wowok 1.8.2 → 2.1.9

package/dist/cjs/w/messenger/messenger.js

@@ -0,0 +1,1512 @@
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var __publicField = (obj, key, value) => __defNormalProp(obj, typeof key !== "symbol" ? key + "" : key, value);
+var messenger_exports = {};
+__export(messenger_exports, {
+  Messenger: () => Messenger
+});
+module.exports = __toCommonJS(messenger_exports);
+var import_crypto = require("crypto");
+var fs = __toESM(require("fs"));
+var path = __toESM(require("path"));
+var import_proof = require("../call/proof.js");
+var import_session = require("./session.js");
+var import_server = require("./server.js");
+var import_storage = require("./storage.js");
+var import_crypto2 = require("./crypto.js");
+var import_utils = require("./utils.js");
+var import_types = require("./types.js");
+var import_sui_types = require("../../utils/sui-types.js");
+var import_account = require("../local/account.js");
+if (typeof window === "undefined" && typeof EventSource === "undefined") {
+  try {
+    const eventsource = require("eventsource");
+    const EventSourcePolyfill = eventsource.EventSource || eventsource.default || eventsource;
+    globalThis.EventSource = EventSourcePolyfill;
+  } catch (error) {
+    console.warn(
+      "EventSource polyfill not found. SSE functionality will be disabled in Node.js environment."
+    );
+  }
+}
+class Messenger {
+  constructor(userAddress, config) {
+    __publicField(this, "session");
+    __publicField(this, "serverClient");
+    __publicField(this, "config");
+    __publicField(this, "userAddress", null);
+    __publicField(this, "eventSource", null);
+    __publicField(this, "onMessageCallback", null);
+    __publicField(this, "prekeyCheckTimer", null);
+    __publicField(this, "messageStorage");
+    __publicField(this, "sessionStateStorage");
+    this.userAddress = userAddress;
+    this.config = { ...import_types.DEFAULT_MESSENGER_CONFIG, ...config };
+    this.session = new import_session.MessengerSession(userAddress, this.config);
+    this.serverClient = new import_server.MessengerServerClient(this.config);
+    this.messageStorage = new import_storage.MessageStorage(userAddress);
+    this.sessionStateStorage = new import_storage.SessionStateStorage(userAddress);
+  }
+  /**
+   * 获取用户地址
+   * @returns 用户地址
+   */
+  getUserAddress() {
+    if (!this.userAddress) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "User address not set"
+      );
+    }
+    return this.userAddress;
+  }
+  /**
+   * 获取用户公钥
+   * @returns 公钥（带标志位）
+   */
+  async getPublicKey() {
+    if (!this.userAddress) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "User address not set"
+      );
+    }
+    const account = await import_account.Account.Instance().get(this.userAddress, false);
+    return account?.pubkey || "";
+  }
+  /**
+   * 验证Guard消息格式
+   * @param guardAddress Guard地址
+   * @param passportAddress Passport地址
+   * @returns 是否为有效的Guard消息
+   */
+  isValidGuardMessage(guardAddress, passportAddress) {
+    return Boolean(
+      guardAddress && passportAddress && (0, import_sui_types.isValidWowAddress)(guardAddress) && (0, import_sui_types.isValidWowAddress)(passportAddress)
+    );
+  }
+  /**
+   * 生成签名参数
+   * 用于需要签名验证的 API 调用
+   */
+  async generateSignatureParams(operation) {
+    if (!this.userAddress) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "User address not set"
+      );
+    }
+    const account = await import_account.Account.Instance().get(this.userAddress, false);
+    if (!account?.secret) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        `Account not found or no secret key for ${this.userAddress}`
+      );
+    }
+    const { Ed25519Keypair } = await import("../../keypairs/ed25519/index.js");
+    const keypair = Ed25519Keypair.fromSecretKey(account.secret);
+    const publicKey = keypair.getPublicKey();
+    const publicKeyWithFlag = publicKey.toWPublicKey();
+    const timestamp = Date.now();
+    const nonce = this.generateNonce();
+    const message = `${operation}:${publicKeyWithFlag}:${timestamp}:${nonce}`;
+    const signature = await keypair.sign(new TextEncoder().encode(message));
+    return {
+      signatureScheme: "ED25519",
+      signature: Buffer.from(signature).toString("base64"),
+      timestamp,
+      nonce
+    };
+  }
+  /**
+   * 生成随机 nonce
+   */
+  generateNonce() {
+    const array = new Uint8Array(16);
+    crypto.getRandomValues(array);
+    return Array.from(array, (b) => b.toString(16).padStart(2, "0")).join(
+      ""
+    );
+  }
+  /**
+   * 初始化 Messenger
+   * 1. 确保本地身份
+   * 2. 注册设备到服务器
+   * 3. 上传预密钥
+   * 4. 检查预密钥状态（如低于阈值则补充）
+   * 5. 启动定期预密钥检查
+   */
+  async initialize() {
+    if (!this.userAddress) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "User address not set"
+      );
+    }
+    await this.session.ensureIdentity(this.userAddress);
+    await this.session.registerDevice(this.userAddress);
+    await this.session.ensurePreKeys(this.userAddress);
+    await this.checkAndRefillPrekeys();
+    this.startPrekeyCheckTimer();
+  }
+  /**
+   * 检查并补充预密钥
+   *
+   * 逻辑：如果服务器预密钥未满，自动补充到最大容量
+   */
+  async checkAndRefillPrekeys() {
+    if (!this.userAddress) return;
+    await this.session.ensurePreKeys(this.userAddress, false);
+  }
+  /**
+   * 启动预密钥定期检查定时器
+   */
+  startPrekeyCheckTimer() {
+    if (this.prekeyCheckTimer) {
+      clearInterval(this.prekeyCheckTimer);
+    }
+    const interval = this.config.prekeyCheckIntervalMs ?? 24 * 60 * 60 * 1e3;
+    this.prekeyCheckTimer = setInterval(() => {
+      this.checkAndRefillPrekeys();
+    }, interval);
+  }
+  /**
+   * 停止预密钥定期检查定时器
+   */
+  stopPrekeyCheckTimer() {
+    if (this.prekeyCheckTimer) {
+      clearInterval(this.prekeyCheckTimer);
+      this.prekeyCheckTimer = null;
+    }
+  }
+  /**
+   * 发送加密消息
+   *
+   * 流程：
+   * 1. 使用 Signal Protocol 加密消息
+   * 2. 发送到服务器
+   * 3. 接收服务器返回的 Merkle 证明数据
+   * 4. 本地存储消息
+   */
+  async sendMessage(recipientAddress, plaintext, options) {
+    if (!this.userAddress) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "User address not set"
+      );
+    }
+    const createdAt = Date.now();
+    const timestamp = Date.now();
+    const nonce = this.generateNonce();
+    const plaintextBytes = new TextEncoder().encode(plaintext).length;
+    if (plaintextBytes > import_types.NORMAL_MESSAGE_BYTES_LIMIT) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.INVALID_INPUT,
+        `Message size (${plaintextBytes} bytes) exceeds maximum allowed size (${import_types.NORMAL_MESSAGE_BYTES_LIMIT} bytes). Consider using sendZipFile for large content.`
+      );
+    }
+    const lastReceivedLeafIndex = this.messageStorage.getLastReceivedLeafIndex(
+      this.userAddress,
+      recipientAddress
+    );
+    const encrypted = await this.session.encryptMessage(
+      this.userAddress,
+      recipientAddress,
+      plaintext
+    );
+    const ciphertext = Buffer.from(new Uint8Array(encrypted.body)).toString(
+      "base64"
+    );
+    const plaintextHash = (0, import_crypto2.hashPlaintext)(
+      plaintext,
+      createdAt,
+      options?.guardAddress,
+      options?.passportAddress,
+      lastReceivedLeafIndex
+    );
+    const account = await import_account.Account.Instance().get(this.userAddress, false);
+    if (!account) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "User account not found"
+      );
+    }
+    const publicKey = account.pubkey;
+    const guardAddr = options?.guardAddress || "";
+    const passportAddr = options?.passportAddress || "";
+    const lastReceivedStr = lastReceivedLeafIndex >= 0 ? lastReceivedLeafIndex.toString() : "";
+    const forceStr = options?.force ? "true" : "false";
+    const signMessage = `send_message:${this.userAddress}:${recipientAddress}:${guardAddr}:${passportAddr}:${plaintextHash}:${lastReceivedStr}:${publicKey}:${timestamp}:${nonce}:${forceStr}`;
+    const signResult = await import_account.Account.Instance().signData(
+      this.userAddress,
+      signMessage
+    );
+    const signatureBuffer = Buffer.from(
+      signResult.signature.slice(2),
+      "hex"
+    );
+    const signatureBase64 = (0, import_crypto2.bytesToBase64)(new Uint8Array(signatureBuffer));
+    const response = await this.serverClient.sendMessage({
+      sender: signResult.publicKey,
+      recipient: recipientAddress,
+      ciphertext,
+      plaintextHash,
+      clientTimestamp: createdAt,
+      msgType: encrypted.type,
+      signatureScheme: "ED25519",
+      signature: signatureBase64,
+      timestamp,
+      nonce,
+      guardAddress: options?.guardAddress,
+      passportAddress: options?.passportAddress,
+      force: options?.force,
+      // 【修复】只有当 lastReceivedLeafIndex >= 0 时才发送，否则发送 undefined
+      lastReceivedLeafIndex: lastReceivedLeafIndex >= 0 ? lastReceivedLeafIndex : void 0
+    });
+    const message = {
+      messageId: response.messageId,
+      fromAddress: this.userAddress,
+      toAddress: recipientAddress,
+      plaintextHash,
+      plaintext,
+      guardAddress: options?.guardAddress,
+      passportAddress: options?.passportAddress,
+      lastReceivedLeafIndex,
+      // 【新增】保存消息确认字段
+      direction: import_types.MessageDirection.SENT,
+      status: response.status === "confirmed" ? import_types.MessageStatus.CONFIRMED : import_types.MessageStatus.PENDING,
+      msgType: encrypted.type,
+      createdAt
+    };
+    if (response.merkleData) {
+      message.leafIndex = response.merkleData.leafIndex;
+      message.prevRoot = response.merkleData.prevRoot;
+      message.newRoot = response.merkleData.newRoot;
+      message.serverSignature = response.merkleData.serverSignature;
+      message.serverTimestamp = response.merkleData.serverTimestamp;
+      message.serverPublicKey = response.merkleData.serverPublicKey;
+      this.sessionStateStorage.updateSessionState(
+        this.userAddress,
+        recipientAddress,
+        {
+          currentRoot: response.merkleData.newRoot,
+          prevRoot: response.merkleData.prevRoot,
+          lastLeafIndex: response.merkleData.leafIndex,
+          lastSyncAt: Date.now()
+        }
+      );
+    }
+    this.messageStorage.saveMessage(message);
+    if (response.pendingMerkleData) {
+      for (const [msgId, merkleData] of Object.entries(
+        response.pendingMerkleData
+      )) {
+        const existingMsg = this.messageStorage.getMessage(msgId);
+        if (existingMsg && existingMsg.status === import_types.MessageStatus.PENDING) {
+          this.messageStorage.updateMessageStatus(
+            msgId,
+            import_types.MessageStatus.CONFIRMED,
+            {
+              leafIndex: merkleData.leafIndex,
+              newRoot: merkleData.newRoot,
+              serverSignature: merkleData.serverSignature,
+              serverTimestamp: merkleData.serverTimestamp,
+              serverPublicKey: merkleData.serverPublicKey
+            }
+          );
+        }
+      }
+    }
+    return {
+      messageId: response.messageId,
+      status: message.status,
+      merkleData: response.merkleData,
+      guardList: response.guard_list
+    };
+  }
+  /**
+   * 拉取消息
+   *
+   * 流程：
+   * 1. 从服务器拉取消息
+   * 2. 解密消息（Signal Protocol）
+   * 3. 验证 Merkle 证明
+   * 4. 本地存储并确认消息
+   */
+  async pullMessages(limit) {
+    if (!this.userAddress) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "User address not set"
+      );
+    }
+    const timestamp = Date.now();
+    const nonce = this.generateNonce();
+    const message = `fetch_messages:${this.userAddress}:${limit || 100}:${timestamp}:${nonce}`;
+    const account = await import_account.Account.Instance().get(this.userAddress, false);
+    const publicKey = account?.pubkey || "";
+    const signResult = await import_account.Account.Instance().signData(
+      this.userAddress,
+      message
+    );
+    const signature = Buffer.from(signResult.signature.slice(2), "hex");
+    const signatureParams = {
+      signatureScheme: "ED25519",
+      signature: (0, import_crypto2.bytesToBase64)(signature),
+      timestamp,
+      nonce
+    };
+    const response = await this.serverClient.pullMessages(
+      this.userAddress,
+      publicKey,
+      signatureParams,
+      limit
+    );
+    if (response.messages.length === 0) {
+      return [];
+    }
+    const decryptedMessages = [];
+    const acknowledgedIds = [];
+    for (const serverMsg of response.messages) {
+      try {
+        const existingMessage = this.messageStorage.getMessage(
+          serverMsg.id
+        );
+        if (existingMessage) {
+          acknowledgedIds.push(serverMsg.id);
+          continue;
+        }
+        const ciphertext = Uint8Array.from(
+          Buffer.from(serverMsg.bodyB64, "base64")
+        );
+        const decryptedData = await this.session.decryptMessage(
+          this.userAddress,
+          serverMsg.from,
+          ciphertext.buffer,
+          serverMsg.msgType
+        );
+        const plaintext = decryptedData;
+        const senderLastReceivedIndex = serverMsg.lastReceivedLeafIndex ?? -1;
+        if (senderLastReceivedIndex >= 0) {
+          const myLastSent = this.getLastSentLeafIndex(
+            serverMsg.from
+          );
+          if (senderLastReceivedIndex < myLastSent) {
+          }
+        }
+        if (!serverMsg.clientTimestamp) {
+          throw new Error(
+            `Missing clientTimestamp for message ${serverMsg.id}`
+          );
+        }
+        if (!serverMsg.plaintextHash) {
+          throw new Error(
+            `Missing plaintextHash for message ${serverMsg.id}`
+          );
+        }
+        if (serverMsg.merkleMetadata) {
+          if (!serverMsg.merkleMetadata.prevRoot) {
+            throw new Error(
+              `Message ${serverMsg.id} missing prevRoot in merkleMetadata`
+            );
+          }
+          if (!serverMsg.merkleMetadata.newRoot) {
+            throw new Error(
+              `Message ${serverMsg.id} missing newRoot in merkleMetadata`
+            );
+          }
+        }
+        const verificationResult = (0, import_crypto2.verifyMessage)({
+          messageId: serverMsg.id,
+          plaintext,
+          plaintextHash: serverMsg.plaintextHash,
+          createdAt: serverMsg.clientTimestamp,
+          guardAddress: serverMsg.guardAddress,
+          passportAddress: serverMsg.passportAddress,
+          lastReceivedLeafIndex: serverMsg.lastReceivedLeafIndex,
+          // 【新增】传入消息确认字段
+          serverSignature: serverMsg.merkleMetadata?.serverSignature,
+          serverPublicKey: serverMsg.merkleMetadata?.serverPublicKey,
+          merkleMetadata: serverMsg.merkleMetadata ? {
+            prevRoot: serverMsg.merkleMetadata.prevRoot,
+            newRoot: serverMsg.merkleMetadata.newRoot,
+            serverTimestamp: serverMsg.merkleMetadata.serverTimestamp,
+            leafIndex: serverMsg.merkleMetadata.leafIndex,
+            proofSiblings: serverMsg.merkleMetadata.proofSiblings,
+            proofIndices: serverMsg.merkleMetadata.proofIndices
+          } : void 0
+        });
+        if (!verificationResult.valid) {
+          throw new Error(verificationResult.error);
+        }
+        const message2 = {
+          messageId: serverMsg.id,
+          fromAddress: serverMsg.from,
+          toAddress: this.userAddress,
+          plaintextHash: serverMsg.plaintextHash,
+          plaintext,
+          guardAddress: serverMsg.guardAddress,
+          passportAddress: serverMsg.passportAddress,
+          lastReceivedLeafIndex: serverMsg.lastReceivedLeafIndex,
+          // 【新增】保存消息确认字段
+          direction: import_types.MessageDirection.RECEIVED,
+          status: import_types.MessageStatus.CONFIRMED,
+          msgType: serverMsg.msgType,
+          leafIndex: serverMsg.merkleMetadata?.leafIndex,
+          prevRoot: serverMsg.merkleMetadata?.prevRoot,
+          newRoot: serverMsg.merkleMetadata?.newRoot,
+          serverSignature: serverMsg.merkleMetadata?.serverSignature,
+          serverTimestamp: serverMsg.merkleMetadata?.serverTimestamp,
+          serverPublicKey: serverMsg.merkleMetadata?.serverPublicKey,
+          createdAt: serverMsg.clientTimestamp,
+          // 保存 ZIP 元数据（如果是 ZIP 消息）
+          zipMetadata: serverMsg.zipMetadata
+        };
+        this.messageStorage.saveMessage(message2);
+        if (serverMsg.merkleMetadata) {
+          this.sessionStateStorage.updateSessionState(
+            this.userAddress,
+            serverMsg.from,
+            {
+              currentRoot: serverMsg.merkleMetadata.newRoot,
+              prevRoot: serverMsg.merkleMetadata.prevRoot,
+              lastLeafIndex: serverMsg.merkleMetadata.leafIndex,
+              lastSyncAt: Date.now()
+            }
+          );
+        }
+        const timestamp2 = serverMsg.merkleMetadata?.serverTimestamp || serverMsg.clientTimestamp || Date.now();
+        decryptedMessages.push({
+          id: serverMsg.id,
+          from: serverMsg.from,
+          plaintext,
+          // 【更新】明文直接是消息内容
+          timestamp: timestamp2,
+          merkleVerified: !!serverMsg.merkleMetadata,
+          merkleData: serverMsg.merkleMetadata ? {
+            leafIndex: serverMsg.merkleMetadata.leafIndex,
+            rootHash: serverMsg.merkleMetadata.newRoot
+          } : void 0
+        });
+        acknowledgedIds.push(serverMsg.id);
+      } catch (error) {
+        throw new Error(
+          `Failed to decrypt message ${serverMsg.id}: ${error instanceof Error ? error.message : String(error)}`
+        );
+      }
+    }
+    if (acknowledgedIds.length > 0 && this.userAddress) {
+      const ackTimestamp = Date.now();
+      const ackNonce = this.generateNonce();
+      const account2 = await import_account.Account.Instance().get(
+        this.userAddress,
+        false
+      );
+      if (account2?.pubkey) {
+        const ackMessage = `ack_messages:${this.userAddress}:${acknowledgedIds.join(",")}:${account2.pubkey}:${ackTimestamp}:${ackNonce}`;
+        const signResult2 = await import_account.Account.Instance().signData(
+          this.userAddress,
+          ackMessage
+        );
+        const signatureBuffer = Buffer.from(
+          signResult2.signature.slice(2),
+          "hex"
+        );
+        const signatureBase64 = (0, import_crypto2.bytesToBase64)(
+          new Uint8Array(signatureBuffer)
+        );
+        await this.serverClient.acknowledgeMessages(
+          acknowledgedIds,
+          signResult2.publicKey,
+          {
+            publicKey: signResult2.publicKey,
+            signatureScheme: "ED25519",
+            signature: signatureBase64,
+            timestamp: ackTimestamp,
+            nonce: ackNonce
+          }
+        );
+      }
+    }
+    await this.session.ensurePreKeys(this.userAddress);
+    return decryptedMessages;
+  }
+  /**
+   * 获取最后发送的消息序号
+   * @param peerAddress 对方地址
+   * @returns 最后发送的消息 leafIndex，如果没有发送过返回 -1
+   */
+  getLastSentLeafIndex(peerAddress) {
+    if (!this.userAddress) return -1;
+    const messages = this.messageStorage.getMessagesBySession(
+      this.userAddress,
+      peerAddress
+    );
+    const sentMessages = messages.filter(
+      (m) => m.direction === import_types.MessageDirection.SENT && m.leafIndex !== void 0
+    );
+    if (sentMessages.length === 0) return -1;
+    return Math.max(...sentMessages.map((m) => m.leafIndex));
+  }
+  /**
+   * 获取会话历史消息
+   */
+  getSessionMessages(peerAddress) {
+    if (!this.userAddress) {
+      return [];
+    }
+    return this.messageStorage.getMessagesBySession(
+      this.userAddress,
+      peerAddress
+    );
+  }
+  /**
+   * 获取会话当前状态
+   */
+  getSessionState(peerAddress) {
+    if (!this.userAddress) {
+      return void 0;
+    }
+    return this.sessionStateStorage.getSessionState(
+      this.userAddress,
+      peerAddress
+    );
+  }
+  /**
+   * 提交链上证明
+   *
+   * 使用 proof.ts 将 Merkle Root 提交到链上，获得时间证明
+   *
+   * @param env CallEnv 环境
+   * @param peerAddress 对方地址
+   * @param description 证明描述
+   */
+  async submitChainProof(env, peerAddress, description) {
+    if (!this.userAddress) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "User address not set"
+      );
+    }
+    const sessionState = this.sessionStateStorage.getSessionState(
+      this.userAddress,
+      peerAddress
+    );
+    if (!sessionState || !sessionState.currentRoot) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.SESSION_NOT_ESTABLISHED,
+        "No session state found"
+      );
+    }
+    const messages = this.messageStorage.getMessagesBySession(
+      this.userAddress,
+      peerAddress
+    );
+    const lastMessage = messages[messages.length - 1];
+    if (!lastMessage || !lastMessage.serverPublicKey || !lastMessage.serverSignature) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.INVALID_PROOF,
+        "No temporal proof (missing server public key or signature), cannot submit Proof to WoWok blockchain"
+      );
+    }
+    const serverPubKey = lastMessage.serverPublicKey;
+    const serverSignature = lastMessage.serverSignature;
+    const proofData = {
+      sessionId: sessionState.sessionId,
+      merkleRoot: sessionState.currentRoot,
+      messageCount: sessionState.messageCount,
+      timestamp: Date.now()
+    };
+    const callProof = new import_proof.CallProof({
+      proof: JSON.stringify(proofData),
+      server_pubkey: serverPubKey,
+      server_signature: serverSignature,
+      proof_type: import_types.CHAIN_PROOF_TYPE,
+      // 1 = Messenger Session Proof
+      description: description || `Messenger session proof for ${this.userAddress} <-> ${peerAddress}`,
+      item_count: sessionState.messageCount,
+      about_address: sessionState.sessionId
+    });
+    const result = await callProof.call(env);
+    const responseData = result?.objectChanges;
+    const proofAddress = responseData?.find(
+      (change) => change.objectType?.includes("Proof")
+    )?.objectId;
+    return {
+      proofAddress: proofAddress || "",
+      txHash: result?.digest || ""
+    };
+  }
+  /**
+   * 建立 SSE 连接并监听服务器事件
+   *
+   * 安全要求：必须提供签名验证，防止未授权监听他人事件
+   * @param onMessage 新消息回调
+   * @param signatureParams 签名参数（可选，不提供时自动生成）
+   */
+  async connectEventSource(onMessage, signatureParams) {
+    if (!this.userAddress) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "User address not set"
+      );
+    }
+    this.disconnectEventSource();
+    if (onMessage) {
+      this.onMessageCallback = onMessage;
+    }
+    const account = await import_account.Account.Instance().get(this.userAddress, false);
+    const publicKey = account?.pubkey || "";
+    let params = signatureParams;
+    if (!params) {
+      const timestamp = Date.now();
+      const nonce = this.generateNonce();
+      const message = `event_stream:${this.userAddress}:${timestamp}:${nonce}`;
+      const signResult = await import_account.Account.Instance().signData(
+        this.userAddress,
+        message
+      );
+      const signatureBuffer = Buffer.from(
+        signResult.signature.slice(2),
+        "hex"
+      );
+      const signatureBase64 = (0, import_crypto2.bytesToBase64)(
+        new Uint8Array(signatureBuffer)
+      );
+      params = {
+        signatureScheme: "ED25519",
+        signature: signatureBase64,
+        timestamp,
+        nonce
+      };
+    }
+    const queryParams = new URLSearchParams({
+      publicKey,
+      signatureScheme: params.signatureScheme,
+      signature: params.signature,
+      timestamp: params.timestamp.toString(),
+      nonce: params.nonce
+    });
+    const url = `${this.config.serverUrl}/v1/events/${this.userAddress}?${queryParams}`;
+    if (typeof EventSource === "undefined") {
+      throw new ReferenceError("EventSource is not defined");
+    }
+    this.eventSource = new EventSource(url);
+    this.eventSource.onmessage = async (event) => {
+      try {
+        const sseEvent = JSON.parse(event.data);
+        switch (sseEvent.type) {
+          case "NewMessage":
+            if (this.onMessageCallback) {
+              const messages = await this.pullMessages();
+              if (messages.length > 0) {
+                this.onMessageCallback(messages);
+              }
+            }
+            break;
+          case "ark_confirmed": {
+            const {
+              message_ids,
+              recipient,
+              recipient_public_key,
+              signature,
+              timestamp
+            } = sseEvent.data;
+            const verifyMessage2 = `ack_messages:${recipient}:${message_ids.join(",")}:${recipient_public_key}:${timestamp}`;
+            try {
+              const { Ed25519PublicKey } = await import("../../keypairs/ed25519/publickey.js");
+              const publicKey2 = new Ed25519PublicKey(
+                recipient_public_key
+              );
+              const signatureBytes = Uint8Array.from(
+                Buffer.from(signature, "base64")
+              );
+              const isValid = await publicKey2.verify(
+                new TextEncoder().encode(verifyMessage2),
+                signatureBytes
+              );
+              if (isValid) {
+                for (const msgId of message_ids) {
+                  const existingMsg = this.messageStorage.getMessage(msgId);
+                  if (existingMsg) {
+                    existingMsg.arkConfirmed = {
+                      recipient,
+                      recipientPublicKey: recipient_public_key,
+                      signature,
+                      timestamp
+                    };
+                    this.messageStorage.saveMessage(
+                      existingMsg
+                    );
+                  }
+                }
+              } else {
+                console.error(
+                  "ARK signature verification failed - possible server tampering"
+                );
+              }
+            } catch (error) {
+              console.error(
+                "Failed to verify ARK signature:",
+                error
+              );
+            }
+            break;
+          }
+          case "PreKeyLow":
+            await this.checkAndRefillPrekeys();
+            break;
+          case "Custom":
+            break;
+          case "guard_confirmed": {
+            const {
+              message_id,
+              merkle_data,
+              timestamp: _timestamp
+            } = sseEvent.data;
+            const existingMsg = this.messageStorage.getMessage(message_id);
+            if (!existingMsg) {
+              console.warn(
+                `Guard confirmed event received but message ${message_id} not found in local storage`
+              );
+              break;
+            }
+            if (!merkle_data.prevRoot) {
+              console.error(
+                `Guard message ${message_id} missing prevRoot in merkle_data`
+              );
+              break;
+            }
+            if (!merkle_data.newRoot) {
+              console.error(
+                `Guard message ${message_id} missing newRoot in merkle_data`
+              );
+              break;
+            }
+            if (!merkle_data.serverTimestamp) {
+              console.error(
+                `Guard message ${message_id} missing serverTimestamp in merkle_data`
+              );
+              break;
+            }
+            if (!merkle_data.serverSignature) {
+              console.error(
+                `Guard message ${message_id} missing serverSignature in merkle_data`
+              );
+              break;
+            }
+            if (!merkle_data.serverPublicKey) {
+              console.error(
+                `Guard message ${message_id} missing serverPublicKey in merkle_data`
+              );
+              break;
+            }
+            const { verifySingleMerkleRoot } = await import("./crypto.js");
+            const rootValid = verifySingleMerkleRoot(
+              merkle_data.prevRoot,
+              merkle_data.newRoot,
+              existingMsg.plaintextHash,
+              merkle_data.serverTimestamp,
+              merkle_data.leafIndex
+            );
+            if (!rootValid.valid) {
+              console.error(
+                `Guard message ${message_id} Merkle root verification failed: ${rootValid.error}`
+              );
+              break;
+            }
+            const { verifyEd25519Signature } = await import("./crypto.js");
+            const signData = `${merkle_data.prevRoot}:${merkle_data.newRoot}:${merkle_data.serverTimestamp}:${merkle_data.serverPublicKey}`;
+            const signatureValid = verifyEd25519Signature(
+              merkle_data.serverPublicKey,
+              signData,
+              merkle_data.serverSignature
+            );
+            if (!signatureValid) {
+              console.error(
+                `Guard message ${message_id} server signature verification failed`
+              );
+              break;
+            }
+            this.messageStorage.updateMessageStatus(
+              message_id,
+              import_types.MessageStatus.CONFIRMED,
+              {
+                leafIndex: merkle_data.leafIndex,
+                newRoot: merkle_data.newRoot,
+                serverSignature: merkle_data.serverSignature,
+                serverTimestamp: merkle_data.serverTimestamp,
+                serverPublicKey: merkle_data.serverPublicKey
+              }
+            );
+            const updated = true;
+            if (updated) {
+              if (existingMsg.toAddress === null) {
+                throw new Error(
+                  `Guard message ${message_id} has null toAddress`
+                );
+              }
+              const toAddr = existingMsg.toAddress;
+              if (toAddr === null) {
+                throw new Error(
+                  `Guard message ${message_id} has null toAddress`
+                );
+              }
+              this.sessionStateStorage.updateSessionState(
+                this.userAddress,
+                toAddr,
+                {
+                  currentRoot: merkle_data.newRoot,
+                  prevRoot: merkle_data.prevRoot,
+                  lastLeafIndex: merkle_data.leafIndex,
+                  lastSyncAt: Date.now()
+                }
+              );
+            } else {
+              console.warn(
+                `Failed to update Guard message ${message_id}`
+              );
+            }
+            break;
+          }
+          case "guard_rejected": {
+            const {
+              message_id,
+              reason: _reason,
+              timestamp: _timestamp
+            } = sseEvent.data;
+            const existingMsg = this.messageStorage.getMessage(message_id);
+            if (existingMsg) {
+              existingMsg.status = import_types.MessageStatus.REJECTED;
+              this.messageStorage.saveMessage(existingMsg);
+            } else {
+            }
+            break;
+          }
+        }
+      } catch (error) {
+        console.error("Failed to handle SSE event:", error);
+      }
+    };
+    this.eventSource.onopen = () => {
+    };
+    this.eventSource.onerror = (error) => {
+      console.error("SSE connection error:", error);
+      this.disconnectEventSource();
+    };
+  }
+  /**
+   * 检查 SSE 是否已连接
+   */
+  isEventSourceConnected() {
+    return this.eventSource !== null;
+  }
+  /**
+   * 断开 SSE 连接
+   */
+  disconnectEventSource() {
+    if (this.eventSource) {
+      this.eventSource.close();
+      this.eventSource = null;
+    }
+  }
+  /**
+   * 销毁 Messenger 实例
+   * 清理所有资源（定时器、SSE 连接等）
+   */
+  destroy() {
+    this.stopPrekeyCheckTimer();
+    this.disconnectEventSource();
+  }
+  /**
+   * 断开连接（destroy 的别名）
+   * 用于清理资源
+   */
+  disconnect() {
+    this.destroy();
+  }
+  /**
+   * 发送 ZIP 压缩文件
+   *
+   * 支持发送本地或网络 WTS/WIP 文件，经过 ZIP 压缩后发送给对方
+   * 支持 Guard 验证，如果提供 guardAddress 和 passportAddress，消息将进入 Guard 验证流程
+   *
+   * @param recipientAddress 接收方地址
+   * @param source 文件源（本地路径或网络 URL）
+   * @param options 可选参数
+   * @returns 发送结果
+   */
+  async sendZipFile(recipientAddress, source, options) {
+    if (!this.userAddress) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "User address not set"
+      );
+    }
+    const fileData = await this.loadFileData(source);
+    const JSZip = (await import("jszip")).default;
+    const zip = new JSZip();
+    const fileName = options?.fileName || path.basename(source) || "file.zip";
+    const contentType = options?.contentType || this.detectContentType(fileName);
+    zip.file(fileName, fileData);
+    const zipBlob = await zip.generateAsync({ type: "uint8array" });
+    if (zipBlob.length > import_types.WTS_FILE_BYTES_LIMIT) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.INVALID_INPUT,
+        `ZIP file size (${zipBlob.length} bytes) exceeds local maximum allowed size (${import_types.WTS_FILE_BYTES_LIMIT} bytes)`
+      );
+    }
+    const zipFileHash = "0x" + (0, import_crypto.createHash)("sha256").update(zipBlob).digest("hex");
+    const zipBase64 = Buffer.from(zipBlob).toString("base64");
+    const zipMetadata = {
+      fileName: `${fileName}.zip`,
+      fileSize: zipBlob.length,
+      fileHash: zipFileHash,
+      contentType
+    };
+    const lastReceivedLeafIndex = this.messageStorage.getLastReceivedLeafIndex(
+      this.userAddress,
+      recipientAddress
+    );
+    const createdAt = Date.now();
+    const encrypted = await this.session.encryptMessage(
+      this.userAddress,
+      recipientAddress,
+      zipBase64
+      // 直接加密 ZIP 的 base64 内容
+    );
+    const ciphertext = Buffer.from(new Uint8Array(encrypted.body)).toString(
+      "base64"
+    );
+    const guardAddr = options?.guardAddress || "";
+    const passportAddr = options?.passportAddress || "";
+    const plaintextHash = (0, import_crypto2.hashPlaintext)(
+      zipBase64,
+      createdAt,
+      guardAddr,
+      passportAddr,
+      lastReceivedLeafIndex
+    );
+    const timestamp = Date.now();
+    const nonce = this.generateNonce();
+    const account = await import_account.Account.Instance().get(this.userAddress, false);
+    if (!account) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "User account not found"
+      );
+    }
+    const publicKey = account.pubkey;
+    const lastReceivedStr = lastReceivedLeafIndex >= 0 ? lastReceivedLeafIndex.toString() : "";
+    const forceStr = options?.force ? "true" : "false";
+    const signMessage = `send_message:${this.userAddress}:${recipientAddress}:${guardAddr}:${passportAddr}:${plaintextHash}:${lastReceivedStr}:${publicKey}:${timestamp}:${nonce}:${forceStr}`;
+    const signResult = await import_account.Account.Instance().signData(
+      this.userAddress,
+      signMessage
+    );
+    const signatureBuffer = Buffer.from(
+      signResult.signature.slice(2),
+      "hex"
+    );
+    const signatureBase64 = (0, import_crypto2.bytesToBase64)(new Uint8Array(signatureBuffer));
+    const response = await this.serverClient.sendMessage({
+      sender: signResult.publicKey,
+      recipient: recipientAddress,
+      ciphertext,
+      plaintextHash,
+      clientTimestamp: createdAt,
+      msgType: encrypted.type,
+      // 使用底层 Signal Protocol 消息类型（1 或 3）
+      zipMetadata,
+      guardAddress: options?.guardAddress,
+      passportAddress: options?.passportAddress,
+      force: options?.force,
+      // 【修复】只有当 lastReceivedLeafIndex >= 0 时才发送，否则发送 undefined
+      lastReceivedLeafIndex: lastReceivedLeafIndex >= 0 ? lastReceivedLeafIndex : void 0,
+      signatureScheme: "ED25519",
+      signature: signatureBase64,
+      timestamp,
+      nonce
+    });
+    const message = {
+      messageId: response.messageId,
+      fromAddress: this.userAddress,
+      toAddress: recipientAddress,
+      plaintextHash,
+      plaintext: zipBase64,
+      // 保存 ZIP 数据的 base64 编码，方便本地查看
+      guardAddress: options?.guardAddress,
+      passportAddress: options?.passportAddress,
+      lastReceivedLeafIndex,
+      // 【新增】保存消息确认字段
+      direction: import_types.MessageDirection.SENT,
+      status: response.status === "confirmed" ? import_types.MessageStatus.CONFIRMED : import_types.MessageStatus.PENDING,
+      msgType: encrypted.type,
+      // 使用底层 Signal Protocol 消息类型（1 或 3）
+      zipMetadata,
+      createdAt
+    };
+    if (response.merkleData) {
+      message.leafIndex = response.merkleData.leafIndex;
+      message.prevRoot = response.merkleData.prevRoot;
+      message.newRoot = response.merkleData.newRoot;
+      message.serverSignature = response.merkleData.serverSignature;
+      message.serverTimestamp = response.merkleData.serverTimestamp;
+      message.serverPublicKey = response.merkleData.serverPublicKey;
+      this.sessionStateStorage.updateSessionState(
+        this.userAddress,
+        recipientAddress,
+        {
+          currentRoot: response.merkleData.newRoot,
+          prevRoot: response.merkleData.prevRoot,
+          lastLeafIndex: response.merkleData.leafIndex,
+          lastSyncAt: Date.now()
+        }
+      );
+    }
+    this.messageStorage.saveMessage(message);
+    if (response.pendingMerkleData) {
+      for (const [msgId, merkleData] of Object.entries(
+        response.pendingMerkleData
+      )) {
+        const existingMsg = this.messageStorage.getMessage(msgId);
+        if (existingMsg && existingMsg.status === import_types.MessageStatus.PENDING) {
+          this.messageStorage.updateMessageStatus(
+            msgId,
+            import_types.MessageStatus.CONFIRMED,
+            {
+              leafIndex: merkleData.leafIndex,
+              newRoot: merkleData.newRoot,
+              serverSignature: merkleData.serverSignature,
+              serverTimestamp: merkleData.serverTimestamp,
+              serverPublicKey: merkleData.serverPublicKey
+            }
+          );
+        }
+      }
+    }
+    return {
+      messageId: response.messageId,
+      status: message.status,
+      merkleData: response.merkleData,
+      guardList: response.guard_list
+    };
+  }
+  /**
+   * 加载文件数据（支持本地路径和网络 URL）
+   */
+  async loadFileData(source) {
+    if (source.startsWith("http://") || source.startsWith("https://")) {
+      const response = await fetch(source);
+      if (!response.ok) {
+        throw new import_types.MessengerError(
+          import_types.MessengerErrorCode.NETWORK_ERROR,
+          `Failed to fetch file from ${source}: ${response.statusText}`
+        );
+      }
+      const arrayBuffer = await response.arrayBuffer();
+      return new Uint8Array(arrayBuffer);
+    }
+    const resolvedPath = path.resolve(source);
+    if (!fs.existsSync(resolvedPath)) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.FILE_NOT_FOUND,
+        `File not found: ${resolvedPath}`
+      );
+    }
+    const buffer = fs.readFileSync(resolvedPath);
+    return new Uint8Array(buffer);
+  }
+  /**
+   * 检测内容类型
+   */
+  detectContentType(fileName) {
+    const ext = path.extname(fileName).toLowerCase();
+    switch (ext) {
+      case ".wts":
+        return "wts";
+      case ".wip":
+        return "wip";
+      default:
+        return "zip";
+    }
+  }
+  /**
+   * 生成签名的请求
+   */
+  async _createSignedRequest(data) {
+    if (!this.userAddress) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "User address not set"
+      );
+    }
+    const timestamp = Date.now();
+    const nonce = this.generateNonce();
+    const dataJson = (0, import_utils.canonicalizeJson)(data);
+    const signMessage = `${timestamp}:${nonce}:${dataJson}`;
+    const signResult = await import_account.Account.Instance().signData(
+      this.userAddress,
+      signMessage
+    );
+    const signatureBuffer = Buffer.from(
+      signResult.signature.slice(2),
+      "hex"
+    );
+    const signatureBase64 = (0, import_crypto2.bytesToBase64)(new Uint8Array(signatureBuffer));
+    const account = await import_account.Account.Instance().get(this.userAddress, false);
+    if (!account || !account.pubkey) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "Account public key not found"
+      );
+    }
+    return {
+      userAddress: this.userAddress,
+      publicKey: account.pubkey,
+      signatureScheme: "ED25519",
+      signature: signatureBase64,
+      timestamp,
+      nonce,
+      data
+    };
+  }
+  /**
+   * 验证地址列表
+   */
+  _validateAddresses(addresses) {
+    const valid = [];
+    const invalid = [];
+    for (const addr of addresses) {
+      if ((0, import_sui_types.isValidWowAddress)(addr)) {
+        valid.push(addr);
+      } else {
+        invalid.push(addr);
+      }
+    }
+    return { valid, invalid };
+  }
+  /**
+   * 黑名单 - 添加地址
+   */
+  async addToBlacklist(addresses) {
+    if (!this.userAddress) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "User address not set"
+      );
+    }
+    const { valid, invalid } = this._validateAddresses(addresses);
+    if (invalid.length > 0) {
+      return {
+        success: false,
+        operation: "add",
+        modifiedCount: 0,
+        currentCount: 0,
+        maxCount: 0,
+        invalidAddresses: invalid,
+        message: `Invalid addresses: ${invalid.join(", ")}`
+      };
+    }
+    const data = { addresses: valid };
+    const signedRequest = await this._createSignedRequest(data);
+    return this.serverClient.addToBlacklist(
+      this.userAddress,
+      signedRequest
+    );
+  }
+  /**
+   * 黑名单 - 移除地址
+   */
+  async removeFromBlacklist(addresses) {
+    if (!this.userAddress) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "User address not set"
+      );
+    }
+    const { valid, invalid } = this._validateAddresses(addresses);
+    if (invalid.length > 0) {
+      return {
+        success: false,
+        operation: "remove",
+        modifiedCount: 0,
+        currentCount: 0,
+        maxCount: 0,
+        invalidAddresses: invalid,
+        message: `Invalid addresses: ${invalid.join(", ")}`
+      };
+    }
+    const data = { addresses: valid };
+    const signedRequest = await this._createSignedRequest(data);
+    return this.serverClient.removeFromBlacklist(
+      this.userAddress,
+      signedRequest
+    );
+  }
+  /**
+   * 黑名单 - 清空
+   */
+  async clearBlacklist() {
+    if (!this.userAddress) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "User address not set"
+      );
+    }
+    const data = {};
+    const signedRequest = await this._createSignedRequest(data);
+    return this.serverClient.clearBlacklist(
+      this.userAddress,
+      signedRequest
+    );
+  }
+  /**
+   * 黑名单 - 获取列表
+   */
+  async getBlacklist() {
+    if (!this.userAddress) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "User address not set"
+      );
+    }
+    const signedRequest = await this._createSignedRequest({});
+    return this.serverClient.getBlacklist(this.userAddress, signedRequest);
+  }
+  /**
+   * 黑名单 - 检查存在
+   */
+  async existInBlacklist(addresses) {
+    if (!this.userAddress) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "User address not set"
+      );
+    }
+    const { valid, invalid } = this._validateAddresses(addresses);
+    if (invalid.length > 0) {
+      return {
+        success: false,
+        operation: "exist",
+        modifiedCount: 0,
+        currentCount: 0,
+        maxCount: 0,
+        invalidAddresses: invalid,
+        message: `Invalid addresses: ${invalid.join(", ")}`
+      };
+    }
+    const data = { addresses: valid };
+    const signedRequest = await this._createSignedRequest(data);
+    return this.serverClient.existInBlacklist(
+      this.userAddress,
+      signedRequest
+    );
+  }
+  /**
+   * 好友列表 - 添加地址
+   */
+  async addToFriendsList(addresses) {
+    if (!this.userAddress) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "User address not set"
+      );
+    }
+    const { valid, invalid } = this._validateAddresses(addresses);
+    if (invalid.length > 0) {
+      return {
+        success: false,
+        operation: "add",
+        modifiedCount: 0,
+        currentCount: 0,
+        maxCount: 0,
+        invalidAddresses: invalid,
+        message: `Invalid addresses: ${invalid.join(", ")}`
+      };
+    }
+    const data = { addresses: valid };
+    const signedRequest = await this._createSignedRequest(data);
+    return this.serverClient.addToFriendsList(
+      this.userAddress,
+      signedRequest
+    );
+  }
+  /**
+   * 好友列表 - 移除地址
+   */
+  async removeFromFriendsList(addresses) {
+    if (!this.userAddress) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "User address not set"
+      );
+    }
+    const { valid, invalid } = this._validateAddresses(addresses);
+    if (invalid.length > 0) {
+      return {
+        success: false,
+        operation: "remove",
+        modifiedCount: 0,
+        currentCount: 0,
+        maxCount: 0,
+        invalidAddresses: invalid,
+        message: `Invalid addresses: ${invalid.join(", ")}`
+      };
+    }
+    const data = { addresses: valid };
+    const signedRequest = await this._createSignedRequest(data);
+    return this.serverClient.removeFromFriendsList(
+      this.userAddress,
+      signedRequest
+    );
+  }
+  /**
+   * 好友列表 - 清空
+   */
+  async clearFriendsList() {
+    if (!this.userAddress) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "User address not set"
+      );
+    }
+    const data = {};
+    const signedRequest = await this._createSignedRequest(data);
+    return this.serverClient.clearFriendsList(
+      this.userAddress,
+      signedRequest
+    );
+  }
+  /**
+   * 好友列表 - 获取列表
+   */
+  async getFriendsList() {
+    if (!this.userAddress) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "User address not set"
+      );
+    }
+    const signedRequest = await this._createSignedRequest({});
+    return this.serverClient.getFriendsList(
+      this.userAddress,
+      signedRequest
+    );
+  }
+  /**
+   * 好友列表 - 检查存在
+   */
+  async existInFriendsList(addresses) {
+    if (!this.userAddress) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "User address not set"
+      );
+    }
+    const { valid, invalid } = this._validateAddresses(addresses);
+    if (invalid.length > 0) {
+      return {
+        success: false,
+        operation: "exist",
+        modifiedCount: 0,
+        currentCount: 0,
+        maxCount: 0,
+        invalidAddresses: invalid,
+        message: `Invalid addresses: ${invalid.join(", ")}`
+      };
+    }
+    const data = { addresses: valid };
+    const signedRequest = await this._createSignedRequest(data);
+    return this.serverClient.existInFriendsList(
+      this.userAddress,
+      signedRequest
+    );
+  }
+  /**
+   * Guard 列表 - 添加
+   */
+  async addToGuardList(guards) {
+    if (!this.userAddress) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "User address not set"
+      );
+    }
+    const data = { guards };
+    const signedRequest = await this._createSignedRequest(data);
+    return this.serverClient.addToGuardList(
+      this.userAddress,
+      signedRequest
+    );
+  }
+  /**
+   * Guard 列表 - 移除
+   */
+  async removeFromGuardList(addresses) {
+    if (!this.userAddress) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "User address not set"
+      );
+    }
+    const { valid, invalid } = this._validateAddresses(addresses);
+    if (invalid.length > 0) {
+      return {
+        success: false,
+        operation: "remove",
+        modifiedCount: 0,
+        currentCount: 0,
+        maxCount: 0,
+        invalidAddresses: invalid,
+        message: `Invalid addresses: ${invalid.join(", ")}`
+      };
+    }
+    const data = { addresses: valid };
+    const signedRequest = await this._createSignedRequest(data);
+    return this.serverClient.removeFromGuardList(
+      this.userAddress,
+      signedRequest
+    );
+  }
+  /**
+   * Guard 列表 - 获取列表
+   */
+  async getGuardList() {
+    if (!this.userAddress) {
+      throw new import_types.MessengerError(
+        import_types.MessengerErrorCode.IDENTITY_NOT_FOUND,
+        "User address not set"
+      );
+    }
+    const signedRequest = await this._createSignedRequest({});
+    return this.serverClient.getGuardList(this.userAddress, signedRequest);
+  }
+}