violetics 7.0.0-alpha → 7.0.1-alpha

package/lib/Defaults/index.js

@@ -82,12 +82,13 @@ exports.DEFAULT_CONNECTION_CONFIG = {
     emitOwnEvents: !0,
     defaultQueryTimeoutMs: 6E4,
     customUploadHosts: [],
-    retryRequestDelayMs: 0, // set to 0 for minimum latency; increase if WA rate-limits retries
-    maxMsgRetryCount: 15,
+    retryRequestDelayMs: 500,    // was 0 - add minimum backoff between decrypt-fail retries to reduce burst
+    maxMsgRetryCount: 5,         // was 15 - fewer retries = less traffic when running many bots
     fireInitQueries: !0,
     auth: void 0,
-    markOnlineOnConnect: !0,
+    markOnlineOnConnect: !1,     // was true - prevents all bots spamming presence on simultaneous restart
     syncFullHistory: !1,
+    connectJitterMs: 0,          // set e.g. 10000 to spread multi-bot connects over a random 0-10s window
     patchMessageBeforeSending: a => a,
     shouldSyncHistoryMessage: () => !0,
     shouldIgnoreJid: () => !1,
@@ -139,7 +140,8 @@ exports.MEDIA_KEYS = Object.keys(exports.MEDIA_PATH_MAP);
 exports.MIN_PREKEY_COUNT = 5;
 exports.INITIAL_PREKEY_COUNT = 30;
 exports.UPLOAD_TIMEOUT = 30000;
-exports.MIN_UPLOAD_INTERVAL = 5000;
+exports.MIN_UPLOAD_INTERVAL = 30000; // was 5000 - prevent prekey upload storms when many bots connect at once
+exports.PREKEY_UPLOAD_JITTER_MS = 5000; // random jitter added to prekey upload timing
 
 exports.TimeMs = {
     Minute: 60 * 1000,

package/lib/Socket/Client/web-socket-client.js

@@ -95,11 +95,18 @@ class WebSocketClient extends abstract_socket_client_1.AbstractSocketClient {
         if (!this.socket) {
             return;
         }
+        // Race against a 5-second timeout: if the underlying WebSocket never
+        // fires 'close' (e.g. network is already gone), we still proceed so
+        // that the old socket reference is cleared and a fresh reconnect can
+        // start without two sockets running in parallel.
         const closePromise = new Promise((resolve) => {
             this.socket.once('close', resolve);
         });
+        const timeoutPromise = new Promise((resolve) =>
+            setTimeout(resolve, 5000)
+        );
         this.socket.close();
-        await closePromise;
+        await Promise.race([closePromise, timeoutPromise]);
         this.socket = null;
     }
     send(str, cb) {

package/lib/Socket/chats.js

@@ -96,65 +96,42 @@ const makeChatsSocket = (config) => {
             isNeedOfficialWa: false,
             number: jid
         };
-        
+
         let phoneNumber = jid;
         if (phoneNumber.includes('@')) {
             phoneNumber = phoneNumber.split('@')[0];
         }
-    
+
         phoneNumber = phoneNumber.replace(/[^\d+]/g, '');
         if (!phoneNumber.startsWith('+')) {
             if (phoneNumber.startsWith('0')) {
                 phoneNumber = phoneNumber.substring(1);
             }
-        
             if (!phoneNumber.startsWith('62') && phoneNumber.length > 0) {
                 phoneNumber = '62' + phoneNumber;
             }
-        
             if (!phoneNumber.startsWith('+') && phoneNumber.length > 0) {
                 phoneNumber = '+' + phoneNumber;
             }
         }
-        
-        let formattedNumber = phoneNumber;
+
         const { parsePhoneNumber } = require('libphonenumber-js');
-        const parsedNumber = parsePhoneNumber(formattedNumber);
+        const parsedNumber = parsePhoneNumber(phoneNumber);
         const countryCode = parsedNumber.countryCallingCode;
         const nationalNumber = parsedNumber.nationalNumber;
-    
+
         try {
-            const {
-                useMultiFileAuthState,
-                Browsers, 
-                fetchLatestBaileysVersion
-            } = require('../Utils');
-            const { state } = await useMultiFileAuthState(".npm");
-            const { version } = await fetchLatestBaileysVersion();
-            const { makeWASocket } = require('../Socket');
-            const pino = require("pino");
-            const sock = makeWASocket({
-                version,
-                auth: state,
-                browser: Utils_1.Browsers("Chrome"),
-                logger: pino({ 
-                    level: "silent"
-                }),
-                printQRInTerminal: false,
-            });
-            const registrationOptions = {
-                phoneNumber: formattedNumber,
+            // mobileRegisterExists() hits /exist endpoint — NO SMS is ever sent.
+            // It checks account status and returns ban errors (appeal_token, custom_block_screen)
+            // same as the /code endpoint would, but without triggering OTP delivery.
+            const { mobileRegisterExists } = require('./registration');
+            await mobileRegisterExists({
+                ...authState.creds,
                 phoneNumberCountryCode: countryCode,
                 phoneNumberNationalNumber: nationalNumber,
-                phoneNumberMobileCountryCode: "510",
-                phoneNumberMobileNetworkCode: "10",
-                method: "sms",
-            };
-    
-            await sock.requestRegistrationCode(registrationOptions);
-            if (sock.ws) {
-                sock.ws.close();
-            }
+                phoneNumberMobileCountryCode: '510',
+                phoneNumberMobileNetworkCode: '10',
+            }, config.options);
             return JSON.stringify(resultData, null, 2);
         } catch (err) {
             if (err?.appeal_token) {
@@ -164,8 +141,7 @@ const makeChatsSocket = (config) => {
                     in_app_ban_appeal: err.in_app_ban_appeal || null,
                     appeal_token: err.appeal_token || null,
                 };
-            }
-            else if (err?.custom_block_screen || err?.reason === 'blocked') {
+            } else if (err?.custom_block_screen || err?.reason === 'blocked') {
                 resultData.isNeedOfficialWa = true;
             }
             return JSON.stringify(resultData, null, 2);

package/lib/Socket/messages-recv.js

@@ -1004,14 +1004,13 @@ const makeMessagesRecvSocket = (config) => {
     };
     /// processes a node with the given function
     /// and adds the task to the existing buffer if we're buffering events
+    /// Uses createBufferedFunction to be nested-buffer-safe: won't underflow
+    /// the buffersInProgress counter that the offline phase is holding open
     const processNodeWithBuffer = async (node, identifier, exec) => {
-        ev.buffer();
-        await execTask();
-        ev.flush();
-        function execTask() {
-            return exec(node, false)
-                .catch(err => onUnexpectedError(err, identifier));
-        }
+        const runBuffered = ev.createBufferedFunction(() =>
+            exec(node, false).catch(err => onUnexpectedError(err, identifier))
+        );
+        await runBuffered();
     };
     const makeOfflineNodeProcessor = () => {
         const nodeProcessorMap = new Map([
@@ -1029,7 +1028,11 @@ const makeMessagesRecvSocket = (config) => {
             }
             isProcessing = true;
             const promise = async () => {
-                while (nodes.length && ws.isOpen) {
+                // NOTE: intentionally NOT checking ws.isOpen here.
+                // Nodes are already in memory — we must process them all to completion.
+                // Individual handlers (handleMessage, handleReceipt, etc.) already
+                // guard against sending ACKs on a closed connection.
+                while (nodes.length) {
                     const { type, node } = nodes.shift();
                     const nodeProcessor = nodeProcessorMap.get(type);
                     if (!nodeProcessor) {

package/lib/Socket/socket.js

@@ -19,7 +19,7 @@ const Client_1 = require("./Client");
  */ 
 const makeSocket = (config) => {
     var _a, _b;
-    const { waWebSocketUrl, connectTimeoutMs, logger, keepAliveIntervalMs, browser, auth: authState, printQRInTerminal, defaultQueryTimeoutMs, transactionOpts, qrTimeout, makeSignalRepository, } = config;
+    const { waWebSocketUrl, connectTimeoutMs, logger, keepAliveIntervalMs, browser, auth: authState, printQRInTerminal, defaultQueryTimeoutMs, transactionOpts, qrTimeout, makeSignalRepository, connectJitterMs, } = config;
     const url = typeof waWebSocketUrl === 'string' ? new url_1.URL(waWebSocketUrl) : waWebSocketUrl;
     if (config.mobile || url.protocol === 'tcp:') {
         throw new boom_1.Boom('Mobile API is not supported anymore', { 
@@ -30,7 +30,17 @@ const makeSocket = (config) => {
         url.searchParams.append('ED', authState.creds.routingInfo.toString('base64url'));
     }
     const ws = new Client_1.WebSocketClient(url, config);
-    ws.connect();
+    // If connectJitterMs is set, stagger the initial connection by a random delay.
+    // This prevents thundering-herd when many bots start simultaneously.
+    // Uses setTimeout (not await) because makeSocket is a sync arrow function.
+    if (connectJitterMs && connectJitterMs > 0) {
+        const jitter = Math.floor(Math.random() * connectJitterMs);
+        logger.debug({ jitter }, 'delaying connect by jitter ms');
+        setTimeout(() => ws.connect(), jitter);
+    } else {
+        ws.connect();
+    }
+
     const ev = (0, Utils_1.makeEventBuffer)(logger);
     /** ephemeral key pair used to encrypt/decrypt communication. Unique for each connection */
     const ephemeralKeyPair = Utils_1.Curve.generateKeyPair();
@@ -218,6 +228,13 @@ const makeSocket = (config) => {
             logger.debug('Pre-key upload already in progress, waiting for completion');
             await uploadPreKeysPromise;
         }
+        // Spread prekey uploads across a random window to avoid thundering-herd
+        // when many bots start simultaneously and all need to upload prekeys.
+        const uploadJitter = Math.floor(Math.random() * Defaults_1.PREKEY_UPLOAD_JITTER_MS);
+        if (uploadJitter > 0) {
+            await new Promise(resolve => setTimeout(resolve, uploadJitter));
+        }
+
         const uploadLogic = async () => {
             logger.info({ count, retryCount }, 'uploading pre-keys');
             const node = await keys.transaction(async () => {
@@ -356,7 +373,13 @@ const makeSocket = (config) => {
             ws.off('error', onClose);
         });
     };
-    const startKeepAliveRequest = () => (keepAliveReq = setInterval(() => {
+    const startKeepAliveRequest = () => {
+        // Add a random initial offset (±20% of keepAliveIntervalMs) so bots started
+        // at the same time do NOT send keep-alive pings simultaneously, which would
+        // create a thundering-herd of IQ requests to WA servers.
+        const jitter = Math.floor(Math.random() * keepAliveIntervalMs * 0.4) - Math.floor(keepAliveIntervalMs * 0.2);
+        const effectiveInterval = Math.max(keepAliveIntervalMs + jitter, 5000);
+        return (keepAliveReq = setInterval(() => {
         if (!lastDateRecv) {
             lastDateRecv = new Date();
         }
@@ -387,7 +410,8 @@ const makeSocket = (config) => {
         else {
             logger.warn('keep alive called when WS not open');
         }
-    }, keepAliveIntervalMs));
+    }, effectiveInterval));
+    };
     /** i have no idea why this exists. pls enlighten me */
     const sendPassiveIq = (tag) => (query({
         tag: 'iq',

package/lib/Utils/auth-utils.js

@@ -141,11 +141,13 @@ const addTransactionCapability = (state, logger, { maxCommitRetries, delayBetwee
                         // retry mechanism to ensure we've some recovery
                         // in case a transaction fails in the first attempt
                         let tries = maxCommitRetries;
+                        let committed = false;
                         while (tries) {
                             tries -= 1;
                             try {
                                 await state.set(mutations);
                                 logger.trace({ dbQueriesInTransaction }, 'committed transaction');
+                                committed = true;
                                 break;
                             }
                             catch (error) {
@@ -153,6 +155,11 @@ const addTransactionCapability = (state, logger, { maxCommitRetries, delayBetwee
                                 await (0, generics_1.delay)(delayBetweenTriesMs);
                             }
                         }
+                        // All retries exhausted without success: throw so callers know.
+                        // Without this, mutations are silently discarded in the finally block.
+                        if (!committed) {
+                            throw new Error(`Transaction commit failed after ${maxCommitRetries} retries`);
+                        }
                     }
                     else {
                         logger.trace('no mutations in transaction');

package/lib/Utils/make-mutex.js

@@ -1,9 +1,13 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.makeKeyedMutex = exports.makeMutex = void 0;
-const makeMutex = () => {
+/**
+ * Creates a mutex that processes tasks sequentially.
+ * @param taskTimeoutMs max time (ms) a single task may run before being forcefully
+ *   rejected to unblock the queue. Default: 30 000 ms.
+ */
+const makeMutex = (taskTimeoutMs = 30000) => {
     let task = Promise.resolve();
-    let taskTimeout;
     return {
         mutex(code) {
             task = (async () => {
@@ -13,13 +17,21 @@ const makeMutex = () => {
                     await task;
                 }
                 catch (_a) { }
+                // run current task with a timeout guard so a single hung task
+                // (e.g. a stalled WA query) never freezes the whole processing queue
+                let timeoutHandle;
+                const timeoutPromise = new Promise((_resolve, reject) => {
+                    timeoutHandle = setTimeout(
+                        () => reject(new Error(`makeMutex: task timed out after ${taskTimeoutMs}ms`)),
+                        taskTimeoutMs
+                    );
+                });
                 try {
-                    // execute the current task
-                    const result = await code();
+                    const result = await Promise.race([code(), timeoutPromise]);
                     return result;
                 }
                 finally {
-                    clearTimeout(taskTimeout);
+                    clearTimeout(timeoutHandle);
                 }
             })();
             // we replace the existing task, appending the new piece of execution to it

package/lib/Utils/use-multi-file-auth-state.js

@@ -8,12 +8,20 @@ const WAProto_1 = require("../../WAProto");
 const auth_utils_1 = require("./auth-utils");
 const generics_1 = require("./generics");
 const fileLocks = new Map();
+const fileLockRegistry = new FinalizationRegistry((path) => {
+    // Clean up the mutex entry when it's been garbage-collected so the
+    // Map doesn't grow unboundedly when running hundreds of bot sessions.
+    fileLocks.delete(path);
+});
 const getFileLock = (path) => {
-    let mutex = fileLocks.get(path);
-    if (!mutex) {
-        mutex = new async_mutex_1.Mutex();
-        fileLocks.set(path, mutex);
+    let entry = fileLocks.get(path);
+    if (entry) {
+        const mutex = entry.deref();
+        if (mutex) return mutex;
     }
+    const mutex = new async_mutex_1.Mutex();
+    fileLocks.set(path, new WeakRef(mutex));
+    fileLockRegistry.register(mutex, path);
     return mutex;
 };
 /**

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "violetics",
-    "version": "7.0.0-alpha",
+    "version": "7.0.1-alpha",
     "description": "WhatsApp API Modification",
     "keywords": [
         "whatsapp",
@@ -106,4 +106,4 @@
     "engines": {
         "node": ">=20.0.0"
     }
-}
+}