sealcode 0.3.0 → 1.1.1

package/src/watermark.js

@@ -0,0 +1,212 @@
+'use strict';
+
+/**
+ * Watermarking: inject a per-filetype, traceable comment block at the top
+ * of every unlocked source file. When a watermarked file leaks (pasted
+ * into a Slack DM, posted to pastebin, indexed by an AI scraper), the
+ * comment travels with it — making the leak attributable to a specific
+ * grant + recipient + day.
+ *
+ * Design:
+ *   - The watermark is rendered from a template the OWNER picks at
+ *     `sealcode share` time. Placeholders: {email} {grantId}
+ *     {projectName} {date} {fingerprint}.
+ *   - We bracket the rendered watermark with sentinel lines so re-lock
+ *     can strip it back out idempotently:
+ *         <COMMENT> ==== sealcode watermark — do not remove ====
+ *         <COMMENT> Licensed to bob@x.com · grant gnt_abc · 2026-05-20
+ *         <COMMENT> ==== /sealcode watermark ====
+ *   - On re-lock we re-strip — so the contractor never sees stacked
+ *     watermarks even if they unlock/lock repeatedly.
+ *   - Files whose syntax we don't recognize are left untouched. Better
+ *     to ship a clean file than to break someone's binary asset.
+ *
+ * The watermark adds 3 lines per file. For source code that's nothing;
+ * for assets/binaries we skip entirely.
+ */
+
+const path = require('path');
+
+const SENTINEL_OPEN = '==== sealcode watermark — do not remove ====';
+const SENTINEL_CLOSE = '==== /sealcode watermark ====';
+
+/**
+ * Comment-syntax registry, keyed by lowercased extension WITHOUT the dot.
+ * Each entry is one of:
+ *   { line: '//' }                          → line-comment language
+ *   { open: '<!--', close: '-->' }          → block-only language
+ *   { line: '#' }                           → shell / python / yaml / etc.
+ *   { line: '--' }                          → sql / haskell
+ *   { line: ';' }                           → ini / lisp / asm
+ *
+ * Unknown extensions are skipped (watermark not applied).
+ */
+const SYNTAX = {
+  // Curly-brace family
+  js: { line: '//' }, mjs: { line: '//' }, cjs: { line: '//' },
+  jsx: { line: '//' }, ts: { line: '//' }, tsx: { line: '//' },
+  go: { line: '//' }, rs: { line: '//' },
+  c: { line: '//' }, h: { line: '//' }, cc: { line: '//' },
+  cpp: { line: '//' }, hpp: { line: '//' },
+  cs: { line: '//' }, java: { line: '//' }, kt: { line: '//' },
+  swift: { line: '//' }, scala: { line: '//' }, dart: { line: '//' },
+  groovy: { line: '//' }, gradle: { line: '//' },
+  php: { line: '//' },
+
+  // Hash-comment family
+  py: { line: '#' }, rb: { line: '#' }, pl: { line: '#' }, pm: { line: '#' },
+  sh: { line: '#' }, bash: { line: '#' }, zsh: { line: '#' }, fish: { line: '#' },
+  yaml: { line: '#' }, yml: { line: '#' }, toml: { line: '#' },
+  conf: { line: '#' }, env: { line: '#' }, dockerfile: { line: '#' },
+  makefile: { line: '#' }, mk: { line: '#' },
+  r: { line: '#' }, ex: { line: '#' }, exs: { line: '#' },
+  nim: { line: '#' },
+
+  // Double-dash
+  sql: { line: '--' }, hs: { line: '--' }, lua: { line: '--' },
+
+  // Semicolon
+  ini: { line: ';' }, lisp: { line: ';' }, asm: { line: ';' },
+
+  // Block-only
+  html: { open: '<!--', close: '-->' },
+  htm: { open: '<!--', close: '-->' },
+  xml: { open: '<!--', close: '-->' },
+  svg: { open: '<!--', close: '-->' },
+  vue: { open: '<!--', close: '-->' },
+  css: { open: '/*', close: '*/' },
+  scss: { open: '/*', close: '*/' },
+  sass: { open: '/*', close: '*/' },
+  less: { open: '/*', close: '*/' },
+};
+
+function syntaxFor(filePath) {
+  const base = path.basename(filePath).toLowerCase();
+  // Dotfile? .env → "env"; .bashrc → "bash"
+  if (base.startsWith('.')) {
+    const noDot = base.slice(1).split('.')[0];
+    if (SYNTAX[noDot]) return SYNTAX[noDot];
+  }
+  // Magic basename (no extension): Dockerfile, Makefile
+  if (SYNTAX[base]) return SYNTAX[base];
+  const ext = path.extname(base).slice(1);
+  return SYNTAX[ext] || null;
+}
+
+/**
+ * Render the placeholder string against the per-recipient context.
+ * Unknown placeholders are left as literal text — the owner can use them
+ * for non-watermark content if they want.
+ */
+function renderTemplate(template, ctx) {
+  if (!template) return '';
+  return String(template).replace(/\{(\w+)\}/g, (match, key) =>
+    Object.prototype.hasOwnProperty.call(ctx, key) ? String(ctx[key] ?? '') : match,
+  );
+}
+
+/**
+ * Build the watermark text block for a given syntax. Returns the bytes
+ * to PREPEND to a source file's plaintext. Returns null if the syntax
+ * is unknown (caller should skip the file).
+ *
+ * Idempotency invariant: stripWatermark(applyWatermark(x, ...)) === x
+ * for any x that doesn't already contain our sentinels.
+ */
+function buildWatermarkBlock(template, ctx, syntax) {
+  const rendered = renderTemplate(template, ctx);
+  if (!syntax) return null;
+  const lines = [];
+  const body = [SENTINEL_OPEN, ...rendered.split(/\r?\n/), SENTINEL_CLOSE];
+  if (syntax.line) {
+    for (const l of body) lines.push(`${syntax.line} ${l}`);
+  } else {
+    lines.push(syntax.open);
+    for (const l of body) lines.push(`  ${l}`);
+    lines.push(syntax.close);
+  }
+  return lines.join('\n') + '\n';
+}
+
+/**
+ * Apply the watermark to plaintext. Strips any pre-existing watermark
+ * block first to keep us idempotent across repeat unlock/lock cycles.
+ *
+ * @param {Buffer|string} plaintext  file contents
+ * @param {string}        filePath   relative path (drives syntax detection)
+ * @param {string}        template   watermark template (with {placeholders})
+ * @param {object}        ctx        substitutions
+ * @returns {Buffer} plaintext with watermark prepended, OR the original
+ *                   plaintext unchanged if we can't watermark (binary
+ *                   file / unknown syntax).
+ */
+function applyWatermark(plaintext, filePath, template, ctx) {
+  const syntax = syntaxFor(filePath);
+  if (!syntax) return Buffer.isBuffer(plaintext) ? plaintext : Buffer.from(plaintext);
+  // Heuristic binary detection: any NUL byte in the first 8KB → skip.
+  // Avoids corrupting PNGs, .wasm, etc. if they slip past extension check.
+  const buf = Buffer.isBuffer(plaintext) ? plaintext : Buffer.from(plaintext);
+  const sniff = buf.subarray(0, Math.min(8192, buf.length));
+  if (sniff.includes(0)) return buf;
+
+  const stripped = stripWatermark(buf, filePath);
+  const block = buildWatermarkBlock(template, ctx, syntax);
+  if (!block) return stripped;
+  return Buffer.concat([Buffer.from(block, 'utf8'), stripped]);
+}
+
+/**
+ * Remove any sealcode watermark block we previously injected. Safe to
+ * call on un-watermarked files — they pass through unchanged. Called
+ * by the lock pipeline so the encrypted blob never persists a watermark
+ * (which would double up on next unlock).
+ *
+ * NB: we work with BYTE offsets on the Buffer (not string offsets)
+ * because the sentinel contains a UTF-8 em-dash (`—`, 3 bytes) — using
+ * String#indexOf would return a char offset that doesn't line up with
+ * Buffer slicing on multi-byte text.
+ */
+function stripWatermark(plaintext, filePath) {
+  const syntax = syntaxFor(filePath);
+  const buf = Buffer.isBuffer(plaintext) ? plaintext : Buffer.from(plaintext);
+  if (!syntax) return buf;
+  // Watermark is always at the very top — bound the search to ~4 KB.
+  const search = buf.subarray(0, Math.min(4096, buf.length));
+  const openBuf = Buffer.from(SENTINEL_OPEN, 'utf8');
+  const closeBuf = Buffer.from(SENTINEL_CLOSE, 'utf8');
+  const openIdx = search.indexOf(openBuf);
+  if (openIdx === -1) return buf;
+  const closeIdx = search.indexOf(closeBuf, openIdx + openBuf.length);
+  if (closeIdx === -1) return buf;
+  // End of the line containing the close sentinel.
+  let lineEnd = search.indexOf(0x0a, closeIdx); // '\n'
+  if (lineEnd === -1) lineEnd = search.length - 1;
+  let after = lineEnd + 1;
+  // For block-comment syntaxes, also swallow the closing marker on the
+  // following line (e.g. `*/` for css, `-->` for html).
+  if (syntax.close && !syntax.line) {
+    const closeMarker = Buffer.from(syntax.close, 'utf8');
+    // Trim leading whitespace bytes for matching
+    let scan = after;
+    while (scan < buf.length && (buf[scan] === 0x20 || buf[scan] === 0x09)) scan += 1;
+    if (
+      scan < buf.length &&
+      buf.subarray(scan, scan + closeMarker.length).equals(closeMarker)
+    ) {
+      let nlAfter = buf.indexOf(0x0a, scan + closeMarker.length);
+      if (nlAfter === -1) nlAfter = buf.length - 1;
+      after = nlAfter + 1;
+    }
+  }
+  return buf.subarray(after);
+}
+
+module.exports = {
+  SENTINEL_OPEN,
+  SENTINEL_CLOSE,
+  syntaxFor,
+  renderTemplate,
+  buildWatermarkBlock,
+  applyWatermark,
+  stripWatermark,
+};