wyrm-mcp 7.2.0 → 7.2.2

package/dist/cloud/client.js

@@ -1,221 +1 @@
-/**
- * Wyrm Cloud HTTP client — Bearer-auth wrapper around wyrm.ghosts.lk.
- *
- * Persists session to ~/.wyrm/cloud.json on successful login. The session
- * value is the only secret stored locally for cloud access (the master
- * encryption key is in a SEPARATE file — see crypto.ts).
- *
- * Endpoints used:
- *   POST /api/v1/auth/cli-init       — start a login flow
- *   POST /api/v1/auth/cli-poll       — exchange poll_token → session
- *   GET  /api/v1/auth/me             — current account info
- *   POST /api/v1/auth/logout         — revoke this session
- *   POST /api/v1/devices             — register this machine as a device
- *   GET  /api/v1/devices             — list devices
- *   DELETE /api/v1/devices/:id       — revoke a device
- *   POST /api/v1/sync/push           — upload encrypted deltas
- *   GET  /api/v1/sync/pull           — download peer deltas
- *   GET  /api/v1/sync/status         — tier + storage usage
- *
- * @copyright 2026 Ghost Protocol (Pvt) Ltd.
- */
-import { readFileSync, writeFileSync, existsSync, mkdirSync, chmodSync, unlinkSync } from 'node:fs';
-import { join } from 'node:path';
-import { homedir } from 'node:os';
-export const DEFAULT_BASE = process.env.WYRM_CLOUD_URL ?? 'https://wyrm.ghosts.lk';
-/**
- * Resolve the per-operator Wyrm config directory.
- *
- * Honors `WYRM_CLOUD_DIR` (an absolute path) so tests can sandbox every
- * file we touch (session, cursor, key, machine-id) away from the real
- * ~/.wyrm. Resolved at call time — NOT frozen at import — so a test that
- * sets the env after importing this module still redirects correctly.
- */
-export function resolveCloudDir() {
-    return process.env.WYRM_CLOUD_DIR ?? join(homedir(), '.wyrm');
-}
-export const CLOUD_DIR = resolveCloudDir();
-export const SESSION_FILE = join(CLOUD_DIR, 'cloud.json');
-/** Resolve the session file path at call time (honors WYRM_CLOUD_DIR). */
-export function sessionFilePath() {
-    return join(resolveCloudDir(), 'cloud.json');
-}
-function ensureDir() {
-    const dir = resolveCloudDir();
-    if (!existsSync(dir))
-        mkdirSync(dir, { recursive: true, mode: 0o700 });
-}
-export function loadSession() {
-    const file = sessionFilePath();
-    if (!existsSync(file))
-        return null;
-    try {
-        return JSON.parse(readFileSync(file, 'utf-8'));
-    }
-    catch {
-        return null;
-    }
-}
-export function saveSession(sess) {
-    ensureDir();
-    const file = sessionFilePath();
-    writeFileSync(file, JSON.stringify(sess, null, 2), { mode: 0o600 });
-    try {
-        chmodSync(file, 0o600);
-    }
-    catch { /* best-effort */ }
-}
-export function clearSession() {
-    try {
-        unlinkSync(sessionFilePath());
-    }
-    catch { /* fine */ }
-}
-export class CloudError extends Error {
-    status;
-    body;
-    constructor(status, body, message) {
-        super(message);
-        this.status = status;
-        this.body = body;
-        this.name = 'CloudError';
-    }
-}
-export class CloudClient {
-    base;
-    bearer;
-    constructor(base, bearer) {
-        this.base = base;
-        this.bearer = bearer;
-    }
-    static fromSession() {
-        const s = loadSession();
-        if (!s)
-            throw new CloudError(401, null, 'Not logged in. Run `wyrm cloud login` first.');
-        return new CloudClient(s.base, s.session);
-    }
-    async req(path, init = {}) {
-        const headers = {
-            'content-type': 'application/json',
-            'user-agent': 'wyrm-cli/cloud',
-            ...(init.headers ?? {}),
-        };
-        if (this.bearer)
-            headers.authorization = `Bearer ${this.bearer}`;
-        // Resilient under heavy team sync: retry transient failures (429 + 5xx +
-        // network/timeout) with exponential backoff, honoring a server Retry-After.
-        // Cloud writes are idempotent (server INSERT-OR-IGNORE keyed on
-        // origin_device/seq), so replaying a push is safe. Hard 4xx (auth, bad
-        // request) are NOT retried — they won't get better.
-        const MAX_RETRIES = 4;
-        let lastErr = null;
-        for (let attempt = 0; attempt <= MAX_RETRIES; attempt++) {
-            // 60-second timeout via AbortSignal — defeats network-blackhole hangs.
-            const ctrl = new AbortController();
-            const timer = setTimeout(() => ctrl.abort(), 60_000);
-            let res;
-            try {
-                res = await fetch(`${this.base}${path}`, { ...init, headers, signal: ctrl.signal });
-            }
-            catch (err) {
-                clearTimeout(timer);
-                lastErr = err.name === 'AbortError'
-                    ? new CloudError(0, null, `Timed out reaching ${this.base}${path} after 60s`)
-                    : new CloudError(0, null, `Network error: ${err instanceof Error ? err.message : err}`);
-                if (attempt < MAX_RETRIES) {
-                    await this.backoff(attempt, null);
-                    continue;
-                }
-                throw lastErr;
-            }
-            clearTimeout(timer);
-            if ((res.status === 429 || res.status >= 500) && attempt < MAX_RETRIES) {
-                await this.backoff(attempt, res.headers.get('retry-after'));
-                continue;
-            }
-            const text = await res.text();
-            let body = null;
-            try {
-                body = text ? JSON.parse(text) : null;
-            }
-            catch {
-                body = text;
-            }
-            if (!res.ok) {
-                const msg = body?.message
-                    ?? body?.error
-                    ?? `HTTP ${res.status}`;
-                throw new CloudError(res.status, body, msg);
-            }
-            return body;
-        }
-        throw lastErr ?? new CloudError(0, null, `request to ${path} failed after ${MAX_RETRIES} retries`);
-    }
-    /** Backoff before a retry: honor numeric Retry-After (seconds), else
-     *  exponential 250ms·2^n capped at 30s, with jitter. */
-    async backoff(attempt, retryAfter) {
-        let ms;
-        if (retryAfter && /^\d+$/.test(retryAfter)) {
-            ms = Math.min(30_000, parseInt(retryAfter, 10) * 1000);
-        }
-        else {
-            ms = Math.min(30_000, 250 * Math.pow(2, attempt));
-            ms += Math.floor(Math.random() * (ms * 0.25)); // jitter to avoid thundering herd
-        }
-        await new Promise((resolve) => setTimeout(resolve, ms));
-    }
-    // ── Auth ────────────────────────────────────────────────────────────────
-    async cliInit(pollToken) {
-        return this.req('/api/v1/auth/cli-init', { method: 'POST', body: JSON.stringify({ poll_token: pollToken }) });
-    }
-    async cliPoll(pollToken) {
-        return this.req('/api/v1/auth/cli-poll', { method: 'POST', body: JSON.stringify({ poll_token: pollToken }) });
-    }
-    async me() {
-        return this.req('/api/v1/auth/me');
-    }
-    async logout() {
-        return this.req('/api/v1/auth/logout', { method: 'POST' });
-    }
-    // ── Devices ─────────────────────────────────────────────────────────────
-    async registerDevice(name, pubkey) {
-        return this.req('/api/v1/devices', { method: 'POST', body: JSON.stringify({ name, pubkey }) });
-    }
-    async listDevices() {
-        return this.req('/api/v1/devices');
-    }
-    async revokeDevice(deviceId) {
-        return this.req(`/api/v1/devices/${encodeURIComponent(deviceId)}`, {
-            method: 'DELETE',
-        });
-    }
-    // ── Sync ────────────────────────────────────────────────────────────────
-    async syncStatus() {
-        return this.req('/api/v1/sync/status');
-    }
-    async syncPush(deviceId, deltas) {
-        return this.req('/api/v1/sync/push', {
-            method: 'POST',
-            body: JSON.stringify({ device_id: deviceId, deltas }),
-        });
-    }
-    // ── Account ─────────────────────────────────────────────────────────────
-    async accountExport() {
-        return this.req('/api/v1/account/export');
-    }
-    async accountDelete() {
-        return this.req('/api/v1/account', {
-            method: 'DELETE',
-            body: JSON.stringify({ confirm: 'DELETE my account' }),
-        });
-    }
-    async syncPull(deviceId, since, limit = 100) {
-        const qs = new URLSearchParams({
-            device_id: deviceId,
-            since: String(since),
-            limit: String(limit),
-        });
-        return this.req(`/api/v1/sync/pull?${qs.toString()}`);
-    }
-}
-//# sourceMappingURL=client.js.map
+import{readFileSync as w,writeFileSync as g,existsSync as S,mkdirSync as b,chmodSync as E,unlinkSync as O}from"node:fs";import{join as y}from"node:path";import{homedir as T}from"node:os";const k=process.env.WYRM_CLOUD_URL??"https://wyrm.ghosts.lk";function d(){return process.env.WYRM_CLOUD_DIR??y(T(),".wyrm")}const x=d(),N=y(x,"cloud.json");function m(){return y(d(),"cloud.json")}function q(){const s=d();S(s)||b(s,{recursive:!0,mode:448})}function D(){const s=m();if(!S(s))return null;try{return JSON.parse(w(s,"utf-8"))}catch{return null}}function L(s){q();const t=m();g(t,JSON.stringify(s,null,2),{mode:384});try{E(t,384)}catch{}}function R(){try{O(m())}catch{}}class u extends Error{status;body;constructor(t,e,r){super(r),this.status=t,this.body=e,this.name="CloudError"}}class v{base;bearer;constructor(t,e){this.base=t,this.bearer=e}static fromSession(){const t=D();if(!t)throw new u(401,null,"Not logged in. Run `wyrm cloud login` first.");return new v(t.base,t.session)}async req(t,e={}){const r={"content-type":"application/json","user-agent":"wyrm-cli/cloud",...e.headers??{}};this.bearer&&(r.authorization=`Bearer ${this.bearer}`);const n=4;let l=null;for(let i=0;i<=n;i++){const p=new AbortController,f=setTimeout(()=>p.abort(),6e4);let o;try{o=await fetch(`${this.base}${t}`,{...e,headers:r,signal:p.signal})}catch(c){if(clearTimeout(f),l=c.name==="AbortError"?new u(0,null,`Timed out reaching ${this.base}${t} after 60s`):new u(0,null,`Network error: ${c instanceof Error?c.message:c}`),i<n){await this.backoff(i,null);continue}throw l}if(clearTimeout(f),(o.status===429||o.status>=500)&&i<n){await this.backoff(i,o.headers.get("retry-after"));continue}const h=await o.text();let a=null;try{a=h?JSON.parse(h):null}catch{a=h}if(!o.ok){const c=a?.message??a?.error??`HTTP ${o.status}`;throw new u(o.status,a,c)}return a}throw l??new u(0,null,`request to ${t} failed after ${n} retries`)}async backoff(t,e){let r;e&&/^\d+$/.test(e)?r=Math.min(3e4,parseInt(e,10)*1e3):(r=Math.min(3e4,250*Math.pow(2,t)),r+=Math.floor(Math.random()*(r*.25))),await new Promise(n=>setTimeout(n,r))}async cliInit(t){return this.req("/api/v1/auth/cli-init",{method:"POST",body:JSON.stringify({poll_token:t})})}async cliPoll(t){return this.req("/api/v1/auth/cli-poll",{method:"POST",body:JSON.stringify({poll_token:t})})}async me(){return this.req("/api/v1/auth/me")}async logout(){return this.req("/api/v1/auth/logout",{method:"POST"})}async registerDevice(t,e){return this.req("/api/v1/devices",{method:"POST",body:JSON.stringify({name:t,pubkey:e})})}async listDevices(){return this.req("/api/v1/devices")}async revokeDevice(t){return this.req(`/api/v1/devices/${encodeURIComponent(t)}`,{method:"DELETE"})}async syncStatus(){return this.req("/api/v1/sync/status")}async syncPush(t,e){return this.req("/api/v1/sync/push",{method:"POST",body:JSON.stringify({device_id:t,deltas:e})})}async accountExport(){return this.req("/api/v1/account/export")}async accountDelete(){return this.req("/api/v1/account",{method:"DELETE",body:JSON.stringify({confirm:"DELETE my account"})})}async syncPull(t,e,r=100){const n=new URLSearchParams({device_id:t,since:String(e),limit:String(r)});return this.req(`/api/v1/sync/pull?${n.toString()}`)}}export{x as CLOUD_DIR,v as CloudClient,u as CloudError,k as DEFAULT_BASE,N as SESSION_FILE,R as clearSession,D as loadSession,d as resolveCloudDir,L as saveSession,m as sessionFilePath};

package/dist/cloud/crypto.js

@@ -1,85 +1 @@
-/**
- * Wyrm Cloud client-side encryption.
- *
- * AES-256-GCM with a randomly-generated master key held ONLY at
- * ~/.wyrm/cloud.key (0600 perms). The cloud server stores ciphertext;
- * losing the key means losing the data — by design, this is the
- * operator-owns-data guarantee in constitution rule IV.
- *
- * Per-delta encryption envelope (32 bytes IV + 16 bytes tag minimum):
- *
- *   [ version:1 ][ iv:12 ][ ciphertext+tag:N+16 ]
- *
- * The 1-byte version prefix lets us migrate the envelope format later
- * without breaking previously-uploaded blobs.
- *
- * @copyright 2026 Ghost Protocol (Pvt) Ltd.
- */
-import { randomBytes, createCipheriv, createDecipheriv } from 'node:crypto';
-import { readFileSync, writeFileSync, existsSync, chmodSync } from 'node:fs';
-import { join } from 'node:path';
-import { CLOUD_DIR } from './client.js';
-const KEY_FILE = join(CLOUD_DIR, 'cloud.key');
-const ENVELOPE_VERSION = 1;
-const KEY_BYTES = 32; // AES-256
-const IV_BYTES = 12; // GCM standard
-/** Get or generate the per-operator master key. */
-export function getMasterKey() {
-    if (existsSync(KEY_FILE)) {
-        const buf = readFileSync(KEY_FILE);
-        if (buf.length !== KEY_BYTES) {
-            throw new Error(`Wyrm Cloud key at ${KEY_FILE} has wrong length (${buf.length}, expected ${KEY_BYTES}). Refusing to proceed.`);
-        }
-        return buf;
-    }
-    const fresh = randomBytes(KEY_BYTES);
-    writeFileSync(KEY_FILE, fresh, { mode: 0o600 });
-    try {
-        chmodSync(KEY_FILE, 0o600);
-    }
-    catch { /* best-effort */ }
-    return fresh;
-}
-/** Encrypt a plaintext object → base64 string (envelope: version|iv|ct+tag). */
-export function encrypt(plaintext) {
-    const key = getMasterKey();
-    const iv = randomBytes(IV_BYTES);
-    const cipher = createCipheriv('aes-256-gcm', key, iv);
-    const ct = Buffer.concat([cipher.update(plaintext, 'utf-8'), cipher.final()]);
-    const tag = cipher.getAuthTag();
-    const envelope = Buffer.concat([
-        Buffer.from([ENVELOPE_VERSION]),
-        iv,
-        ct,
-        tag,
-    ]);
-    return envelope.toString('base64');
-}
-/** Decrypt a base64 envelope back to plaintext. Throws on tag mismatch (tamper). */
-export function decrypt(payloadB64) {
-    const key = getMasterKey();
-    const env = Buffer.from(payloadB64, 'base64');
-    if (env.length < 1 + IV_BYTES + 16) {
-        throw new Error(`Wyrm Cloud envelope too short (${env.length} bytes).`);
-    }
-    const version = env.readUInt8(0);
-    if (version !== ENVELOPE_VERSION) {
-        throw new Error(`Wyrm Cloud envelope version ${version} unsupported (this client speaks ${ENVELOPE_VERSION}). Upgrade wyrm-mcp.`);
-    }
-    const iv = env.subarray(1, 1 + IV_BYTES);
-    const tag = env.subarray(env.length - 16);
-    const ct = env.subarray(1 + IV_BYTES, env.length - 16);
-    const decipher = createDecipheriv('aes-256-gcm', key, iv);
-    decipher.setAuthTag(tag);
-    const pt = Buffer.concat([decipher.update(ct), decipher.final()]);
-    return pt.toString('utf-8');
-}
-/** Return path of the key file for status reporting (never the bytes). */
-export function keyFilePath() {
-    return KEY_FILE;
-}
-/** Confirm a key exists locally without exposing it. */
-export function keyExists() {
-    return existsSync(KEY_FILE);
-}
-//# sourceMappingURL=crypto.js.map
+import{randomBytes as h,createCipheriv as g,createDecipheriv as m}from"node:crypto";import{readFileSync as d,writeFileSync as E,existsSync as y,chmodSync as v}from"node:fs";import{join as w}from"node:path";import{CLOUD_DIR as S}from"./client.js";const r=w(S,"cloud.key"),u=1,f=32,c=12;function l(){if(y(r)){const e=d(r);if(e.length!==f)throw new Error(`Wyrm Cloud key at ${r} has wrong length (${e.length}, expected ${f}). Refusing to proceed.`);return e}const o=h(f);E(r,o,{mode:384});try{v(r,384)}catch{}return o}function C(o){const e=l(),t=h(c),n=g("aes-256-gcm",e,t),s=Buffer.concat([n.update(o,"utf-8"),n.final()]),i=n.getAuthTag();return Buffer.concat([Buffer.from([u]),t,s,i]).toString("base64")}function I(o){const e=l(),t=Buffer.from(o,"base64");if(t.length<1+c+16)throw new Error(`Wyrm Cloud envelope too short (${t.length} bytes).`);const n=t.readUInt8(0);if(n!==u)throw new Error(`Wyrm Cloud envelope version ${n} unsupported (this client speaks ${u}). Upgrade wyrm-mcp.`);const s=t.subarray(1,1+c),i=t.subarray(t.length-16),p=t.subarray(1+c,t.length-16),a=m("aes-256-gcm",e,s);return a.setAuthTag(i),Buffer.concat([a.update(p),a.final()]).toString("utf-8")}function _(){return r}function F(){return y(r)}export{I as decrypt,C as encrypt,l as getMasterKey,F as keyExists,_ as keyFilePath};

package/dist/cloud/machine-id.js

@@ -1,113 +1,2 @@
-/**
- * Per-machine fingerprint for Wyrm Cloud session integrity.
- *
- * THE PROBLEM (failure #40): Wyrm Cloud's per-device pull query is
- *   WHERE account_id=? AND device_id != <self> AND updated_at > cursor
- * i.e. a device never re-pulls its OWN device_id's deltas — correct, a
- * device already has its own writes. The `device_id` is minted once at
- * `wyrm cloud login` and stored in ~/.wyrm/cloud.json. If an operator
- * provisions a SECOND machine by COPYING ~/.wyrm/cloud.json (or the whole
- * ~/.wyrm) instead of running its own `wyrm cloud login`, both machines
- * share ONE device_id. Each then filters the OTHER's deltas out as "its
- * own" → push works, pull returns 0, silently, with no error. Peer skills
- * / truths appear MISSING on the copied machine.
- *
- * THE FIX (client-side): bind a stable machine fingerprint into the
- * session at login. On sync, recompute it and compare. A mismatch means
- * "this session was minted on a different machine" → device_id collision
- * → warn LOUD (stderr) and stop, with a --force / env escape for the
- * legitimate hostname-change case.
- *
- * FINGERPRINT INPUTS (deterministic, no new dependency):
- *   machine_fp = sha256( hostname "\n" install_id )[:32]
- *     - hostname    = os.hostname()  (the human-facing machine identity;
- *                     a genuine hostname change is the one false-positive
- *                     we accept and cover with --force)
- *     - install_id  = a 32-hex-char random id generated ONCE and stored at
- *                     ~/.wyrm/machine-id (0600). This is the load-bearing
- *                     component: it is NOT copied by `cp ~/.wyrm/cloud.json`
- *                     alone, and even a full `cp -r ~/.wyrm` to a new box
- *                     yields the SAME install_id but a DIFFERENT hostname,
- *                     so the fingerprint still diverges. A fresh
- *                     `wyrm cloud login` on the new box regenerates nothing
- *                     here (install_id is machine-scoped, not session-scoped)
- *                     but re-mints a distinct device_id — which is the cure.
- *
- * The install_id file is intentionally machine-local config, NOT a secret:
- * it carries no account data and only disambiguates one machine from
- * another. The ONLY ~/.wyrm file meant to be shared between an operator's
- * machines is ~/.wyrm/cloud.key (the E2E master key). cloud.json,
- * cloud-cursor.json, and machine-id are all per-device.
- *
- * @copyright 2026 Ghost Protocol (Pvt) Ltd.
- * @license AGPL-3.0-or-later
- */
-import { createHash, randomBytes } from 'node:crypto';
-import { readFileSync, writeFileSync, existsSync, mkdirSync, chmodSync } from 'node:fs';
-import { join } from 'node:path';
-import { hostname } from 'node:os';
-import { resolveCloudDir } from './client.js';
-/** Resolve the install-id file path at call time (honors WYRM_CLOUD_DIR). */
-export function machineIdFilePath() {
-    return join(resolveCloudDir(), 'machine-id');
-}
-const INSTALL_ID_RE = /^[0-9a-f]{32}$/;
-function ensureDir() {
-    const dir = resolveCloudDir();
-    if (!existsSync(dir))
-        mkdirSync(dir, { recursive: true, mode: 0o700 });
-}
-/**
- * Get or generate this machine's persistent install id (32 hex chars).
- *
- * Generated once and stored at ~/.wyrm/machine-id (0600). Stable across
- * logins, sessions, and Wyrm upgrades on the same machine. A malformed or
- * empty file is treated as missing and regenerated (fail-open: a fresh id
- * is harmless — worst case is one spurious "looks copied" warning that
- * the operator clears by re-login, which is the desired loud behavior).
- */
-export function getInstallId() {
-    const file = machineIdFilePath();
-    if (existsSync(file)) {
-        try {
-            const raw = readFileSync(file, 'utf-8').trim();
-            if (INSTALL_ID_RE.test(raw))
-                return raw;
-        }
-        catch { /* fall through to regenerate */ }
-    }
-    ensureDir();
-    const fresh = randomBytes(16).toString('hex'); // 32 hex chars
-    writeFileSync(file, fresh, { mode: 0o600 });
-    try {
-        chmodSync(file, 0o600);
-    }
-    catch { /* best-effort */ }
-    return fresh;
-}
-/**
- * Compute this machine's fingerprint: sha256(hostname \n install_id),
- * truncated to 32 hex chars. Deterministic on a given machine; diverges
- * across machines (different install_id and/or hostname).
- */
-export function computeMachineFp() {
-    const h = hostname();
-    const id = getInstallId();
-    return createHash('sha256').update(`${h}\n${id}`).digest('hex').slice(0, 32);
-}
-/**
- * Classify a session's stored machine_fp against this machine.
- *
- *   - absent  → 'adopt'   (backward compat: pre-7.0.3 session, no false alarm)
- *   - equal   → 'match'   (normal, silent)
- *   - differs → 'mismatch'(looks copied from another machine — warn loud)
- */
-export function classifySession(storedFp) {
-    if (!storedFp)
-        return { state: 'adopt' };
-    const current = computeMachineFp();
-    if (storedFp === current)
-        return { state: 'match' };
-    return { state: 'mismatch', stored: storedFp, current };
-}
-//# sourceMappingURL=machine-id.js.map
+import{createHash as i,randomBytes as c}from"node:crypto";import{readFileSync as s,writeFileSync as a,existsSync as n,mkdirSync as m,chmodSync as f}from"node:fs";import{join as u}from"node:path";import{hostname as h}from"node:os";import{resolveCloudDir as o}from"./client.js";function d(){return u(o(),"machine-id")}const p=/^[0-9a-f]{32}$/;function l(){const t=o();n(t)||m(t,{recursive:!0,mode:448})}function y(){const t=d();if(n(t))try{const e=s(t,"utf-8").trim();if(p.test(e))return e}catch{}l();const r=c(16).toString("hex");a(t,r,{mode:384});try{f(t,384)}catch{}return r}function S(){const t=h(),r=y();return i("sha256").update(`${t}
+${r}`).digest("hex").slice(0,32)}function v(t){if(!t)return{state:"adopt"};const r=S();return t===r?{state:"match"}:{state:"mismatch",stored:t,current:r}}export{v as classifySession,S as computeMachineFp,y as getInstallId,d as machineIdFilePath};

package/dist/cloud/recovery.js

@@ -1,60 +1 @@
-/**
- * BIP39 recovery for the Wyrm Cloud master key.
- *
- * The 32-byte key in ~/.wyrm/cloud.key is exactly the 256 bits of entropy
- * a BIP39 24-word mnemonic encodes. So we can:
- *
- *   1. Print the current key as 24 words so the operator can write them
- *      down on paper / store them in a password manager.
- *   2. Restore a key from those 24 words on a new machine.
- *
- * The cloud server never sees either form. This is purely a local
- * operator-facing convenience layered on top of the existing key file —
- * losing the key file with no recovery phrase still means losing access,
- * which is the deliberate operator-owns-data tradeoff.
- *
- * @copyright 2026 Ghost Protocol (Pvt) Ltd.
- */
-import { entropyToMnemonic, mnemonicToEntropy, validateMnemonic } from '@scure/bip39';
-import { wordlist } from '@scure/bip39/wordlists/english.js';
-import { existsSync, readFileSync, writeFileSync, chmodSync } from 'node:fs';
-import { keyFilePath } from './crypto.js';
-const KEY_BYTES = 32;
-/** Encode the current master key as a 24-word BIP39 phrase. */
-export function keyToMnemonic() {
-    const path = keyFilePath();
-    if (!existsSync(path)) {
-        throw new Error(`Master key not found at ${path}. Run \`wyrm cloud login\` first to generate one.`);
-    }
-    const buf = readFileSync(path);
-    if (buf.length !== KEY_BYTES) {
-        throw new Error(`Master key at ${path} has unexpected length ${buf.length} (expected ${KEY_BYTES}).`);
-    }
-    return entropyToMnemonic(new Uint8Array(buf), wordlist);
-}
-/**
- * Restore a master key from a 24-word phrase. Refuses to overwrite an
- * existing key unless `overwrite` is true.
- */
-export function mnemonicToKey(phrase, opts = {}) {
-    const normalised = phrase.trim().toLowerCase().split(/\s+/).join(' ');
-    if (!validateMnemonic(normalised, wordlist)) {
-        throw new Error('Recovery phrase failed BIP39 checksum. Re-check spelling and word order (24 words from the BIP39 English list).');
-    }
-    const entropy = mnemonicToEntropy(normalised, wordlist);
-    if (entropy.length !== KEY_BYTES) {
-        throw new Error(`Recovery phrase decoded to ${entropy.length} bytes (expected ${KEY_BYTES}). Use a 24-word phrase.`);
-    }
-    const path = keyFilePath();
-    const overwrote = existsSync(path);
-    if (overwrote && !opts.overwrite) {
-        throw new Error(`Master key already exists at ${path}. Pass --overwrite to replace it (this WILL invalidate decryption of any blobs encrypted with the old key).`);
-    }
-    writeFileSync(path, Buffer.from(entropy), { mode: 0o600 });
-    try {
-        chmodSync(path, 0o600);
-    }
-    catch { /* best-effort */ }
-    return { path, overwrote };
-}
-//# sourceMappingURL=recovery.js.map
+import{entropyToMnemonic as d,mnemonicToEntropy as l,validateMnemonic as y}from"@scure/bip39";import{wordlist as i}from"@scure/bip39/wordlists/english.js";import{existsSync as a,readFileSync as m,writeFileSync as p,chmodSync as w}from"node:fs";import{keyFilePath as h}from"./crypto.js";const t=32;function k(){const e=h();if(!a(e))throw new Error(`Master key not found at ${e}. Run \`wyrm cloud login\` first to generate one.`);const o=m(e);if(o.length!==t)throw new Error(`Master key at ${e} has unexpected length ${o.length} (expected ${t}).`);return d(new Uint8Array(o),i)}function v(e,o={}){const c=e.trim().toLowerCase().split(/\s+/).join(" ");if(!y(c,i))throw new Error("Recovery phrase failed BIP39 checksum. Re-check spelling and word order (24 words from the BIP39 English list).");const n=l(c,i);if(n.length!==t)throw new Error(`Recovery phrase decoded to ${n.length} bytes (expected ${t}). Use a 24-word phrase.`);const r=h(),s=a(r);if(s&&!o.overwrite)throw new Error(`Master key already exists at ${r}. Pass --overwrite to replace it (this WILL invalidate decryption of any blobs encrypted with the old key).`);p(r,Buffer.from(n),{mode:384});try{w(r,384)}catch{}return{path:r,overwrote:s}}export{k as keyToMnemonic,v as mnemonicToKey};