zapo-js 1.1.0 → 1.1.2

package/dist/esm/client/coordinators/WaAppStateMutationCoordinator.js

@@ -180,6 +180,7 @@ export class WaAppStateMutationCoordinator {
         this.emitSnapshotMutations = options.emitSnapshotMutations === true;
         this.nctSaltSink = options.nctSaltSink;
         this.contactSink = options.contactSink;
+        this.pushNameSink = options.pushNameSink;
         this.pendingMutations = new Map();
         this.flushPromise = null;
     }
@@ -227,11 +228,10 @@ export class WaAppStateMutationCoordinator {
     emitEventsFromSyncResult(syncResult) {
         for (const collectionResult of syncResult.collections) {
             const mutations = collectionResult.mutations ?? [];
-            // Persistence sinks (contact store, ...): run on the last-wins
-            // mutation per key INCLUDING snapshot sources, so pair-time
-            // bootstrap of the address book always lands in the store even
-            // when public events are suppressed for snapshot mutations.
-            if (this.contactSink) {
+            // Persistence sinks (contact store, own pushName): run on the
+            // last-wins mutation per key INCLUDING snapshot sources, so
+            // pair-time bootstrap lands even when snapshot events are suppressed.
+            if (this.contactSink || this.pushNameSink) {
                 const sinkLastIndex = new Map();
                 for (let i = 0; i < mutations.length; i += 1) {
                     const m = mutations[i];
@@ -252,6 +252,16 @@ export class WaAppStateMutationCoordinator {
                             message: toError(error).message
                         });
                     }
+                    try {
+                        this.handlePushNameMutation(m);
+                    }
+                    catch (error) {
+                        this.logger.debug('pushName sink failed', {
+                            collection: m.collection,
+                            index: m.index,
+                            message: toError(error).message
+                        });
+                    }
                 }
             }
             const lastMutationIndexByKey = new Map();
@@ -356,6 +366,20 @@ export class WaAppStateMutationCoordinator {
             lastUpdatedMs
         });
     }
+    handlePushNameMutation(mutation) {
+        if (!this.pushNameSink)
+            return;
+        // A `set` under the literal index ["setting_pushName"]; cheap reject
+        // before reading the value.
+        if (mutation.operation !== 'set')
+            return;
+        if (!mutation.index.includes('setting_pushName'))
+            return;
+        const name = mutation.value?.pushNameSetting?.name;
+        if (typeof name !== 'string')
+            return;
+        this.pushNameSink(name);
+    }
     /**
      * Mutes or unmutes a chat. `muteEndTimestampMs` is required when
      * `muted` is `true` and must be a non-negative safe-integer epoch.

package/dist/esm/client/coordinators/WaIncomingNodeCoordinator.js

@@ -388,7 +388,7 @@ export class WaIncomingNodeCoordinator {
                 try {
                     const routingInfo = decodeNodeContentBase64OrBytes(routingInfoNode.content, `ib.${WA_NODE_TAGS.EDGE_ROUTING}.${WA_NODE_TAGS.ROUTING_INFO}`);
                     await this.runtime.persistRoutingInfo(routingInfo);
-                    this.logger.info('updated routing info from info bulletin', {
+                    this.logger.debug('updated routing info from info bulletin', {
                         byteLength: routingInfo.byteLength
                     });
                 }

package/dist/esm/client/coordinators/WaMessageDispatchCoordinator.js

@@ -11,7 +11,7 @@ import { wrapDeviceSentMessage } from '../../message/encode/device-sent.js';
 import { writeRandomPadMax16 } from '../../message/encode/padding.js';
 import { buildBotInvokeProtoCopy, extractInvokedBotJid, genBotMsgSecret } from '../../message/kinds/bot.js';
 import { proto } from '../../proto.js';
-import { WA_DEFAULTS } from '../../protocol/constants.js';
+import { WA_DEFAULTS, WA_NACK_REASONS } from '../../protocol/constants.js';
 import { isBotJid, isGroupJid, isHostedDeviceJid, isLidJid, isNewsletterJid, normalizeDeviceJid, normalizeRecipientJid, parseJidFull, parseSignalAddressFromJid, signalAddressKey, toUserJid } from '../../protocol/jid.js';
 import { encodeBinaryNode } from '../../transport/binary/index.js';
 import { buildButtonAddonNode, buildDirectMessageFanoutNode, buildGroupSenderKeyMessageNode, buildMetaNode } from '../../transport/node/builders/message.js';
@@ -23,7 +23,7 @@ export class WaMessageDispatchCoordinator {
         this.privacyTokenDedup = new PromiseDedup();
         this.distributionDedup = new PromiseDedup();
         this.deps = options;
-        this.mobileMessageIdFormat = options.mobileMessageIdFormat ?? false;
+        this.mobileMessageIdFormat = options.mobileMessageIdFormat ?? (() => false);
         this.serverClock = options.serverClock;
     }
     async publishMessageNode(node, options = {}) {
@@ -654,7 +654,7 @@ export class WaMessageDispatchCoordinator {
         const serverAddressingMode = result.ack.addressingMode;
         const hasPhashMismatch = !!serverPhash && serverPhash !== localPhash;
         const hasAddressingMismatch = !!serverAddressingMode && serverAddressingMode !== addressingMode;
-        const hasAddressingError = ackError === 421;
+        const hasAddressingError = ackError === WA_NACK_REASONS.STALE_GROUP_ADDRESSING_MODE;
         if (!retryContext.retried &&
             (hasPhashMismatch || hasAddressingMismatch || hasAddressingError)) {
             this.deps.logger.warn('group direct publish acknowledged with mismatch metadata', {
@@ -829,7 +829,7 @@ export class WaMessageDispatchCoordinator {
         const serverAddressingMode = result.ack.addressingMode;
         const hasPhashMismatch = !!serverPhash && serverPhash !== localPhash;
         const hasAddressingMismatch = !!serverAddressingMode && serverAddressingMode !== addressingMode;
-        const hasAddressingError = ackError === 421;
+        const hasAddressingError = ackError === WA_NACK_REASONS.STALE_GROUP_ADDRESSING_MODE;
         if (!retryContext.retried &&
             (hasPhashMismatch || hasAddressingMismatch || hasAddressingError)) {
             this.deps.logger.warn('group message publish acknowledged with mismatch metadata', {
@@ -1191,7 +1191,7 @@ export class WaMessageDispatchCoordinator {
             const meUserJid = toUserJid(this.requireCurrentMeJid('sendMessage'));
             const timestampBytes = new Uint8Array(8);
             const dv = new DataView(timestampBytes.buffer, timestampBytes.byteOffset, timestampBytes.byteLength);
-            if (this.mobileMessageIdFormat) {
+            if (this.mobileMessageIdFormat()) {
                 dv.setBigUint64(0, BigInt(Date.now()), false);
                 const digest = md5Bytes([
                     timestampBytes,
@@ -1213,7 +1213,7 @@ export class WaMessageDispatchCoordinator {
             this.deps.logger.warn('failed to generate message id, falling back to random', {
                 message: toError(error).message
             });
-            if (this.mobileMessageIdFormat) {
+            if (this.mobileMessageIdFormat()) {
                 const bytes = await randomBytesAsync(16);
                 bytes[0] = 0xac;
                 return bytesToHex(bytes).toUpperCase();

package/dist/esm/client/coordinators/WaPassiveTasksCoordinator.js

@@ -16,7 +16,7 @@ export class WaPassiveTasksCoordinator {
         this.signedPreKeyServerErrorBackoffMs =
             options.signedPreKeyServerErrorBackoffMs ?? SIGNAL_SIGNED_PREKEY_SERVER_ERROR_BACKOFF_MS;
         this.runtime = options.runtime;
-        this.mobilePrimary = options.mobilePrimary ?? false;
+        this.mobilePrimary = options.mobilePrimary ?? (() => false);
         this.appStateSync = options.appStateSync;
         this.passiveTasksPromise = null;
     }
@@ -59,7 +59,7 @@ export class WaPassiveTasksCoordinator {
             return;
         }
         this.runtime.syncAbProps();
-        if (this.mobilePrimary && this.appStateSync) {
+        if (this.mobilePrimary() && this.appStateSync) {
             await this.appStateSync.ensureInitialSyncKey().catch((error) => {
                 this.logger.warn('app-state initial key generation failed', {
                     message: toError(error).message
@@ -146,7 +146,7 @@ export class WaPassiveTasksCoordinator {
         const response = await this.runtime.queryWithContext('prekeys.upload', uploadNode, WA_DEFAULTS.IQ_TIMEOUT_MS, {
             count: preKeys.length,
             lastPreKeyId
-        }, this.mobilePrimary ? { useSystemId: true } : undefined);
+        }, this.mobilePrimary() ? { useSystemId: true } : undefined);
         if (response.attrs.type === WA_IQ_TYPES.RESULT) {
             // Mark uploaded key first so the serverHasPreKeys flag never commits ahead of local key progress.
             await this.preKeyStore.markKeyAsUploaded(lastPreKeyId);

package/dist/esm/client/coordinators/WaProfileCoordinator.js

@@ -192,7 +192,7 @@ function buildTextStatusMutationInput(input) {
 }
 /** Builds a {@link WaProfileCoordinator} from its IQ/MEX/SID dependencies. */
 export function createProfileCoordinator(options) {
-    const { queryWithContext, generateSid, mexSocket, queryLidsByPhoneJids, mutations, logger } = options;
+    const { queryWithContext, generateSid, mexSocket, queryLidsByPhoneJids, mutations, applyOwnPushName, logger } = options;
     return {
         getProfilePicture: async (jid, type, existingId) => {
             const node = buildGetProfilePictureIq(jid, type, existingId);
@@ -242,6 +242,9 @@ export function createProfileCoordinator(options) {
             assertIqResult(result, 'profile.setStatus');
         },
         setPushName: async (name) => {
+            // Local apply first: the app-state echo of this same write then
+            // collapses into a no-op via applyOwnPushName's idempotency guard.
+            await applyOwnPushName(name);
             await mutations.set({ schema: 'SettingPushName', name });
         },
         getProfiles: async (jids) => {

package/dist/esm/client/coordinators/WaRetryCoordinator.js

@@ -1,6 +1,8 @@
+import { toRawPubKey } from '../../crypto/core/keys.js';
+import { BoundedTaskQueue, BoundedTaskQueueFullError } from '../../infra/perf/BoundedTaskQueue.js';
 import { buildRecoveredIncomingEvent } from '../../message/primitives/incoming.js';
 import { proto } from '../../proto.js';
-import { WA_MESSAGE_TAGS, WA_MESSAGE_TYPES } from '../../protocol/constants.js';
+import { WA_MESSAGE_TAGS, WA_MESSAGE_TYPES, WA_NACK_REASONS } from '../../protocol/constants.js';
 import { isGroupOrBroadcastJid, isHostedDeviceJid, normalizeDeviceJid, parseJidFull, parseSignalAddressFromJid, toUserJid } from '../../protocol/jid.js';
 import { MAX_RETRY_ATTEMPTS, RETRY_KEYS_MIN_COUNT, RETRY_OUTBOUND_TTL_MS, RETRY_REASON } from '../../retry/constants.js';
 import { parseRetryReceiptRequest, pickRetryStateMax } from '../../retry/parse.js';
@@ -14,6 +16,10 @@ import { setBoundedMapEntry } from '../../util/collections.js';
 import { toError } from '../../util/primitives.js';
 const RETRY_CLEANUP_INTERVAL_MS = 30000;
 const RETRY_SESSION_BASE_KEY_CACHE_MAX_ENTRIES = 8192;
+// Decrypt-failure handling runs off the inbound pipeline (keys-section builds
+// serialize on the prekey lock and hit the store); excess under flood is dropped.
+const DECRYPT_FAILURE_QUEUE_MAX_SIZE = 1024;
+const DECRYPT_FAILURE_QUEUE_MAX_CONCURRENCY = 8;
 const PLACEHOLDER_RESEND_RETRY_THRESHOLD = 3;
 const PLACEHOLDER_RESEND_BATCH_SIZE = 32;
 const PLACEHOLDER_RESEND_DEBOUNCE_MS = 200;
@@ -55,22 +61,46 @@ export class WaRetryCoordinator {
             signalProtocol: options.signalProtocol,
             sessionResolver: options.sessionResolver,
             getCurrentCredentials: options.getCurrentCredentials,
-            resolveUserIcdc: options.resolveUserIcdc
+            resolveUserIcdc: options.resolveUserIcdc,
+            resolvePrivacyTokenNode: options.resolvePrivacyTokenNode
         });
         this.retryProcessingByMessageId = new Map();
         this.retrySessionBaseKeys = new Map();
+        this.decryptFailureQueue = new BoundedTaskQueue(DECRYPT_FAILURE_QUEUE_MAX_SIZE, DECRYPT_FAILURE_QUEUE_MAX_CONCURRENCY);
     }
-    async onDecryptFailure(context, error) {
+    onDecryptFailure(context, error) {
+        // Deferred to the bounded queue: building the receipt inline would stall
+        // the inbound node pipeline.
+        void this.decryptFailureQueue
+            .enqueue(() => this.handleDecryptFailure(context, error))
+            .catch((queueError) => {
+            if (queueError instanceof BoundedTaskQueueFullError) {
+                this.deps.logger.warn('decrypt-failure retry dropped: queue saturated', {
+                    id: context.stanzaId,
+                    from: context.from,
+                    participant: context.participant
+                });
+                return;
+            }
+            this.deps.logger.warn('failed to schedule decrypt-failure retry', {
+                id: context.stanzaId,
+                from: context.from,
+                participant: context.participant,
+                message: toError(queueError).message
+            });
+        });
+        return Promise.resolve(true);
+    }
+    async handleDecryptFailure(context, error) {
         try {
             const prepared = await this.prepareDecryptFailureRetry(context, error);
-            if (!prepared) {
-                return false;
+            if (prepared && !prepared.delegatedToPlaceholderResend) {
+                await this.sendDecryptFailureRetryReceipt(context, prepared);
             }
-            if (prepared.delegatedToPlaceholderResend) {
-                return true;
-            }
-            await this.sendDecryptFailureRetryReceipt(context, prepared);
-            return true;
+            // Ack the failed stanza even on the give-up path: the retry receipt
+            // asks for a resend but does not consume the message, so without the
+            // ack it is redelivered on every offline resume.
+            await this.sendDecryptFailureAck(context);
         }
         catch (sendError) {
             this.deps.logger.warn('failed to send retry receipt for decrypt failure', {
@@ -79,7 +109,6 @@ export class WaRetryCoordinator {
                 participant: context.participant,
                 message: toError(sendError).message
             });
-            return false;
         }
     }
     async handleIncomingRetryReceipt(receiptNode) {
@@ -138,6 +167,17 @@ export class WaRetryCoordinator {
         const requester = context.participant ?? context.from;
         const expiresAtMs = nowMs + this.retryTtlMs;
         const retryCount = await this.deps.retryStore.incrementInboundCounter(context.stanzaId, requester, nowMs, expiresAtMs);
+        if (retryCount > MAX_RETRY_ATTEMPTS) {
+            // Give up past the ceiling: each attempt rebuilds an expensive keys
+            // section, so an uncapped retry on redelivered backlog hammers the store.
+            this.deps.logger.debug('retry receipt skipped: inbound retry limit exceeded', {
+                id: context.stanzaId,
+                from: context.from,
+                participant: context.participant,
+                retryCount
+            });
+            return null;
+        }
         const delegatedToPlaceholderResend = retryCount >= PLACEHOLDER_RESEND_RETRY_THRESHOLD &&
             this.enqueuePlaceholderResend(context);
         if (delegatedToPlaceholderResend) {
@@ -166,7 +206,7 @@ export class WaRetryCoordinator {
         };
     }
     async sendDecryptFailureRetryReceipt(context, prepared) {
-        const recipient = context.recipient ?? this.resolvePeerRetryRecipient(context);
+        const { recipient } = context;
         const retryReceiptNode = buildRetryReceiptNode({
             stanzaId: context.stanzaId,
             to: context.from,
@@ -191,24 +231,33 @@ export class WaRetryCoordinator {
             withKeys: prepared.retryKeys !== undefined
         });
     }
-    resolvePeerRetryRecipient(context) {
-        if (!context.participant) {
-            return undefined;
-        }
-        const meLid = this.deps.getCurrentCredentials()?.meLid;
-        if (!meLid) {
-            return undefined;
+    async sendDecryptFailureAck(context) {
+        if (!context.stanzaId || !context.from) {
+            return;
         }
         try {
-            const participantUser = toUserJid(context.participant);
-            const meUserLid = toUserJid(meLid);
-            if (participantUser !== meUserLid) {
-                return undefined;
-            }
-            return meUserLid;
+            await this.deps.sendNode(buildAckNode({
+                kind: 'message',
+                node: context.messageNode,
+                id: context.stanzaId,
+                to: context.from,
+                participant: context.participant,
+                from: this.deps.getCurrentCredentials()?.meJid ?? undefined,
+                error: WA_NACK_REASONS.UNHANDLED_ERROR
+            }));
+            this.deps.logger.trace('acked undecryptable stanza', {
+                id: context.stanzaId,
+                from: context.from,
+                participant: context.participant
+            });
         }
-        catch {
-            return undefined;
+        catch (error) {
+            this.deps.logger.warn('failed to ack undecryptable stanza', {
+                id: context.stanzaId,
+                from: context.from,
+                participant: context.participant,
+                message: toError(error).message
+            });
         }
     }
     async handleParsedRetryRequest(receiptNode, request) {
@@ -384,14 +433,14 @@ export class WaRetryCoordinator {
         await this.deps.preKeyStore.markKeyAsUploaded(preKey.keyId);
         const signedIdentity = this.deps.getCurrentCredentials()?.signedIdentity;
         return {
-            identity,
+            identity: toRawPubKey(identity),
             key: {
                 id: preKey.keyId,
-                publicKey: preKey.keyPair.pubKey
+                publicKey: toRawPubKey(preKey.keyPair.pubKey)
             },
             skey: {
                 id: signedPreKey.keyId,
-                publicKey: signedPreKey.keyPair.pubKey,
+                publicKey: toRawPubKey(signedPreKey.keyPair.pubKey),
                 signature: signedPreKey.signature
             },
             deviceIdentity: signedIdentity
@@ -719,6 +768,9 @@ export class WaRetryCoordinator {
         if (!this.deps.peerDataOperation || !this.deps.emitIncomingMessage) {
             return false;
         }
+        if (this.deps.isMobilePrimary?.()) {
+            return false;
+        }
         const subtype = context.messageNode.attrs.subtype;
         if (typeof subtype === 'string' && PLACEHOLDER_RESEND_SKIP_SUBTYPES.has(subtype)) {
             return false;
@@ -776,6 +828,7 @@ export class WaRetryCoordinator {
                         }
                     }))
                 });
+                const meJid = this.deps.getCurrentCredentials()?.meJid;
                 for (const result of results) {
                     const bytes = result.placeholderMessageResendResponse?.webMessageInfoBytes;
                     if (!bytes) {
@@ -783,7 +836,7 @@ export class WaRetryCoordinator {
                     }
                     try {
                         const recovered = proto.WebMessageInfo.decode(bytes);
-                        emitIncomingMessage(buildRecoveredIncomingEvent(recovered));
+                        emitIncomingMessage(buildRecoveredIncomingEvent(recovered, meJid));
                     }
                     catch (error) {
                         this.deps.logger.warn('placeholder resend: failed to decode WebMessageInfo', {

package/dist/esm/client/messaging/ignore-key.js

@@ -82,12 +82,14 @@ export function extractIgnoreKeyContext(node, meJid) {
     const me = tryParseJid(meJid);
     const fromCandidates = collectFromCandidates(kind, a);
     const fromMe = me !== null && fromCandidates.some((f) => tryParseJid(f)?.address.user === me.address.user);
+    // Device-stripped to match the JID form used by events/keys; a userless
+    // server `from` like `s.whatsapp.net` is unparseable, so fall back to raw.
     return {
         kind,
-        remoteJid: a.from ?? null,
+        remoteJid: tryParseJid(a.from)?.userJid ?? a.from ?? null,
         fromMe,
         id: a.id,
-        participant: a.participant ?? null
+        participant: tryParseJid(a.participant)?.userJid ?? a.participant ?? null
     };
 }
 /** Pure matcher. Exported for direct testing without a coordinator. */

package/dist/esm/message/WaMessageClient.js

@@ -188,6 +188,9 @@ export class WaMessageClient {
         if (input.metaNode) {
             content.push(input.metaNode);
         }
+        if (input.privacyTokenNode) {
+            content.push(input.privacyTokenNode);
+        }
         const node = {
             tag: WA_MESSAGE_TAGS.MESSAGE,
             attrs,

package/dist/esm/message/primitives/incoming.js

@@ -69,13 +69,22 @@ function buildIncomingEventRawNode(node) {
         content: children
     };
 }
-export function buildRecoveredIncomingEvent(webMessageInfo) {
+/**
+ * Rebuilds a `message` event from a recovered {@link proto.IWebMessageInfo}
+ * (placeholder resend). `meJid` is the current account user JID, used as the
+ * author fallback for self-sent group messages when the proto carries no
+ * participant and no `originalSelfAuthorUserJidString`.
+ */
+export function buildRecoveredIncomingEvent(webMessageInfo, meJid) {
     const key = webMessageInfo.key ?? {};
     const chatJid = key.remoteJid ?? undefined;
     const fromMe = key.fromMe === true;
-    const participant = key.participant ?? undefined;
     const isGroup = chatJid ? isGroupJid(chatJid) : false;
     const isBroadcast = chatJid ? isBroadcastJid(chatJid) : false;
+    const rawSelfAuthor = webMessageInfo.originalSelfAuthorUserJidString ?? meJid ?? undefined;
+    const selfAuthor = fromMe && (isGroup || isBroadcast) && rawSelfAuthor ? toUserJid(rawSelfAuthor) : undefined;
+    const participant = webMessageInfo.participant ?? key.participant ?? selfAuthor;
+    const pushName = webMessageInfo.pushName ?? undefined;
     const rawSender = fromMe ? undefined : isGroup || isBroadcast ? participant : chatJid;
     const sender = rawSender ? parseJidFull(rawSender) : null;
     const senderDevice = sender?.address.device;
@@ -90,7 +99,8 @@ export function buildRecoveredIncomingEvent(webMessageInfo) {
         attrs: {
             ...(stanzaId !== undefined ? { id: stanzaId } : {}),
             ...(chatJid !== undefined ? { from: chatJid } : {}),
-            ...(participant !== undefined ? { participant } : {})
+            ...(participant !== undefined ? { participant } : {}),
+            ...(pushName !== undefined ? { notify: pushName } : {})
         }
     };
     return {
@@ -107,6 +117,7 @@ export function buildRecoveredIncomingEvent(webMessageInfo) {
         },
         timestampSeconds,
         ...(expirationSeconds !== undefined ? { expirationSeconds } : {}),
+        ...(pushName !== undefined ? { pushName } : {}),
         message
     };
 }
@@ -229,7 +240,7 @@ function processMsmsgEncNode(node, encNode, senderJid, options) {
                 encPayload: decoded.encPayload
             }
         };
-        const chatJid = node.attrs.from;
+        const chatJid = node.attrs.from ? toUserJid(node.attrs.from) : node.attrs.from;
         const sender = senderJid ? parseJidFull(senderJid) : null;
         const isGroup = chatJid ? isGroupJid(chatJid) : false;
         const isBroadcast = chatJid ? isBroadcastJid(chatJid) : false;
@@ -302,7 +313,11 @@ async function decryptAndProcessEncNode(node, encNode, encType, senderJid, optio
             }
         }
         if (shouldEmitIncomingMessage(message)) {
-            const chatJid = node.attrs.from;
+            // remoteJid is the chat identity, which is deviceless: the device
+            // lives in senderDevice (from senderAddress), so strip any `:device`
+            // segment the `from` attr carries for 1:1 chats.
+            const fromAttr = node.attrs.from;
+            const chatJid = fromAttr ? toUserJid(fromAttr) : fromAttr;
             const isGroup = chatJid ? isGroupJid(chatJid) : false;
             const isBroadcast = chatJid ? isBroadcastJid(chatJid) : false;
             const senderUserJid = `${senderAddress.user}@${senderAddress.server}`;

package/dist/esm/protocol/constants.js

@@ -3,7 +3,7 @@ export { WA_SIGNALING, WA_PAIRING_KDF_INFO } from './auth.js';
 export { WA_CONNECTION_REASONS, WA_DISCONNECT_REASONS, WA_FAILURE_REASONS, WA_LOGOUT_REASONS, WA_READY_STATES, WA_STREAM_SIGNALING } from './stream.js';
 export { WA_IQ_TYPES, WA_NODE_TAGS, WA_XMLNS } from './nodes.js';
 export { WA_CALL_CHILD_TAGS, WA_CALL_NODE_ATTRS, WA_CALL_PAYLOAD_TAGS, WA_CALL_RECEIPT_PAYLOAD_TAGS } from './call.js';
-export { WA_EDIT_ATTRS, WA_ENC_MEDIA_TYPES, WA_EVENT_META_TYPES, WA_MESSAGE_TAGS, WA_MESSAGE_TYPES, WA_POLL_META_TYPES, WA_RETRYABLE_ACK_CODES, WA_STANZA_MSG_TYPES } from './message.js';
+export { WA_EDIT_ATTRS, WA_ENC_MEDIA_TYPES, WA_EVENT_META_TYPES, WA_MESSAGE_TAGS, WA_MESSAGE_TYPES, WA_NACK_REASONS, WA_POLL_META_TYPES, WA_RETRYABLE_ACK_CODES, WA_STANZA_MSG_TYPES } from './message.js';
 export { WA_APP_STATE_COLLECTIONS, WA_APP_STATE_COLLECTION_STATES, WA_APP_STATE_ERROR_CODES, WA_APP_STATE_KDF_INFO, WA_APP_STATE_KEY_TYPES, WA_APP_STATE_SYNC_DATA_TYPE } from './appstate.js';
 export { getWaMediaHkdfInfo, WA_MEDIA_HKDF_INFO, WA_PREVIEW_MEDIA_HKDF_INFO } from './media.js';
 export { WA_ACCOUNT_SYNC_PROTOCOLS, WA_DIRTY_PROTOCOLS, WA_DIRTY_TYPES, WA_SUPPORTED_DIRTY_TYPES } from './dirty.js';

package/dist/esm/protocol/message.js

@@ -27,6 +27,28 @@ export const WA_MESSAGE_TYPES = Object.freeze({
     RECEIPT_TYPE_VIEW: 'view'
 });
 export const WA_RETRYABLE_ACK_CODES = Object.freeze(['408', '429', '500', '503']);
+/**
+ * Stanza-ack `error` attr codes (nack reasons): sent when nacking a stanza
+ * that could not be handled, and matched against the `error` carried by an
+ * inbound publish ack (e.g. stale group addressing mode).
+ */
+export const WA_NACK_REASONS = Object.freeze({
+    STALE_GROUP_ADDRESSING_MODE: 421,
+    NEW_CHAT_MESSAGES_CAPPED: 475,
+    PARSING_ERROR: 487,
+    UNRECOGNIZED_STANZA: 488,
+    UNRECOGNIZED_STANZA_CLASS: 489,
+    UNRECOGNIZED_STANZA_TYPE: 490,
+    INVALID_PROTOBUF: 491,
+    INVALID_HOSTED_COMPANION_STANZA: 493,
+    MISSING_MESSAGE_SECRET: 495,
+    SIGNAL_ERROR_OLD_COUNTER: 496,
+    MESSAGE_DELETED_ON_PEER: 499,
+    UNHANDLED_ERROR: 500,
+    UNSUPPORTED_ADMIN_REVOKE: 550,
+    UNSUPPORTED_LID_GROUP: 551,
+    DB_OPERATION_FAILED: 552
+});
 export const WA_STANZA_MSG_TYPES = Object.freeze({
     TEXT: 'text',
     MEDIA: 'media',

package/dist/esm/retry/replay.js

@@ -66,6 +66,9 @@ export class WaRetryReplayService {
         const metaNode = isHostedDeviceJid(requesterJid)
             ? buildMetaNode({ sender_intent: 'hosted' })
             : undefined;
+        const privacyTokenNode = requesterIsSelf
+            ? undefined
+            : await this.resolvePrivacyToken(requesterJid);
         await this.options.messageClient.sendEncrypted({
             to: requesterJid,
             encType: encrypted.type,
@@ -74,7 +77,8 @@ export class WaRetryReplayService {
             id: outbound.messageId,
             type: payload.type,
             deviceIdentity,
-            metaNode
+            metaNode,
+            privacyTokenNode
         });
         return 'resent';
     }
@@ -88,6 +92,32 @@ export class WaRetryReplayService {
         }
         return proto.ADVSignedDeviceIdentity.encode(signedIdentity).finish();
     }
+    /**
+     * Resolves the trusted-contact token node for the requester's user jid. A
+     * failure (or absent resolver) yields no node and the resend still goes out.
+     */
+    async resolvePrivacyToken(requesterJid) {
+        if (!this.options.resolvePrivacyTokenNode) {
+            return undefined;
+        }
+        let recipientUserJid;
+        try {
+            recipientUserJid = toUserJid(requesterJid);
+        }
+        catch {
+            return undefined;
+        }
+        try {
+            return (await this.options.resolvePrivacyTokenNode(recipientUserJid)) ?? undefined;
+        }
+        catch (error) {
+            this.options.logger.warn('retry resend privacy token resolution failed', {
+                to: recipientUserJid,
+                message: toError(error).message
+            });
+            return undefined;
+        }
+    }
     async refreshRetryPlaintext(payload, options) {
         if (!options.wrapAsDeviceSent && !this.options.resolveUserIcdc) {
             return null;
@@ -199,6 +229,9 @@ export class WaRetryReplayService {
         const metaNode = isHostedDeviceJid(requesterJid)
             ? buildMetaNode({ sender_intent: 'hosted' })
             : undefined;
+        const privacyTokenNode = this.isRequesterCurrentAccount(requesterJid)
+            ? undefined
+            : await this.resolvePrivacyToken(requesterJid);
         await this.options.messageClient.sendEncrypted({
             to: requesterJid,
             encType: payload.encType,
@@ -208,7 +241,8 @@ export class WaRetryReplayService {
             type: payload.type,
             participant: payload.participant,
             deviceIdentity,
-            metaNode
+            metaNode,
+            privacyTokenNode
         });
         return 'resent';
     }

package/dist/esm/signal/session/SignalRatchet.js

@@ -156,9 +156,9 @@ export async function decryptMsg(session, parsed, onPrevSessionDecryptError) {
     }
     catch (error) {
         for (let i = 0; i < session.prevSessions.length; i += 1) {
-            const decodedPrev = decodeSignalSessionSnapshot(session.prevSessions[i], `prevSessions[${i}]`);
-            const prevSession = snapshotToRecord(decodedPrev);
             try {
+                const decodedPrev = decodeSignalSessionSnapshot(session.prevSessions[i], `prevSessions[${i}]`);
+                const prevSession = snapshotToRecord(decodedPrev);
                 const [updatedPrev, plaintext] = await decryptMsgFromSession(prevSession, parsed);
                 const updatedSession = {
                     ...updatedPrev,

package/dist/esm/transport/WaComms.js

@@ -169,6 +169,10 @@ export class WaComms {
         await this.socket.close(1000, 'stop_comms');
     }
     async closeSocketAndResume() {
+        if (!this.started || this.preventRetry) {
+            this.logger.debug('comms resume skipped: comms stopped or retry disabled');
+            return;
+        }
         this.logger.debug('comms close socket and resume requested');
         this.resetConnectionState({
             started: true,

package/dist/esm/transport/keepalive/WaKeepAlive.js

@@ -101,6 +101,10 @@ export class WaKeepAlive {
             }
         }
         catch (error) {
+            if (generation !== this.generation) {
+                this.logger.trace('keepalive stopped during in-flight ping, not resuming');
+                return;
+            }
             this.logger.warn('keepalive ping failed, reconnecting socket', {
                 message: toError(error).message
             });

package/dist/esm/transport/node/WaNodeOrchestrator.js

@@ -12,7 +12,7 @@ export class WaNodeOrchestrator {
         this.sendNodeFn = options.sendNode;
         this.defaultTimeoutMs = options.defaultTimeoutMs ?? WA_DEFAULTS.NODE_QUERY_TIMEOUT_MS;
         this.hostDomain = options.hostDomain ?? WA_DEFAULTS.HOST_DOMAIN;
-        this.mobileIqIdFormat = options.mobileIqIdFormat === true;
+        this.mobileIqIdFormat = options.mobileIqIdFormat ?? (() => false);
         this.idGenerator = null;
         this.idGeneratorReady = null;
         this.pendingQueries = new Map();
@@ -134,7 +134,7 @@ export class WaNodeOrchestrator {
         if (this.idGenerator) {
             return this.idGenerator;
         }
-        if (this.mobileIqIdFormat) {
+        if (this.mobileIqIdFormat()) {
             this.idGenerator = createMobileNodeIdGenerator();
             this.logger.debug('generated stanza prefix (mobile)', {
                 prefix: this.idGenerator.prefix

package/dist/esm/transport/node/builders/global.js

@@ -57,6 +57,9 @@ export function buildAckNode(input) {
             to: input.to,
             class: WA_MESSAGE_TYPES.ACK_CLASS_MESSAGE
         };
+        if (input.error !== undefined) {
+            attrs.error = String(input.error);
+        }
         const type = input.typeOverride ?? input.node.attrs.type;
         if (type) {
             attrs.type = type;