node:dgram";
+const MDNS_MULTICAST_ADDR = '224.0.0.251';
+const MDNS_PORT = 5353;
+const MDNS_SERVICE_NAME = '_lobster._tcp.local';
+const DHT_BOOTSTRAP_NODES = [
+    'router.bittorrent.com:6881',
+    'dht.transmissionbt.com:6881',
+    'router.utorrent.com:6881',
+];
+const DISCOVERY_INTERVAL = 60_000;
+const ANNOUNCE_INTERVAL = 30_000;
+export class PeerDiscovery {
+    localDid;
+    localUrl;
+    localPublicKey;
+    peerRegistry = null;
+    db = null;
+    mdnsSocket = null;
+    discoveryTimer = null;
+    announceTimer = null;
+    dhtNodes = new Map();
+    knownDids = new Set();
+    running = false;
+    dhtRoutingTable = new Map();
+    dhtPort;
+    dhtSocket = null;
+    constructor(localDid, localUrl, localPublicKey) {
+        this.localDid = localDid;
+        this.localUrl = localUrl;
+        this.localPublicKey = localPublicKey;
+        this.knownDids.add(localDid);
+        this.dhtPort = 6881 + Math.floor(Math.random() * 1000);
+    }
+    updateIdentity(did, url, publicKey) {
+        this.localDid = did;
+        this.localUrl = url;
+        this.localPublicKey = publicKey;
+        this.knownDids.add(did);
+    }
+    async init(peerRegistry, db) {
+        this.peerRegistry = peerRegistry;
+        this.db = db ?? null;
+        this.running = true;
+        this.startMDNS();
+        this.startDHT();
+        this.discoveryTimer = setInterval(() => { this.scan(); }, DISCOVERY_INTERVAL);
+        this.announceTimer = setInterval(() => { this.announce(); }, ANNOUNCE_INTERVAL);
+        setTimeout(() => this.announce(), 2000);
+    }
+    startMDNS() {
+        try {
+            this.mdnsSocket = dgram.createSocket({ type: 'udp4', reuseAddr: true });
+            this.mdnsSocket.on('message', (msg, rinfo) => { this.handleMDNSMessage(msg, rinfo); });
+            this.mdnsSocket.on('error', () => { });
+            this.mdnsSocket.bind(MDNS_PORT, () => {
+                try {
+                    this.mdnsSocket.addMembership(MDNS_MULTICAST_ADDR);
+                }
+                catch {
+                }
+            });
+        }
+        catch {
+        }
+    }
+    handleMDNSMessage(msg, _rinfo) {
+        try {
+            const payload = JSON.parse(msg.toString());
+            if (payload.service !== MDNS_SERVICE_NAME)
+                return;
+            if (payload.did === this.localDid)
+                return;
+            this.onDiscovery({ did: payload.did, url: payload.url, publicKey: payload.publicKey, source: 'MDNS', discoveredAt: new Date() });
+        }
+        catch { }
+    }
+    announceMDNS() {
+        if (!this.mdnsSocket)
+            return;
+        const announcement = JSON.stringify({
+            service: MDNS_SERVICE_NAME, did: this.localDid, url: this.localUrl,
+            publicKey: this.localPublicKey, timestamp: Date.now(),
+        });
+        try {
+            this.mdnsSocket.send(announcement, MDNS_PORT, MDNS_MULTICAST_ADDR, () => { });
+        }
+        catch { }
+    }
+    startDHT() {
+        try {
+            this.dhtSocket = dgram.createSocket('udp4');
+            this.dhtSocket.on('message', (msg, rinfo) => { this.handleDHTMessage(msg, rinfo); });
+            this.dhtSocket.on('error', () => { });
+            this.dhtSocket.bind(this.dhtPort, () => { this.bootstrapDHT(); });
+        }
+        catch { }
+    }
+    bootstrapDHT() {
+        if (this.db) {
+            this.db.query("SELECT did, url, public_key FROM peer_nodes WHERE status != 'OFFLINE' LIMIT 20")
+                .then((result) => {
+                const rows = result[0]?.result || result[0] || [];
+                for (const row of rows) {
+                    if (row.did !== this.localDid) {
+                        this.dhtNodes.set(row.did, { url: row.url, did: row.did, pubKey: row.public_key || '' });
+                    }
+                }
+            }).catch(() => { });
+        }
+    }
+    handleDHTMessage(msg, rinfo) {
+        try {
+            const payload = JSON.parse(msg.toString());
+            switch (payload.type) {
+                case 'ANNOUNCE':
+                    if (payload.did === this.localDid)
+                        return;
+                    this.dhtNodes.set(payload.did, { url: payload.url, did: payload.did, pubKey: payload.publicKey });
+                    this.dhtRoutingTable.set(payload.did, { host: rinfo.address, port: rinfo.port, lastSeen: new Date() });
+                    this.onDiscovery({ did: payload.did, url: payload.url, publicKey: payload.publicKey, source: 'DHT', discoveredAt: new Date() });
+                    break;
+                case 'FIND_NODE':
+                    this.respondToFindNode(payload, rinfo);
+                    break;
+                case 'NODES':
+                    if (Array.isArray(payload.nodes)) {
+                        for (const node of payload.nodes) {
+                            if (node.did !== this.localDid && !this.knownDids.has(node.did)) {
+                                this.onDiscovery({ did: node.did, url: node.url, publicKey: node.publicKey || '', source: 'DHT', discoveredAt: new Date() });
+                            }
+                        }
+                    }
+                    break;
+            }
+        }
+        catch { }
+    }
+    respondToFindNode(_request, rinfo) {
+        const knownNodes = Array.from(this.dhtNodes.values()).slice(0, 10)
+            .map(n => ({ did: n.did, url: n.url, publicKey: n.pubKey }));
+        const response = JSON.stringify({ type: 'NODES', from: this.localDid, nodes: knownNodes, timestamp: Date.now() });
+        this.dhtSocket?.send(response, rinfo.port, rinfo.address, () => { });
+    }
+    announceDHT() {
+        if (!this.dhtSocket)
+            return;
+        const announcement = JSON.stringify({ type: 'ANNOUNCE', did: this.localDid, url: this.localUrl, publicKey: this.localPublicKey, timestamp: Date.now() });
+        for (const [, entry] of this.dhtRoutingTable) {
+            try {
+                this.dhtSocket.send(announcement, entry.port, entry.host, () => { });
+            }
+            catch { }
+        }
+        for (const bootstrap of DHT_BOOTSTRAP_NODES) {
+            const [host, portStr] = bootstrap.split(':');
+            try {
+                this.dhtSocket.send(announcement, parseInt(portStr), host, () => { });
+            }
+            catch { }
+        }
+    }
+    async onDiscovery(node) {
+        if (this.knownDids.has(node.did))
+            return;
+        this.knownDids.add(node.did);
+        if (this.db) {
+            this.db.query(`INSERT INTO agent_logs {
+                    agent_id: $localDid, type: 'PEER_DISCOVERY', sub_type: $source,
+                    payload: { did: $did, url: $url }, timestamp: time::now()
+                }`, { localDid: this.localDid, source: node.source, did: node.did, url: node.url }).catch(() => { });
+        }
+        if (this.peerRegistry) {
+            const existing = this.peerRegistry.get(node.did);
+            if (!existing || existing.status === 'OFFLINE') {
+                await this.peerRegistry.connect(node.url, node.source === 'MDNS').catch(() => { });
+            }
+        }
+    }
+    announce() {
+        this.announceMDNS();
+        this.announceDHT();
+    }
+    async scan() {
+        if (!this.running)
+            return;
+        this.announceMDNS();
+        if (this.dhtSocket) {
+            const findRequest = JSON.stringify({ type: 'FIND_NODE', from: this.localDid, target: '*', timestamp: Date.now() });
+            for (const [, entry] of this.dhtRoutingTable) {
+                try {
+                    this.dhtSocket.send(findRequest, entry.port, entry.host, () => { });
+                }
+                catch { }
+            }
+        }
+    }
+    getDiscovered() {
+        return Array.from(this.dhtNodes.values()).map(n => ({
+            did: n.did, url: n.url, publicKey: n.pubKey, source: 'DHT', discoveredAt: new Date(),
+        }));
+    }
+    destroy() {
+        this.running = false;
+        if (this.discoveryTimer)
+            clearInterval(this.discoveryTimer);
+        if (this.announceTimer)
+            clearInterval(this.announceTimer);
+        try {
+            this.mdnsSocket?.close();
+        }
+        catch { }
+        try {
+            this.dhtSocket?.close();
+        }
+        catch { }
+    }
+}

package/dist/services/PeerRegistry.d.ts

@@ -0,0 +1,102 @@
+export interface PeerNode {
+    did: string;
+    url: string;
+    publicKey: string;
+    status: 'ONLINE' | 'OFFLINE' | 'CONNECTING';
+    rtt: number;
+    syncCursor: string;
+    lastHeartbeat: Date;
+    retryCount: number;
+    location?: {
+        lat: number;
+        lon: number;
+    };
+    trustScore: number;
+    machineFingerprint?: string;
+    isLocal?: boolean;
+    isLAN?: boolean;
+    jwt?: string;
+    liveQueryId?: string;
+}
+export interface OutboxMessage {
+    id: string;
+    target_did: string;
+    signal_type: string;
+    payload: Record<string, any>;
+    created_at: Date;
+    expire_at: Date;
+    attempts: number;
+    last_error?: string;
+}
+export interface HandshakePayload {
+    did: string;
+    publicKey: string;
+    url: string;
+    machineFingerprint?: string;
+    nodeInfo: {
+        version: string;
+        location?: {
+            lat: number;
+            lon: number;
+        };
+        capabilities: string[];
+    };
+    signature: string;
+    timestamp: number;
+}
+export interface HandshakeResponse {
+    accepted: boolean;
+    did: string;
+    publicKey: string;
+    url: string;
+    machineFingerprint?: string;
+    jwt: string;
+    changefeedCursor: string;
+    location?: {
+        lat: number;
+        lon: number;
+    };
+}
+export declare class PeerRegistry {
+    private peers;
+    private heartbeatTimers;
+    private reconnectTimers;
+    private db;
+    private signalManager;
+    private localDid;
+    private localUrl;
+    private localPublicKey;
+    private localMachineFingerprint;
+    private privateKey;
+    constructor(localDid: string, localUrl: string, localPublicKey: string);
+    init(db: any, signalManager: any): Promise<void>;
+    setPrivateKey(key: string): void;
+    setMachineFingerprint(fingerprint: string): void;
+    updateIdentity(did: string, url: string, publicKey: string): void;
+    private bootstrapSchema;
+    private restoreFromDB;
+    private validateUrl;
+    connect(remoteUrl: string, isLAN?: boolean): Promise<boolean>;
+    acceptHandshake(payload: HandshakePayload): Promise<HandshakeResponse | null>;
+    register(peer: PeerNode): Promise<void>;
+    remove(did: string): Promise<void>;
+    list(): PeerNode[];
+    listOnline(): PeerNode[];
+    get(did: string): PeerNode | undefined;
+    listByDistance(lat: number, lon: number, maxKm?: number): PeerNode[];
+    private haversine;
+    private startHeartbeat;
+    private stopHeartbeat;
+    private sendHeartbeat;
+    private handleHeartbeatFailure;
+    private markOffline;
+    private startReconnect;
+    private stopReconnect;
+    enqueueOutbox(targetDid: string, signalType: string, payload: Record<string, any>): Promise<void>;
+    flushOutbox(targetDid: string): Promise<void>;
+    syncChangeFeed(targetDid: string): Promise<void>;
+    queryTrustChain(targetDid: string, maxDepth?: number): Promise<any[]>;
+    private signPayload;
+    private signJWT;
+    destroy(): void;
+}