pal-explorer-cli 0.4.0

package/lib/core/bitfieldStore.js

@@ -0,0 +1,53 @@
+import { readFileSync, writeFileSync, mkdirSync, existsSync, unlinkSync, readdirSync } from 'fs';
+import { join } from 'path';
+import { homedir } from 'os';
+
+const STORE_DIR = join(homedir(), '.palexplorer', 'bitfields');
+
+function ensureDir() {
+  if (!existsSync(STORE_DIR)) mkdirSync(STORE_DIR, { recursive: true });
+}
+
+function keyFor(infoHash) {
+  return join(STORE_DIR, `${infoHash}.bf`);
+}
+
+export function saveBitfield(infoHash, bitfield) {
+  ensureDir();
+  const data = Buffer.isBuffer(bitfield) ? bitfield : Buffer.from(bitfield);
+  const header = Buffer.alloc(8);
+  header.writeUInt32LE(1, 0); // version
+  header.writeUInt32LE(data.length, 4);
+  writeFileSync(keyFor(infoHash), Buffer.concat([header, data]));
+}
+
+export function loadBitfield(infoHash) {
+  const path = keyFor(infoHash);
+  if (!existsSync(path)) return null;
+  try {
+    const raw = readFileSync(path);
+    if (raw.length < 8) return null;
+    const version = raw.readUInt32LE(0);
+    const len = raw.readUInt32LE(4);
+    if (version !== 1 || raw.length < 8 + len) return null;
+    return raw.subarray(8, 8 + len);
+  } catch {
+    return null;
+  }
+}
+
+export function removeBitfield(infoHash) {
+  const path = keyFor(infoHash);
+  if (existsSync(path)) {
+    try { unlinkSync(path); } catch {}
+  }
+}
+
+export function clearAllBitfields() {
+  ensureDir();
+  for (const file of readdirSync(STORE_DIR)) {
+    if (file.endsWith('.bf')) {
+      try { unlinkSync(join(STORE_DIR, file)); } catch {}
+    }
+  }
+}

package/lib/core/connectionManager.js

@@ -0,0 +1,182 @@
+import config from '../utils/config.js';
+import { getServers, getHealthyPrimary, checkServer, replayOfflineQueue } from './discoveryClient.js';
+import { refreshServerList, healthCheckServers, setHealthSortedServers } from './serverList.js';
+import { PROTOCOL_NAME, PROTOCOL_VERSION } from '../protocol/index.js';
+
+let connectionState = {
+  status: 'disconnected', // 'connecting' | 'connected' | 'disconnected'
+  servers: [],
+  connectedCount: 0,
+  heartbeatTimer: null,
+  healthTimer: null,
+  consecutiveFailures: 0,
+};
+
+const primaryChangedListeners = [];
+
+export function onPrimaryChanged(callback) {
+  primaryChangedListeners.push(callback);
+  return () => { const i = primaryChangedListeners.indexOf(callback); if (i !== -1) primaryChangedListeners.splice(i, 1); };
+}
+
+function emitPrimaryChanged(oldServer, newServer) {
+  for (const cb of primaryChangedListeners) {
+    try { cb({ oldServer, newServer }); } catch {}
+  }
+}
+
+async function updateHealthSorted() {
+  const servers = getServers();
+  const checks = await healthCheckServers(servers);
+  const reachable = checks.filter(c => c.reachable);
+  reachable.sort((a, b) => a.latencyMs - b.latencyMs);
+  const sorted = reachable.map(c => c.url);
+  setHealthSortedServers(sorted);
+  connectionState.servers = checks;
+  connectionState.connectedCount = reachable.length;
+  return { checks, sorted };
+}
+
+export function getConnectionState() {
+  return {
+    status: connectionState.status,
+    servers: connectionState.servers,
+    connectedCount: connectionState.connectedCount,
+    protocol: connectionState.protocol || null,
+    protocolVersion: connectionState.protocolVersion || null,
+  };
+}
+
+export async function connect({ onProgress } = {}) {
+  if (connectionState.status === 'connected') return getConnectionState();
+  connectionState.status = 'connecting';
+
+  // Step 1: Fetch server list
+  onProgress?.('Fetching server list...', 10);
+  try {
+    await refreshServerList((step) => onProgress?.(step, 15));
+  } catch {}
+
+  // Step 2: Health check servers and sort by latency
+  onProgress?.('Checking server health...', 20);
+  const { checks, sorted } = await updateHealthSorted();
+  const reachable = checks.filter(c => c.reachable);
+
+  if (reachable.length === 0) {
+    onProgress?.('No servers reachable', 25);
+  } else {
+    onProgress?.(`Connected to ${reachable.length} server(s)`, 30);
+  }
+
+  // Step 3: Start heartbeat
+  onProgress?.('Starting heartbeat...', 40);
+  const identity = config.get('identity');
+  const device = config.get('device');
+  if (identity?.handle && device?.id) {
+    startHeartbeat(identity.handle, device.id);
+  }
+
+  // Step 4: Start DHT
+  onProgress?.('Announcing presence...', 55);
+  try {
+    if (identity?.handle && identity?.publicKey) {
+      const { DHTDiscovery } = await import('./dhtDiscovery.js');
+      const dht = new DHTDiscovery();
+      await dht.publish(identity.handle, identity.publicKey, identity.privateKey || '');
+      dht.destroy();
+    }
+  } catch {}
+
+  // Step 5: Replay offline queue
+  onProgress?.('Replaying offline queue...', 65);
+  try {
+    await replayOfflineQueue();
+  } catch {}
+
+  // Step 6: Start periodic health monitoring (every 5 minutes)
+  startHealthMonitor();
+
+  connectionState.status = 'connected';
+  connectionState.protocol = PROTOCOL_NAME;
+  connectionState.protocolVersion = PROTOCOL_VERSION;
+  onProgress?.('Connected', 70);
+  return getConnectionState();
+}
+
+export async function disconnect() {
+  if (connectionState.heartbeatTimer) {
+    clearInterval(connectionState.heartbeatTimer);
+    connectionState.heartbeatTimer = null;
+  }
+  if (connectionState.healthTimer) {
+    clearInterval(connectionState.healthTimer);
+    connectionState.healthTimer = null;
+  }
+
+  // Unannounce from discovery
+  const identity = config.get('identity');
+  if (identity?.handle) {
+    const server = getHealthyPrimary();
+    try {
+      await fetch(`${server}/api/v1/unannounce`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ handle: identity.handle }),
+        signal: AbortSignal.timeout(3000),
+      });
+    } catch {}
+  }
+
+  connectionState.status = 'disconnected';
+  connectionState.servers = [];
+  connectionState.connectedCount = 0;
+  connectionState.consecutiveFailures = 0;
+  setHealthSortedServers(null);
+  return getConnectionState();
+}
+
+function startHeartbeat(handle, deviceId) {
+  if (connectionState.heartbeatTimer) clearInterval(connectionState.heartbeatTimer);
+  const beat = async () => {
+    const server = getHealthyPrimary();
+    try {
+      const res = await fetch(`${server}/api/v1/heartbeat`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ handle, deviceId }),
+        signal: AbortSignal.timeout(5000),
+      });
+      if (res.ok) {
+        connectionState.consecutiveFailures = 0;
+      } else {
+        connectionState.consecutiveFailures++;
+      }
+    } catch {
+      connectionState.consecutiveFailures++;
+    }
+    // After 3 consecutive failures, re-check health and failover
+    if (connectionState.consecutiveFailures >= 3) {
+      const oldPrimary = server;
+      await updateHealthSorted();
+      const newPrimary = getHealthyPrimary();
+      connectionState.consecutiveFailures = 0;
+      if (newPrimary !== oldPrimary) {
+        emitPrimaryChanged(oldPrimary, newPrimary);
+      }
+    }
+  };
+  beat();
+  connectionState.heartbeatTimer = setInterval(beat, 60000);
+}
+
+function startHealthMonitor() {
+  if (connectionState.healthTimer) clearInterval(connectionState.healthTimer);
+  connectionState.healthTimer = setInterval(async () => {
+    const oldPrimary = getHealthyPrimary();
+    await updateHealthSorted();
+    const newPrimary = getHealthyPrimary();
+    if (newPrimary !== oldPrimary) {
+      emitPrimaryChanged(oldPrimary, newPrimary);
+    }
+  }, 5 * 60 * 1000);
+}

package/lib/core/dhtDiscovery.js

@@ -0,0 +1,148 @@
+import DHT from 'bittorrent-dht';
+import crypto from 'crypto';
+import sodium from 'sodium-native';
+import config from '../utils/config.js';
+import { fetchTurnCredentials } from './discoveryClient.js';
+
+const DEFAULT_BOOTSTRAP = [
+  'router.bittorrent.com:6881',
+  'dht.transmissionbt.com:6881',
+  'router.utorrent.com:6881',
+];
+
+function getRelayConfig() {
+  const settings = config.get('settings') || {};
+  return {
+    bootstrap: (settings.bootstrapNodes && settings.bootstrapNodes.length > 0)
+      ? settings.bootstrapNodes
+      : (settings.dht_bootstrap || DEFAULT_BOOTSTRAP),
+    stunServers: settings.stunServers || settings.stun_servers || ['stun:stun.l.google.com:19302'],
+    turnServers: settings.turn_servers || [],
+  };
+}
+
+// BEP 44 mutable puts use Ed25519 signatures at the DHT protocol level.
+// The DHT key is SHA-1(publicKey + salt), but the DATA is signed —
+// an attacker cannot replace values without the owner's private key.
+
+function sodiumVerify(signature, value, publicKey) {
+  try {
+    if (publicKey.length !== sodium.crypto_sign_PUBLICKEYBYTES) return false;
+    if (signature.length !== sodium.crypto_sign_BYTES) return false;
+    return sodium.crypto_sign_verify_detached(signature, value, publicKey);
+  } catch {
+    return false;
+  }
+}
+
+// Convert sodium Ed25519 secret key (64 bytes) to the 32-byte seed that
+// bittorrent-dht's ed25519-supercop sign() expects, plus extract the 32-byte pk.
+function extractKeyPair(secretKeyHex) {
+  const sk = Buffer.from(secretKeyHex, 'hex');
+  if (sk.length !== sodium.crypto_sign_SECRETKEYBYTES) {
+    throw new Error(`Invalid secret key length: expected ${sodium.crypto_sign_SECRETKEYBYTES}, got ${sk.length}`);
+  }
+  // sodium Ed25519 sk = seed(32) || pk(32)
+  const pk = sk.subarray(32, 64);
+  return { pk, sk };
+}
+
+export class DHTDiscovery {
+  constructor(opts = {}) {
+    const relay = getRelayConfig();
+    const dhtOpts = { verify: sodiumVerify, ...opts };
+    if (!dhtOpts.bootstrap && relay.bootstrap.length) {
+      dhtOpts.bootstrap = relay.bootstrap;
+    }
+    this.relayConfig = relay;
+    this.dht = new DHT(dhtOpts);
+    this.ready = new Promise((resolve, reject) => {
+      this.dht.once('ready', () => {
+        this.dht.on('error', (err) => {
+          console.error('DHT error:', err.message);
+        });
+        resolve();
+      });
+      this.dht.once('error', reject);
+    });
+  }
+
+  async publish(handle, publicKey, privateKey) {
+    await this.ready;
+    const { pk, sk } = extractKeyPair(privateKey);
+    const value = Buffer.from(JSON.stringify({ handle, publicKey, timestamp: Date.now() }));
+
+    if (value.length > 1000) {
+      throw new Error('DHT payload too large (max 1000 bytes for BEP 44)');
+    }
+
+    const salt = Buffer.from(`pal:${handle}`);
+
+    return new Promise((resolve, reject) => {
+      this.dht.put({
+        k: pk,
+        v: value,
+        seq: Math.floor(Date.now() / 1000),
+        salt,
+        sign: (buf) => {
+          const sig = Buffer.alloc(sodium.crypto_sign_BYTES);
+          sodium.crypto_sign_detached(sig, buf, sk);
+          return sig;
+        },
+      }, (err, hash) => {
+        if (err) return reject(err);
+        resolve(hash.toString('hex'));
+      });
+    });
+  }
+
+  async resolve(handle, knownPublicKeyHex) {
+    await this.ready;
+
+    // For mutable lookups, we need the target hash = SHA-1(pk + salt)
+    // If we know the public key, we can compute the target directly
+    if (!knownPublicKeyHex) return null;
+
+    const pk = Buffer.from(knownPublicKeyHex, 'hex');
+    if (pk.length !== sodium.crypto_sign_PUBLICKEYBYTES) return null;
+
+    const salt = Buffer.from(`pal:${handle}`);
+    const target = crypto.createHash('sha1').update(Buffer.concat([pk, salt])).digest();
+
+    return new Promise((resolve) => {
+      this.dht.get(target, (err, result) => {
+        if (err || !result || !result.v) return resolve(null);
+        try {
+          const data = JSON.parse(result.v.toString());
+          if (data.handle !== handle) return resolve(null);
+          // Signature already verified by DHT layer (verify callback)
+          resolve(data);
+        } catch { resolve(null); }
+      });
+    });
+  }
+
+  getRelayServers() {
+    return {
+      stunServers: this.relayConfig.stunServers,
+      turnServers: this.relayConfig.turnServers,
+    };
+  }
+
+  async getRelayServersWithTurn() {
+    const base = this.getRelayServers();
+    const creds = await fetchTurnCredentials();
+    if (creds) {
+      base.turnServers = creds.urls.map(url => ({
+        urls: url,
+        username: creds.username,
+        credential: creds.credential,
+      }));
+    }
+    return base;
+  }
+
+  destroy() {
+    this.dht.destroy();
+  }
+}