trac-msb 0.2.6 → 0.2.8

package/.github/workflows/publish.yml

@@ -5,36 +5,29 @@ on:
     types: [published]
 
 permissions:
+  id-token: write  # Required for OIDC
   contents: read
 
 jobs:
-  publish-npm:
+  publish:
     runs-on: ubuntu-latest
-
     steps:
-      - name: Checkout repo
+      - name: Checkout release tag
         uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.release.tag_name }}
 
       - name: Use Node.js
         uses: actions/setup-node@v4
         with:
           node-version: '24'
           registry-url: 'https://registry.npmjs.org'
-
-      - name: Set package.json version from tag
-        run: |
-          TAG="${GITHUB_REF#refs/tags/}"
-          VERSION="${TAG#v}"
-          echo "Version from tag: $VERSION"
-          npm version "$VERSION" --no-git-tag-version
-
       - name: Install dependencies
         run: npm ci
 
-      - name: Run unit tests
-        run: npm run test:unit:all
+      # unit tests are temporarily disabled because they lost stability on GH runners.
+      #- name: Run unit tests
+      #  run: npm run test:unit:all
 
       - name: Publish to npm
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_MSB_PUBLISH_TOKEN }}
-        run: npm publish
+        run: npm publish --access public

package/docs/networking-dualstack-plan.md

@@ -0,0 +1,75 @@
+# Dual-stack plan with design patterns (legacy JSON + network/v1)
+
+This is a design plan only (no implementation yet).
+
+## Project map (current)
+- `src/core/network/Network.js`: facade for swarm, services, and message setup.
+- `src/core/network/protocols/NetworkMessages.js`: Protomux wiring for legacy JSON.
+- `src/core/network/protocols/legacy/`: legacy router + handlers + validators.
+- `src/core/network/protocols/shared/`: shared operation handlers + validators.
+- `src/core/network/services/ConnectionManager.js`: validator pool and messaging.
+- `src/core/network/services/MessageOrchestrator.js`: legacy broadcast heuristic.
+- `src/messages/network/v1/`: builder/director/factory for v1 messages.
+- `proto/network.proto` + `src/utils/protobuf/network.cjs`: v1 schema/codec.
+
+## Design patterns to use (and where)
+- Strategy + Adapter: protocol-specific adapters per version (`legacy`, `v1`, future `v2`).
+- Registry + Factory: centralized list of protocol descriptors, created once.
+- Chain of Responsibility: routing table of predicates -> handlers (replace long if/else).
+- Template Method: already in `BaseOperationHandler`, keep as shared entry point.
+- Command: operation handlers as commands dispatched by a protocol router.
+- State Machine: handshake + capability negotiation for `network/v1`.
+- Mediator: `MessageOrchestrator` coordinates `ConnectionManager` and state.
+- Observer: emit connection/protocol events to interested services.
+- Decorator: wrap handlers with rate limit, logging, metrics.
+- Null Object: no-op messenger to avoid null checks in send paths.
+
+## Target architecture (pattern-oriented)
+1. ProtocolAdapter interface (Strategy + Adapter)
+   - Shape: `id`, `protocolName`, `encoding`, `router`, `handshake`, `encode`, `decode`.
+   - `LegacyProtocolAdapter` wraps `legacy/NetworkMessageRouter` with `c.json`.
+   - `V1ProtocolAdapter` wraps protobuf decode/encode and a v1 router.
+
+2. ProtocolRegistry (Registry + Factory)
+   - Single source of enabled protocols: `[legacyAdapter, v1Adapter]`.
+   - Owns protocol names (`legacy` channel from config, `network/v1`).
+   - Exposed to `NetworkMessages` for channel creation.
+
+3. ProtocolSession per connection (Facade + Null Object)
+   - `session.messengers.{legacy,v1}` with a `NullMessenger` fallback.
+   - `session.protocols` is a `Set` of negotiated protocols.
+   - Stored in `ConnectionManager` alongside peer metadata.
+
+4. Router refactor (Chain of Responsibility + Command)
+   - `legacy` router: table of `canHandle(message)` + `handler.execute()`.
+   - `v1` router: map `MessageType -> handler`.
+   - Shared operation handlers remain in `shared/handlers/`.
+
+5. Handshake state machine (State)
+   - Per-connection state: `init -> awaiting_ack -> open -> failed`.
+   - On success, mark `session.protocols.add('v1')`.
+   - On timeout, keep `legacy` only (no disconnect).
+
+6. Orchestrator protocol selection (Strategy)
+   - `ProtocolSelector`: choose v1 if peer supports it, else legacy.
+   - v1 ACK uses response codes; legacy uses state-based heuristic.
+   - Optional strict verify for v1: wait for append before success.
+
+7. Validators layout (Template Method + Adapter)
+   - Keep shared validators in `shared/validators/`.
+   - Protocol-specific validators live under `legacy/validators/` and `v1/validators/`.
+   - Protocol adapter decides which validator set to use.
+
+## Step-by-step plan
+1. Add `ProtocolRegistry` and `ProtocolAdapter` definitions (design only).
+2. Update `NetworkMessages` to iterate registry and open one channel per protocol.
+3. Introduce `ProtocolSession` and store it in `ConnectionManager`.
+4. Implement v1 router map based on `proto/network.proto` types.
+5. Add v1 handshake state machine and capability negotiation.
+6. Add `ProtocolSelector` in `MessageOrchestrator` with legacy fallback.
+7. Align validators: shared core + protocol-specific wrappers.
+8. Tests (future): legacy-only peers, v1 negotiation, mixed cluster.
+
+## Notes for v2
+- Add `network/v2` adapter + protobuf schema.
+- Registry chooses the highest common protocol per peer.

package/docs/networking-layer-redesign.md

@@ -0,0 +1,155 @@
+# Networking layer redesign (draft)
+
+Cel: uporządkować warstwę sieciową w `src/core/network`, wprowadzić binarne wiadomości (Protobuf + Protomux), system ACK/heartbeat, zunifikowane kody błędów oraz nowy endpoint RPC, bez ingerencji w istniejącą implementację (ten dokument jest tylko projektem).
+
+## Założenia
+- Komunikacja p2p przez Hyperswarm zostaje, ale wiadomości idą binarnie (Protobuf) na kanałach Protomux.
+- Każdy typ wiadomości zwraca `Result` z kodem sukcesu/błędu (własne kody, nie HTTP).
+- Heartbeat/liveness co ~10s z losowym jitterem; łatwa konfiguracja z `config`/`constants`.
+- Handshake z zachowaniem PKI, ale mniej round-tripów i z ochroną DoS.
+- Modularna architektura (klasy/serwisy), separacja transportu, protokołu, zdrowia, bezpieczeństwa i RPC.
+
+## Architektura warstw
+- **Transport (HyperswarmTransport)**: zarządza swarmem, tworzy kanały Protomux (binary encoding), egzekwuje limity połączeń.
+- **Protocol (EnvelopeCodec, Protobuf schemas)**: wspólny `Envelope` + `Result`; mapowanie typów wiadomości; validacja długości/pól przed dekodowaniem.
+- **Handshake (ValidatorHandshake)**: szybki trójfazowy handshake z wyzwaniem nonce + podpis, negocjacja wersji/capabilities, limity prób.
+- **Health (HeartbeatScheduler + LivenessStore)**: wysyła heartbeat do wszystkich znanych peerów (z konekcji lub z listy validatorów), aktualizuje liveness, generuje zdarzenia dla RPC.
+- **Security (DosGuard)**: rate limit per peer/endpoint, maks. rozmiary payloadów, kolejki handshake, banlista czasowa.
+- **RPC adapter (ValidatorStatusController)**: odczytuje `LivenessStore` i zwraca status walidatora.
+
+## Proponowane moduły / pliki (kierunek, bez implementacji)
+- `src/core/network/transport/HyperswarmTransport.js`: opakowanie na Hyperswarm + Protomux, jednolity interfejs kanałów binarnych.
+- `src/core/network/protocol/EnvelopeCodec.js`: enkodowanie/dekodowanie Protobuf, walidacja schematu, mapowanie `MessageType` -> handler.
+- `src/core/network/protocol/error-codes.js`: stałe kodów (`ErrorCode` enum) współdzielone między node'ami.
+- `src/core/network/handshake/ValidatorHandshake.js`: stan maszyny handshake, ochrona DoS, fallbacki wersji.
+- `src/core/network/health/HeartbeatScheduler.js`: harmonogram heartbeatów + jitter, retry/backoff.
+- `src/core/network/health/LivenessStore.js`: przechowuje `lastSeen`, `missed`, `state=active/inactive/banned`.
+- `src/core/network/security/DosGuard.js`: token bucket + ograniczenia równoległych handshake, limit rozmiaru wiadomości.
+- `src/core/network/rpc/ValidatorStatusController.js`: integracja z istniejącym RPC routerem (`/validators/:address/status`).
+
+## Szkic Protobuf (draft, do dodania jako nowy `.proto`)
+```proto
+syntax = "proto3";
+package network.v1;
+
+enum MessageType {
+  UNKNOWN = 0;
+  HANDSHAKE_INIT = 1;
+  HANDSHAKE_ACK = 2;
+  HEARTBEAT_PING = 3;
+  HEARTBEAT_ACK = 4;
+  VALIDATOR_STATUS_REQUEST = 5;
+  VALIDATOR_STATUS_RESPONSE = 6;
+  // ...pozostałe typy operacyjne (transfer/role) mogą być zmapowane później
+}
+
+enum ResultCode {
+  RESULT_OK = 0;
+  RESULT_RETRY = 1;            // używane do łagodnego backoffu
+  RESULT_INVALID_PAYLOAD = 2;
+  RESULT_UNAUTHORIZED = 3;
+  RESULT_UNAUTHENTICATED = 4;
+  RESULT_UNSUPPORTED_VERSION = 5;
+  RESULT_RATE_LIMITED = 6;
+  RESULT_TOO_MANY_CONNECTIONS = 7;
+  RESULT_BUSY = 8;
+  RESULT_TIMEOUT = 9;
+  RESULT_PEER_BANNED = 10;
+  RESULT_SIGNATURE_INVALID = 11;
+  RESULT_NOT_VALIDATOR = 12;
+  RESULT_INTERNAL = 13;
+}
+
+message Result {
+  ResultCode code = 1;
+  string reason = 2;
+}
+
+message Envelope {
+  uint64 session_id = 1;
+  MessageType type = 3;
+  bytes payload = 4;         // zakodowany message specyficzny dla type
+  Result result = 5;         // dla odpowiedzi/ACK
+  uint64 timestamp = 6;
+}
+
+message HandshakeInit {
+  bytes node_pk = 1;
+  uint32 version = 2;
+  bytes nonce = 3;
+  bytes signature = 4; // sig(nonce || channel || version)
+  repeated string capabilities = 5; // np. ["binary", "hb:v1"]
+}
+
+message HandshakeAck {
+  bytes nonce = 1;           // nonce od inicjatora
+  bytes signature = 2;       // sig(nonce || channel || version)
+  uint32 version = 3;        // negocjowany
+  Result result = 4;         // ERROR_UNSUPPORTED_VERSION itd.
+}
+
+message HeartbeatPing {
+  bytes node_pk = 1;
+  uint64 sequence = 2;
+  uint64 timestamp_ms = 3;
+}
+
+message HeartbeatAck {
+  uint64 sequence = 1;
+  Result result = 2;         // ERROR_OK lub powód degradacji
+  uint64 timestamp_ms = 3;
+}
+
+message ValidatorStatusRequest {
+  bytes validator_pk = 1;
+}
+
+message ValidatorStatusResponse {
+  Result result = 1;
+  bool active = 2;
+  uint64 last_seen_ms = 3;
+  uint32 missed_heartbeats = 4;
+}
+```
+
+## Handshake (przykładowy przebieg)
+1. **Init**: inicjator wysyła `HandshakeInit` na dedykowany kanał Protomux `protocol:handshake/v1` (binary). Dodajemy `DosGuard` limitujący równoległe init-y i weryfikujący rozmiar.
+2. **Ack**: odbiorca weryfikuje podpis i wersję, odpowiada `HandshakeAck` (sukces lub błąd). Przy sukcesie odkłada połączenie do `ConnectionManager` razem z metadanymi (rola, capabilities).
+3. **Promotion**: dopiero po sukcesie handshake kanały operacyjne/heartbeat są otwierane; w przeciwnym razie połączenie jest zamykane i peer może trafić na banlistę czasową.
+
+Minimalizuje to round-trip (1.5 RTT), utrzymuje PKI (nonce + podpis) i pozwala na rollback do niższej wersji jeśli różne węzły.
+
+## Heartbeat / liveness
+- **Interwał**: domyślnie 10s ± losowy jitter (np. 0–2s) by uniknąć szpilek. Parametryzacja w constants/config.
+- **Zakres**: każda znana para (aktywny validator + inne role) dostaje `HeartbeatPing`. Po 3 nieudanych ACK (lub braków w oknie czasowym) peer przechodzi w `inactive`, po większej liczbie w `unhealthy`.
+- **Integracja**: `HeartbeatScheduler` korzysta z `ConnectionManager` do nadawania; `LivenessStore` aktualizuje się na podstawie `HeartbeatAck` i czasu.
+- **Odpowiedź**: `HeartbeatAck.result.code` pozwala zakomunikować throttle (`ERROR_RATE_LIMITED`) lub przepełnienie (`ERROR_BUSY`), co zmniejsza logowanie błędów.
+
+## Nowy endpoint RPC
+- Ścieżka: `GET /validators/:address/status` w warstwie RPC.
+- Źródło prawdy: `LivenessStore` (ostatni heartbeat, liczba nieodebranych, stan). `active=true` gdy ostatni heartbeat < 3*interval i brak poważnych błędów.
+- Payload (200): `{ address, active, lastSeenMs, missed, reason }`. Brak zależności od kodów HTTP dla logiki aplikacyjnej; HTTP 404 tylko gdy adres niepoprawny (opcjonalnie 200 z `active:false` i `result.code=ERROR_NOT_VALIDATOR`).
+- Przygotować kontrakt dla klientów (CLI/SDK) by interpretowali `Result`.
+
+## Ochrona przed DoS
+- **Rate limiting**: token bucket per peer na handshake i heartbeat, limity równoległych handshake w `DosGuard`.
+- **Rozmiary**: twarde limity na rozmiar pakietu Protobuf przed deserializacją; odrzucenie z `ERROR_INVALID_PAYLOAD`.
+- **Kolejki**: ograniczona kolejka zadań handshake/heartbeat; przy przepełnieniu `ERROR_BUSY` w ACK i zamknięcie połączenia.
+- **Bany czasowe**: peer wysyłający zbyt wiele złych podpisów lub oversize payloadów trafia na banlistę na X minut.
+- **Separacja kanałów**: osobne kanały Protomux (handshake, control/heartbeat, operations) by odciąć hałas od głównych operacji.
+
+## Kody błędów (wspólny enum)
+- Sukces: `ERROR_OK`.
+- Autoryzacja: `ERROR_UNAUTHENTICATED`, `ERROR_UNAUTHORIZED`, `ERROR_SIGNATURE_INVALID`, `ERROR_NOT_VALIDATOR`.
+- Dostępność: `ERROR_RATE_LIMITED`, `ERROR_BUSY`, `ERROR_TOO_MANY_CONNECTIONS`, `ERROR_PEER_BANNED`.
+- Protokół: `ERROR_INVALID_PAYLOAD`, `ERROR_UNSUPPORTED_VERSION`, `ERROR_TIMEOUT`.
+- Ogólne: `ERROR_RETRY` (miękkie), `ERROR_INTERNAL`.
+
+## Plan wdrożenia (wysoki poziom)
+1. Dodać schemat `.proto` z Envelope/Result/Handshake/Heartbeat/Status.
+2. Wydzielić `transport/` + `protocol/` + `handshake/` + `health/` + `security/` katalogi i przenieść istniejące odpowiedniki (`NetworkMessages`, router, itp.) stopniowo.
+3. Zaimplementować `EnvelopeCodec` w Protomux (binary), przełączyć routing na typy wiadomości zamiast JSON.
+4. Zaimplementować handshake (1.5 RTT) i dołożyć `DosGuard` oraz limity na poziomie Protomux channel.
+5. Dodać HeartbeatScheduler + LivenessStore, zasilić je danymi do RPC.
+6. Dodać endpoint RPC `/validators/:address/status`, mapujący dane z LivenessStore.
+7. Testy: symulacja DoS (próby handshake > limit, oversize payload), degradacja heartbeat, negocjacja wersji i kompatybilności.

package/msb.mjs

@@ -1,33 +1,22 @@
 import { MainSettlementBus } from './src/index.js';
+import { startRpcServer } from './rpc/rpc_server.js';
+import { createConfig, ENV } from './src/config/env.js';
 
 const pearApp = typeof Pear !== 'undefined' ? (Pear.app ?? Pear.config) : undefined;
 const runtimeArgs = typeof process !== 'undefined' ? process.argv.slice(2) : [];
 const args = pearApp?.args ?? runtimeArgs;
 const runRpc = args.includes('--rpc');
+const storeName = pearApp?.args?.[0] ?? runtimeArgs[0]
 
-const opts = {
-    stores_directory: 'stores/',
-    store_name: pearApp?.args?.[0] ?? runtimeArgs[0],
-    bootstrap: 'acbc3a4344d3a804101d40e53db1dda82b767646425af73599d4cd6577d69685',
-    channel: '0000trac0network0msb0mainnet0000',
-    enable_role_requester: false,
-    enable_wallet: true,
-    enable_validator_observer: true,
-    enable_interactive_mode: true,
-    disable_rate_limit: false,
-    enable_tx_apply_logs: false,
-    enable_error_apply_logs: false,
-};
+const rpc = {
+    storeName: pearApp?.args?.[0] ?? runtimeArgs[0],
+    enableWallet: false,
+    enableInteractiveMode: false
+}
 
-const rpc_opts = {
-    ...opts,
-    enable_tx_apply_logs: false,
-    enable_error_apply_logs: false,
-    enable_wallet: false,
-    enable_interactive_mode: false,
-};
+const options = args.includes('--rpc') ? rpc : { storeName }
 
-const msb = new MainSettlementBus(runRpc ? rpc_opts : opts);
+const msb = new MainSettlementBus(createConfig(ENV.MAINNET, options));
 
 msb.ready().then(async () => {
     if (runRpc) {
@@ -36,10 +25,9 @@ msb.ready().then(async () => {
         const port = (portIndex !== -1 && args[portIndex + 1]) ? parseInt(args[portIndex + 1], 10) : 5000;
         const hostIndex = args.indexOf('--host');
         const host = (hostIndex !== -1 && args[hostIndex + 1]) ? args[hostIndex + 1] : 'localhost';
-
-        const {startRpcServer} = await import('./rpc/rpc_server.mjs');
         startRpcServer(msb, host, port);
     } else {
+        console.log('RPC server will not be started.');
         msb.interactiveMode();
     }
 });

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "trac-msb",
   "main": "msb.mjs",
-  "version": "0.2.6",
+  "version": "0.2.8",
   "pear": {
     "name": "trac-msb",
     "type": "terminal"
@@ -25,7 +25,6 @@
     "test:unit:bare:cov": "brittle-bare -c -t 60000  tests/unit/unit.test.js"
   },
   "dependencies": {
-    "@tracsystems/blake3": "0.0.13",
     "autobase": "7.20.1",
     "b4a": "1.6.7",
     "bare-crypto": "1.12.0",
@@ -50,7 +49,7 @@
     "protomux-wakeup": "2.4.0",
     "readline": "npm:bare-node-readline",
     "ready-resource": "1.1.2",
-    "trac-wallet": "0.0.43-msb-r2.8",
+    "trac-wallet": "0.0.43-msb-r2.9",
     "tty": "npm:bare-node-tty"
   },
   "devDependencies": {

package/rpc/{create_server.mjs → create_server.js}

@@ -1,7 +1,7 @@
 // rpc_server.mjs
 import http from 'http'
-import { applyCors } from './cors.mjs';
-import { routes } from './routes/index.mjs';
+import { applyCors } from './cors.js';
+import { routes } from './routes/index.js';
 
 export const createServer = (msbInstance) => {
   const server = http.createServer({}, async (req, res) => {

package/rpc/{handlers.mjs → handlers.js}

@@ -1,6 +1,6 @@
-import { decodeBase64Payload, isBase64, sanitizeBulkPayloadsRequestBody, sanitizeTransferPayload, validatePayloadStructure } from "./utils/helpers.mjs"
-import { MAX_SIGNED_LENGTH, ZERO_WK } from "./constants.mjs";
-import { buildRequestUrl } from "./utils/url.mjs";
+import { decodeBase64Payload, isBase64, sanitizeBulkPayloadsRequestBody, sanitizeTransferPayload, validatePayloadStructure } from "./utils/helpers.js"
+import { MAX_SIGNED_LENGTH, ZERO_WK } from "./constants.js";
+import { buildRequestUrl } from "./utils/url.js";
 import { isHexString } from "../src/utils/helpers.js";
 import {
     getBalance,
@@ -16,7 +16,7 @@ import {
 } from "./rpc_services.js";
 import { bufferToBigInt, licenseBufferToBigInt } from "../src/utils/amountSerialization.js";
 import { isAddressValid } from "../src/core/state/utils/address.js";
-import { getConfirmedParameter } from "./utils/confirmedParameter.mjs";
+import { getConfirmedParameter } from "./utils/confirmedParameter.js";
 
 export async function handleBalance({ req, respond, msbInstance }) {
     const url = buildRequestUrl(req);
@@ -258,7 +258,7 @@ export async function handleAccountDetails({ msbInstance, respond, req }) {
         return respond(400, { error: 'Parameter "confirmed" must be exactly "true" or "false"' });
     }
 
-    if (!isAddressValid(address)) {
+    if (!isAddressValid(address, msbInstance.config.addressPrefix)) {
         return respond(400, { error: "Invalid account address format" });
     }
 

package/rpc/routes/{index.mjs → index.js}

@@ -1,4 +1,4 @@
-import { v1Routes } from './v1.mjs';
+import { v1Routes } from './v1.js';
 
 // future version
 // import { v2Routes } from './v2.mjs';

package/rpc/routes/{v1.mjs → v1.js}

@@ -10,7 +10,7 @@ import {
     handleFetchBulkTxPayloads,
     handleTransactionExtendedDetails,
     handleAccountDetails
-} from '../handlers.mjs';
+} from '../handlers.js';
 
 export const v1Routes = [
     { method: 'GET', path: '/balance', handler: handleBalance },

package/rpc/{rpc_server.mjs → rpc_server.js}

@@ -1,4 +1,4 @@
-import { createServer } from "./create_server.mjs";
+import { createServer } from "./create_server.js";
 
 // Called by msb.mjs file
 export function startRpcServer(msbInstance, host, port) {

package/rpc/rpc_services.js

@@ -51,7 +51,7 @@ export async function getTxDetails(msbInstance, hash) {
         return null;
     }
 
-    return normalizeDecodedPayloadForJson(rawPayload.decoded);
+    return normalizeDecodedPayloadForJson(rawPayload.decoded, msbInstance.config);
 }
 
 export async function fetchBulkTxPayloads(msbInstance, hashes) {
@@ -73,7 +73,7 @@ export async function fetchBulkTxPayloads(msbInstance, hashes) {
         if (result === null || result === undefined) {
             res.missing.push(hash);
         } else {
-            const decodedResult = normalizeDecodedPayloadForJson(result.decoded);
+            const decodedResult = normalizeDecodedPayloadForJson(result.decoded, msbInstance.config);
             res.results.push({ hash, payload: decodedResult });
         }
     });
@@ -93,7 +93,7 @@ export async function getExtendedTxDetails(msbInstance, hash, confirmed) {
         if (confirmedLength === null) {
             throw new Error(`No confirmed length found for tx hash: ${hash} in confirmed mode`);
         }
-        const normalizedPayload = normalizeDecodedPayloadForJson(rawPayload.decoded, true);
+        const normalizedPayload = normalizeDecodedPayloadForJson(rawPayload.decoded, msbInstance.config);
         const feeBuffer = state.getFee();
         return {
             txDetails: normalizedPayload,
@@ -107,7 +107,7 @@ export async function getExtendedTxDetails(msbInstance, hash, confirmed) {
         throw new Error(`No payload found for tx hash: ${hash}`);
     }
 
-    const normalizedPayload = normalizeDecodedPayloadForJson(rawPayload.decoded, true);
+    const normalizedPayload = normalizeDecodedPayloadForJson(rawPayload.decoded, msbInstance.config);
     const length = await state.getTransactionConfirmedLength(hash);
     if (length === null) {
         return {

package/src/config/config.js

@@ -0,0 +1,137 @@
+import b4a from 'b4a'
+
+export class Config {
+    #options
+    #config
+    #bootstrap
+    #channel
+
+    constructor(options = {}, config = {}) {
+        this.#validate(options, config)
+        this.#options = options
+        this.#config = config
+        this.#bootstrap = b4a.from(this.#options.bootstrap || this.#config.bootstrap, 'hex')
+        // Ensure a 32-byte channel buffer (repeat-fill from string/Buffer if provided)
+        this.#channel = b4a.alloc(32).fill(this.#options.channel || this.#config.channel)
+    }
+
+    get addressLength() {
+        return this.#config.addressLength
+    }
+
+    get addressPrefix() {
+        return this.#config.addressPrefix
+    }
+
+    get addressPrefixLength() {
+        return this.addressPrefix.length
+    }
+
+    get bech32mHrpLength() {
+        return this.#config.bech32mHrpLength
+    }
+
+    get bootstrap() {
+        return this.#bootstrap
+    }
+
+    get channel() {
+        return this.#channel
+    }
+
+    get dhtBootstrap() {
+        if (this.#isOverriden('dhtBootstrap')) return this.#options.dhtBootstrap
+        return this.#config.dhtBootstrap
+    }
+
+    get disableRateLimit() {
+        if (this.#isOverriden('disableRateLimit')) return !!this.#options.disableRateLimit
+        return !!this.#config.disableRateLimit
+    }
+
+    get enableErrorApplyLogs() {
+        if (this.#isOverriden('enableErrorApplyLogs')) return !!this.#options.enableErrorApplyLogs
+        return !!this.#config.enableErrorApplyLogs
+    }
+
+    get enableInteractiveMode() {
+        if (this.#isOverriden('enableInteractiveMode')) return this.#options.enableInteractiveMode !== false
+        return !!this.#config.enableInteractiveMode
+    }
+
+    get enableRoleRequester() {
+        if (this.#isOverriden('enableRoleRequester')) return !!this.#options.enableRoleRequester
+        return !!this.#config.enableRoleRequester
+    }
+
+    get enableValidatorObserver() {
+        if (this.#isOverriden('enableValidatorObserver')) return !!this.#options.enableValidatorObserver
+        return !!this.#config.enableValidatorObserver
+    }
+
+    get enableTxApplyLogs() {
+        if (this.#isOverriden('enableTxApplyLogs')) return !!this.#options.enableTxApplyLogs
+        return !!this.#config.enableTxApplyLogs
+    }
+
+    get enableWallet() {
+        if (this.#isOverriden('enableWallet')) return this.#options.enableWallet !== false
+        return !!this.#config.enableWallet
+    }
+
+    get isAdminMode() {
+        return this.#options.storeName === 'admin'
+    }
+
+    get keyPairPath()  {
+        return `${this.storesFullPath}/db/keypair.json`
+    }
+
+    get maxRetries() {
+        if (this.#isOverriden('maxRetries')) return this.#options.maxRetries
+        return this.#config.maxRetries
+    }
+
+    get maxValidators() {
+        if (this.#isOverriden('maxValidators')) return this.#options.maxValidators
+        return this.#config.maxValidators
+    }
+
+    get networkId() {
+        return this.#config.networkId
+    }
+
+    get storesDirectory() {
+        if (this.#isOverriden('storesDirectory')) return this.#options.storesDirectory
+        return this.#config.storesDirectory
+    }
+
+    get storesFullPath() {
+        return `${this.storesDirectory}${this.#options.storeName}`
+    }
+
+    get messageThreshold() {
+        return this.#config.messageThreshold
+    }
+
+    get messageValidatorRetryDelay() {
+        return this.#config.messageValidatorRetryDelay
+    }
+
+    get messageValidatorResponseTimeout() {
+        return this.#config.messageValidatorResponseTimeout
+    }
+
+    // Most of these properties are boolean
+    #isOverriden(prop) {
+        return this.#options.hasOwnProperty(prop)
+    }
+
+    #validate(options, config) {
+        if (!options.channel && !config.channel) {
+            throw new Error(
+                "MainSettlementBus: Channel is required. Application cannot start without channel."
+            );
+        }
+    }
+}

package/src/config/env.js

@@ -0,0 +1,61 @@
+import { TRAC_NETWORK_MSB_MAINNET_PREFIX } from 'trac-wallet/constants.js';
+import { Config } from './config.js';
+
+export const ENV = {
+    MAINNET: 'mainnet',
+    DEVELOPMENT: 'development',
+    TESTNET1: 'testnet1'
+}
+
+const configData = {
+    [ENV.MAINNET]: {
+        addressLength: 63,
+        addressPrefix: TRAC_NETWORK_MSB_MAINNET_PREFIX,
+        addressPrefixLength: TRAC_NETWORK_MSB_MAINNET_PREFIX.length,
+        bech32mHrpLength: TRAC_NETWORK_MSB_MAINNET_PREFIX.length + 1, // len(addressPrefix + separator)
+        bootstrap: 'acbc3a4344d3a804101d40e53db1dda82b767646425af73599d4cd6577d69685',
+        channel: '0000trac0network0msb0mainnet0000',
+        dhtBootstrap: ['116.202.214.149:10001', '157.180.12.214:10001', 'node1.hyperdht.org:49737', 'node2.hyperdht.org:49737', 'node3.hyperdht.org:49737'],
+        disableRateLimit: false,
+        enableErrorApplyLogs: false,
+        enableInteractiveMode: true,
+        enableRoleRequester: false,
+        enableTxApplyLogs: false,
+        enableValidatorObserver: true,
+        enableWallet: true,
+        maxValidators: 50,
+        maxRetries: 3,
+        messageThreshold: 3,
+        messageValidatorRetryDelay: 1000, //How long to wait before retrying (ms) MESSAGE_VALIDATOR_RETRY_DELAY_MS
+        messageValidatorResponseTimeout: 3 * 3 * 1000, //Overall timeout for sending a message (ms). This is 3 * maxRetries * messageValidatorRetryDelay;
+        networkId: 918,
+        storesDirectory: 'stores/',
+    },
+    [ENV.DEVELOPMENT]: {
+        addressLength: 63,
+        addressPrefix: TRAC_NETWORK_MSB_MAINNET_PREFIX,
+        addressPrefixLength: TRAC_NETWORK_MSB_MAINNET_PREFIX.length,
+        bech32mHrpLength: TRAC_NETWORK_MSB_MAINNET_PREFIX.length + 1, // len(addressPrefix + separator)
+        bootstrap: 'e90cca53847a12a82f3bf0f67401e45e2ccc1698ee163e61414c2894eb3c6b12',
+        channel: '12312313123123',
+        dhtBootstrap: ['116.202.214.149:10001', '157.180.12.214:10001', 'node1.hyperdht.org:49737', 'node2.hyperdht.org:49737', 'node3.hyperdht.org:49737'],
+        disableRateLimit: false,
+        enableErrorApplyLogs: true,
+        enableInteractiveMode: true,
+        enableRoleRequester: false,
+        enableTxApplyLogs: true,
+        enableValidatorObserver: true,
+        enableWallet: true,
+        maxValidators: 6,
+        maxRetries: 0,
+        messageThreshold: 1000,
+        messageValidatorRetryDelay: 1000, //How long to wait before retrying (ms) MESSAGE_VALIDATOR_RETRY_DELAY_MS
+        messageValidatorResponseTimeout: 3 * 3 * 1000, //Overall timeout for sending a message (ms). This is 3 * maxRetries * messageValidatorRetryDelay;
+        networkId: 918,
+        storesDirectory : 'stores/',
+    }
+}
+
+export const createConfig = (environment, options) => {
+    return new Config(options, configData[environment])
+}