soulprint-network 0.4.3 → 0.4.4

package/dist/code-hash.json

@@ -1,8 +1,8 @@
 {
-  "codeHash": "7f708d77d85f66abb7951d5e2761d23b3f07a64c5e71fdb4db02d6bdb958bbd9",
-  "codeHashHex": "0x7f708d77d85f66abb7951d5e2761d23b3f07a64c5e71fdb4db02d6bdb958bbd9",
-  "computedAt": "2026-03-01T01:59:34.396Z",
-  "fileCount": 21,
+  "codeHash": "39a29e119e7cb485d5b7dc5bdbe1533318617ec05a4fc4da321c94253da9d7f9",
+  "codeHashHex": "0x39a29e119e7cb485d5b7dc5bdbe1533318617ec05a4fc4da321c94253da9d7f9",
+  "computedAt": "2026-03-01T02:07:26.276Z",
+  "fileCount": 22,
   "files": [
     "blockchain/PeerRegistryClient.ts",
     "blockchain/blockchain-anchor.ts",
@@ -24,6 +24,7 @@
     "p2p.ts",
     "peer-challenge.ts",
     "server.ts",
+    "state/StateStore.ts",
     "validator.ts"
   ]
 }

package/dist/server.js

@@ -6,7 +6,8 @@
  *  1. HTTP server (port 4888)    — clientes y legado
  *  2. libp2p P2P node (port 6888) — Kademlia DHT + GossipSub + mDNS
  */
-import { startValidatorNode, setP2PNode, setPeerRegistryClient } from "./validator.js";
+import { startValidatorNode, setP2PNode, setPeerRegistryClient, getNodeState, setLastSyncTs } from "./validator.js";
+import { computeHash, saveState } from "./state/StateStore.js";
 import { createSoulprintP2PNode, MAINNET_BOOTSTRAP, stopP2PNode } from "./p2p.js";
 import { PeerRegistryClient } from "./blockchain/PeerRegistryClient.js";
 // ─── Config ──────────────────────────────────────────────────────────────────
@@ -148,6 +149,58 @@ if (httpBootstraps.length > 0) {
         }
     }, 2_000);
 }
+// ─── Anti-entropy sync loop (v0.4.4) ─────────────────────────────────────────
+// Every 60 seconds: compare state hash with each known peer.
+// If diverged, fetch full state and merge locally.
+setInterval(async () => {
+    const { nullifiers, repStore, peers: knownPeers } = getNodeState();
+    if (knownPeers.length === 0)
+        return;
+    const localHash = computeHash(Object.keys(nullifiers));
+    for (const peerUrl of knownPeers) {
+        try {
+            const hashRes = await fetch(`${peerUrl}/state/hash`, { signal: AbortSignal.timeout(5_000) });
+            if (!hashRes.ok)
+                continue;
+            const hashData = await hashRes.json();
+            const peerHash = hashData.hash;
+            if (peerHash === localHash) {
+                console.log(`[sync] peer ${peerUrl}: hash match ✅`);
+                continue;
+            }
+            // Hashes differ — fetch full state and merge
+            const exportRes = await fetch(`${peerUrl}/state/export`, { signal: AbortSignal.timeout(10_000) });
+            if (!exportRes.ok) {
+                console.warn(`[sync] peer ${peerUrl}: export failed (${exportRes.status})`);
+                continue;
+            }
+            const peerState = await exportRes.json();
+            const mergeRes = await fetch(`http://localhost:${HTTP_PORT}/state/merge`, {
+                method: "POST",
+                headers: { "Content-Type": "application/json" },
+                body: JSON.stringify(peerState),
+                signal: AbortSignal.timeout(5_000),
+            });
+            const merged = await mergeRes.json();
+            console.log(`[sync] peer ${peerUrl}: diverged → merged ${merged.new_nullifiers ?? 0} nullifiers, ${merged.new_attestations ?? 0} attestations`);
+            // Persist updated state
+            const { nullifiers: n2, repStore: r2, peers: p2 } = getNodeState();
+            const ts = Date.now();
+            saveState({
+                nullifiers: Object.keys(n2),
+                reputation: Object.fromEntries(Object.entries(r2).map(([d, e]) => [d, e.score])),
+                attestations: Object.values(r2).flatMap((e) => e.attestations ?? []),
+                peers: p2,
+                lastSync: ts,
+                stateHash: computeHash(Object.keys(n2)),
+            }, 0);
+            setLastSyncTs(ts);
+        }
+        catch (e) {
+            console.warn(`[sync] peer ${peerUrl}: error — ${e.message}`);
+        }
+    }
+}, 60_000);
 // ─── Graceful shutdown ────────────────────────────────────────────────────────
 async function shutdown(signal) {
     console.log(`\n${signal} recibido — cerrando...`);

package/dist/state/StateStore.d.ts

@@ -0,0 +1,22 @@
+export interface StoredAttestation {
+    issuer_did: string;
+    target_did: string;
+    value: number;
+    context: string;
+    timestamp: number;
+    sig: string;
+}
+export interface NodeState {
+    nullifiers: string[];
+    reputation: Record<string, number>;
+    attestations: StoredAttestation[];
+    peers: string[];
+    lastSync: number;
+    stateHash: string;
+}
+/** sha256(JSON.stringify(nullifiers.sort())) */
+export declare function computeHash(nullifiers: string[]): string;
+/** Load state from disk. Returns default if file missing or corrupt. */
+export declare function loadState(): NodeState;
+/** Write state to disk — debounced 2 s by default. */
+export declare function saveState(state: NodeState, debounceMs?: number): void;

package/dist/state/StateStore.js

@@ -0,0 +1,61 @@
+/**
+ * StateStore — persistent state for P2P sync
+ * Saves/loads full node state to disk with debounced writes.
+ */
+import { createHash } from "node:crypto";
+import { readFileSync, writeFileSync, existsSync, mkdirSync } from "node:fs";
+import { dirname, join } from "node:path";
+import { homedir } from "node:os";
+const STATE_PATH = process.env.SOULPRINT_STATE_PATH
+    ?? join(homedir(), ".soulprint", "node", "state.json");
+const DEFAULT_STATE = {
+    nullifiers: [],
+    reputation: {},
+    attestations: [],
+    peers: [],
+    lastSync: 0,
+    stateHash: "",
+};
+let saveTimer = null;
+/** sha256(JSON.stringify(nullifiers.sort())) */
+export function computeHash(nullifiers) {
+    const sorted = [...nullifiers].sort();
+    return createHash("sha256").update(JSON.stringify(sorted)).digest("hex");
+}
+/** Load state from disk. Returns default if file missing or corrupt. */
+export function loadState() {
+    if (!existsSync(STATE_PATH)) {
+        return { ...DEFAULT_STATE, stateHash: computeHash([]) };
+    }
+    try {
+        const raw = JSON.parse(readFileSync(STATE_PATH, "utf8"));
+        const nullifiers = raw.nullifiers ?? [];
+        return {
+            nullifiers,
+            reputation: raw.reputation ?? {},
+            attestations: raw.attestations ?? [],
+            peers: raw.peers ?? [],
+            lastSync: raw.lastSync ?? 0,
+            stateHash: raw.stateHash ?? computeHash(nullifiers),
+        };
+    }
+    catch {
+        return { ...DEFAULT_STATE, stateHash: computeHash([]) };
+    }
+}
+/** Write state to disk — debounced 2 s by default. */
+export function saveState(state, debounceMs = 2000) {
+    if (saveTimer)
+        clearTimeout(saveTimer);
+    saveTimer = setTimeout(() => {
+        try {
+            const dir = dirname(STATE_PATH);
+            if (!existsSync(dir))
+                mkdirSync(dir, { recursive: true, mode: 0o700 });
+            writeFileSync(STATE_PATH, JSON.stringify(state, null, 2));
+        }
+        catch (e) {
+            console.error("[state] Failed to save state:", e);
+        }
+    }, debounceMs);
+}

package/dist/validator.d.ts

@@ -21,6 +21,18 @@ export declare function setPeerRegistryClient(client: PeerRegistryClient): void;
  *  2. Desde ese momento, gossipAttestation() también publica por P2P
  */
 export declare function setP2PNode(node: SoulprintP2PNode): void;
+/**
+ * Per-DID reputation: score (0-20) + attestation history.
+ * Persisted to disk - survives node restarts.
+ */
+interface ReputeEntry {
+    score: number;
+    base: number;
+    attestations: BotAttestation[];
+    last_updated: number;
+    identityScore: number;
+    hasDocumentVerified: boolean;
+}
 /**
  * Aplica una nueva attestation al DID objetivo y persiste.
  *
@@ -50,3 +62,14 @@ export declare function getBotReputation(nodeUrl: string, did: string): Promise<
 export declare function getNodeInfo(nodeUrl: string): Promise<any>;
 export declare const BOOTSTRAP_NODES: string[];
 export { applyAttestation };
+/** Used by anti-entropy loop in server.ts */
+export declare function getNodeState(): {
+    nullifiers: Record<string, {
+        did: string;
+        verified_at: number;
+    }>;
+    repStore: Record<string, ReputeEntry>;
+    peers: string[];
+    lastSyncTs: number;
+};
+export declare function setLastSyncTs(ts: number): void;

package/dist/validator.js

@@ -2,6 +2,7 @@ import { createServer } from "node:http";
 import { readFileSync, writeFileSync, existsSync, mkdirSync } from "node:fs";
 import { join } from "node:path";
 import { homedir } from "node:os";
+import { computeHash, loadState, saveState } from "./state/StateStore.js";
 import { generateKeypair, keypairFromPrivateKey, decodeToken, sign, createToken, TOKEN_LIFETIME_SECONDS, TOKEN_RENEW_PREEMPTIVE_SECS, TOKEN_RENEW_GRACE_SECS, TOKEN_RENEW_COOLDOWN_SECS, NonceStore, verifyAttestation, computeReputation, defaultReputation, PROTOCOL, PROTOCOL_HASH, isProtocolHashCompatible, computeTotalScoreWithFloor, checkFarming, recordApprovedGain, recordFarmingStrike, loadAuditStore, exportAuditStore, } from "soulprint-core";
 import { verifyProof, deserializeProof } from "soulprint-zkp";
 import { buildChallengeResponse, verifyPeerBehavior, } from "./peer-challenge.js";
@@ -206,6 +207,8 @@ function applyAttestation(att) {
     saveReputation();
     return { score: finalRepScore, attestations: allAtts.length, last_updated: rep.last_updated };
 }
+// ── P2P state sync metadata ───────────────────────────────────────────────────
+let lastSyncTs = 0; // timestamp (ms) of last successful anti-entropy sync
 // ── Peers registry (P2P gossip) ───────────────────────────────────────────────
 let peers = []; // URLs de otros nodos (ej: "http://node2.example.com:4888")
 function loadPeers() {
@@ -242,6 +245,9 @@ async function gossipAttestation(att, excludeUrl) {
     if (targets.length < peers.length - (excludeUrl ? 1 : 0)) {
         console.log(routingStats(peers.length, targets.length, att.target_did));
     }
+    if (targets.length > 0) {
+        console.log(`[gossip] broadcasted to ${targets.length} peers`);
+    }
     // Cifrar el payload con AES-256-GCM antes de enviar
     // Solo nodos con PROTOCOL_HASH correcto pueden descifrar
     const encrypted = encryptGossip({ attestation: att, from_peer: true });
@@ -831,6 +837,30 @@ function handleNullifierCheck(res, nullifier) {
 }
 // ── Server ────────────────────────────────────────────────────────────────────
 export function startValidatorNode(port = PORT) {
+    // ── Load persistent state from disk (v0.4.4) ───────────────────────────────
+    const persisted = loadState();
+    if (persisted.nullifiers.length > 0 || Object.keys(persisted.reputation).length > 0) {
+        console.log(`[state] Loaded ${persisted.nullifiers.length} nullifiers, ${Object.keys(persisted.reputation).length} reputation entries from disk`);
+        // Merge persisted nullifiers into in-memory store
+        for (const n of persisted.nullifiers) {
+            if (!nullifiers[n]) {
+                nullifiers[n] = { did: `did:soulprint:recovered:${n.slice(0, 8)}`, verified_at: persisted.lastSync || Date.now() };
+            }
+        }
+        // Merge persisted reputation
+        for (const [did, score] of Object.entries(persisted.reputation)) {
+            if (!repStore[did]) {
+                repStore[did] = {
+                    score,
+                    base: 10,
+                    attestations: [],
+                    last_updated: persisted.lastSync || Date.now(),
+                    identityScore: 0,
+                    hasDocumentVerified: false,
+                };
+            }
+        }
+    }
     loadNullifiers();
     loadReputation();
     loadPeers();
@@ -1044,6 +1074,9 @@ export function startValidatorNode(port = PORT) {
                 total_peers: Math.max(httpPeers, libp2pPeers),
                 // on-chain registered peers (PeerRegistry)
                 registered_peers: registeredPeers,
+                // state sync (v0.4.4)
+                state_hash: computeHash(Object.keys(nullifiers)).slice(0, 16) + "...",
+                last_sync: lastSyncTs,
                 // estado general
                 uptime_ms: Date.now() - (globalThis._startTime ?? Date.now()),
                 timestamp: Date.now(),
@@ -1052,6 +1085,106 @@ export function startValidatorNode(port = PORT) {
         }
         if (cleanUrl === "/verify" && req.method === "POST")
             return handleVerify(req, res, nodeKeypair, ip);
+        // ── State sync endpoints (v0.4.4) ─────────────────────────────────────────
+        // GET /state/hash — quick hash comparison for anti-entropy
+        if (cleanUrl === "/state/hash" && req.method === "GET") {
+            const currentNullifiers = Object.keys(nullifiers);
+            const hash = computeHash(currentNullifiers);
+            return json(res, 200, {
+                hash,
+                nullifier_count: currentNullifiers.length,
+                reputation_count: Object.keys(repStore).length,
+                attestation_count: Object.values(repStore).reduce((n, e) => n + (e.attestations?.length ?? 0), 0),
+                timestamp: Date.now(),
+            });
+        }
+        // GET /state/export — full state export for sync
+        if (cleanUrl === "/state/export" && req.method === "GET") {
+            const allAttestations = Object.values(repStore).flatMap(e => e.attestations ?? []);
+            return json(res, 200, {
+                nullifiers: Object.keys(nullifiers),
+                reputation: Object.fromEntries(Object.entries(repStore).map(([did, e]) => [did, e.score])),
+                attestations: allAttestations,
+                peers,
+                lastSync: lastSyncTs,
+                stateHash: computeHash(Object.keys(nullifiers)),
+                timestamp: Date.now(),
+            });
+        }
+        // POST /state/merge — merge partial state from a peer
+        if (cleanUrl === "/state/merge" && req.method === "POST") {
+            let body;
+            try {
+                body = await readBody(req);
+            }
+            catch (e) {
+                return json(res, 400, { error: e.message });
+            }
+            const incoming = body ?? {};
+            let newNullifiers = 0;
+            let newAttestations = 0;
+            // Merge nullifiers (union)
+            if (Array.isArray(incoming.nullifiers)) {
+                for (const n of incoming.nullifiers) {
+                    if (typeof n === "string" && !nullifiers[n]) {
+                        nullifiers[n] = { did: `did:soulprint:synced:${n.slice(0, 8)}`, verified_at: Date.now() };
+                        newNullifiers++;
+                    }
+                }
+                if (newNullifiers > 0)
+                    saveNullifiers();
+            }
+            // Merge reputation (take max score)
+            if (incoming.reputation && typeof incoming.reputation === "object") {
+                for (const [did, score] of Object.entries(incoming.reputation)) {
+                    if (typeof score !== "number")
+                        continue;
+                    if (!repStore[did]) {
+                        repStore[did] = { score, base: 10, attestations: [], last_updated: Date.now(), identityScore: 0, hasDocumentVerified: false };
+                    }
+                    else if (score > repStore[did].score) {
+                        repStore[did].score = score;
+                        repStore[did].last_updated = Date.now();
+                    }
+                }
+                if (Object.keys(incoming.reputation).length > 0)
+                    saveReputation();
+            }
+            // Merge attestations (dedup by issuer+timestamp+context)
+            if (Array.isArray(incoming.attestations)) {
+                for (const att of incoming.attestations) {
+                    if (!att?.issuer_did || !att?.target_did)
+                        continue;
+                    const existing = repStore[att.target_did];
+                    const prevAtts = existing?.attestations ?? [];
+                    const isDup = prevAtts.some(a => a.issuer_did === att.issuer_did &&
+                        a.timestamp === att.timestamp &&
+                        a.context === att.context);
+                    if (!isDup) {
+                        applyAttestation(att);
+                        newAttestations++;
+                    }
+                }
+            }
+            // Persist new unified state
+            if (newNullifiers > 0 || newAttestations > 0) {
+                const snapshot = {
+                    nullifiers: Object.keys(nullifiers),
+                    reputation: Object.fromEntries(Object.entries(repStore).map(([d, e]) => [d, e.score])),
+                    attestations: Object.values(repStore).flatMap(e => e.attestations ?? []),
+                    peers,
+                    lastSync: Date.now(),
+                    stateHash: computeHash(Object.keys(nullifiers)),
+                };
+                saveState(snapshot);
+                lastSyncTs = Date.now();
+            }
+            return json(res, 200, {
+                ok: true,
+                new_nullifiers: newNullifiers,
+                new_attestations: newAttestations,
+            });
+        }
         if (cleanUrl === "/token/renew" && req.method === "POST")
             return handleTokenRenew(req, res, nodeKeypair);
         if (cleanUrl === "/challenge" && req.method === "POST")
@@ -1433,3 +1566,8 @@ export async function getNodeInfo(nodeUrl) {
 }
 export const BOOTSTRAP_NODES = [];
 export { applyAttestation };
+/** Used by anti-entropy loop in server.ts */
+export function getNodeState() {
+    return { nullifiers, repStore, peers, lastSyncTs };
+}
+export function setLastSyncTs(ts) { lastSyncTs = ts; }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "soulprint-network",
-  "version": "0.4.3",
+  "version": "0.4.4",
   "description": "Soulprint validator node — HTTP server that verifies ZK proofs, co-signs SPTs, anti-Sybil registry",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",