npm - solana-messenger-sdk - Versions diffs - 1.5.3 → 1.5.4 - Mend

solana-messenger-sdk 1.5.3 → 1.5.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/README.md +64 -0
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -89,6 +89,70 @@ const conn = new Connection(rpcUrl);
 const sig = await conn.sendRawTransaction(signedTxBytes);
 ```
+### Deployment Patterns
+#### 1. Client-Side (True E2E Encryption)
+Users hold their own encryption key B on-device. Server never sees plaintext. Maximum privacy.
+```
+User Device                          Solana
+├── Wallet key A (or Privy signer)   ├── EncryptionRegistry (pubkey B)
+├── Encryption key B (local)         ├── Messages (encrypted)
+├── SDK: encrypt → sign → send       └── Channels, Servers...
+└── SDK: read → decrypt → display
+```
+#### 2. Server-Managed (Slack/Discord Model)
+Server holds both keys per user. Handles all encryption/decryption, pushes plaintext to clients. Users trust the platform.
+```
+Server (Vercel, etc.)                Solana
+├── Per-user wallet key A (Privy)    ├── EncryptionRegistry (pubkey B)
+├── Per-user encryption key B (DB)   ├── Messages (encrypted)
+├── SDK: encrypt → sign → send       └── Channels, Servers...
+└── SDK: read → decrypt → push to client via WS/API
+```
+```typescript
+// First-time user setup
+const kp = SolanaMessenger.generateEncryptionKeypair();
+await db.users.update(userId, {
+  encryptionSecret: Buffer.from(kp.secretKey).toString("base64"),
+});
+// Per-request: create messenger for this user
+const messenger = new SolanaMessenger({
+  apiKey: process.env.HELIUS_API_KEY!,
+  walletAddress: user.walletAddress,
+  signer: async (tx) => await privy.signTransaction(user.id, tx),
+  encryptionKeypair: Buffer.from(user.encryptionSecret, "base64"),
+});
+await messenger.init();
+// Send on behalf of user
+await messenger.send(recipient, "hello from server");
+// Read, decrypt, push to client
+const messages = await messenger.read({ since: lastSeen });
+ws.send(JSON.stringify(messages)); // plaintext to client
+```
+> ⚠️ **Trust tradeoff:** In this model, the server can read all messages. E2E encryption protects data on-chain and in transit, but not from the platform operator. This is the same model as Slack, Discord, and most chat platforms.
+#### 3. Relayer Only (Gasless Transactions)
+Server just pays gas. Users handle their own encryption client-side. Server never sees keys or plaintext.
+```typescript
+// Relayer endpoint — no SDK, no keys
+app.post("/relay", async (req, res) => {
+  const sig = await conn.sendRawTransaction(req.body.signedTx);
+  res.json({ signature: sig });
+});
+```
 ## API
 ### Direct Messages

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "solana-messenger-sdk",
-  "version": "1.5.3",
+  "version": "1.5.4",
   "description": "TypeScript SDK for Solana Messenger — encrypted agent-to-agent messaging",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",