meshcode 2.5.7__tar.gz → 2.5.8__tar.gz

{meshcode-2.5.7 → meshcode-2.5.8}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: meshcode
-Version: 2.5.7
+Version: 2.5.8
 Summary: Real-time communication between AI agents — Supabase-backed CLI
 Author-email: MeshCode <hello@meshcode.io>
 License: MIT

{meshcode-2.5.7 → meshcode-2.5.8}/meshcode/__init__.py

@@ -1,2 +1,2 @@
 """MeshCode — Real-time communication between AI agents."""
-__version__ = "2.5.7"
+__version__ = "2.5.8"

{meshcode-2.5.7 → meshcode-2.5.8}/meshcode/meshcode_mcp/backend.py

@@ -244,8 +244,8 @@ def send_message(project_id: str, from_agent: str, to_agent: str, payload: Any,
     if encrypted and api_key:
         mesh_key = get_mesh_key(api_key, project_id)
         if mesh_key:
-            encrypted_data = encrypt_payload(payload, mesh_key)
-            payload = {"_encrypted": encrypted_data}
+            encrypted_data = encrypt_payload(payload, mesh_key, aad=project_id)
+            payload = {"_encrypted": encrypted_data, "_aad": project_id}
             actual_encrypted = True
 
     # Use validated SECURITY DEFINER RPC when api_key is provided
@@ -302,6 +302,55 @@ def send_message(project_id: str, from_agent: str, to_agent: str, payload: Any,
 
 
 def read_inbox(project_id: str, agent: str, mark_read: bool = True, api_key: Optional[str] = None) -> List[Dict]:
+    # Use SECURITY DEFINER RPC when api_key is available (bypasses RLS safely)
+    if api_key:
+        rpc_result = sb_rpc("mc_read_inbox", {
+            "p_api_key": api_key,
+            "p_project_id": project_id,
+            "p_agent_name": agent,
+            "p_mark_read": mark_read,
+        })
+        if isinstance(rpc_result, dict) and rpc_result.get("ok"):
+            messages = rpc_result.get("messages", [])
+            if isinstance(messages, list):
+                # Auto-decrypt and ACK (mark_read already handled by RPC)
+                mesh_key = None
+                for m in messages:
+                    p = m.get("payload")
+                    if isinstance(p, dict) and "_encrypted" in p:
+                        if mesh_key is None:
+                            mesh_key = get_mesh_key(api_key, project_id)
+                        if mesh_key:
+                            decrypted = decrypt_payload(p["_encrypted"], mesh_key)
+                            if decrypted is not None:
+                                m["payload"] = decrypted
+                                m["_was_encrypted"] = True
+                if mark_read and messages:
+                    import datetime as _dt
+                    now = _dt.datetime.now(_dt.timezone.utc)
+                    def _is_stale_rpc(m):
+                        ts = m.get("created_at")
+                        if not ts:
+                            return True
+                        try:
+                            dt = _dt.datetime.fromisoformat(str(ts).replace("Z", "+00:00"))
+                            return (now - dt).total_seconds() > 60
+                        except Exception:
+                            return True
+                    ack_targets = {
+                        m.get("from_agent", "")
+                        for m in messages
+                        if m.get("type") not in ("ack", "broadcast") and _is_stale_rpc(m)
+                    }
+                    for sender in ack_targets:
+                        if sender:
+                            send_message(project_id, agent, sender,
+                                         {"text": f"{agent} read your message"},
+                                         msg_type="ack", api_key=api_key)
+                return messages
+        # If RPC doesn't exist yet, fall through to direct query
+
+    # Fallback: direct SELECT (tests/legacy — requires anon RLS bypass)
     messages = sb_select(
         "mc_messages",
         f"project_id=eq.{project_id}&to_agent=eq.{quote(agent)}&read=eq.false",
@@ -365,7 +414,19 @@ def read_inbox(project_id: str, agent: str, mark_read: bool = True, api_key: Opt
     return messages
 
 
-def count_pending(project_id: str, agent: str) -> int:
+def count_pending(project_id: str, agent: str, api_key: Optional[str] = None) -> int:
+    # Use SECURITY DEFINER RPC when api_key is available
+    if api_key:
+        result = sb_rpc("mc_count_pending", {
+            "p_api_key": api_key,
+            "p_project_id": project_id,
+            "p_agent_name": agent,
+        })
+        if isinstance(result, dict) and result.get("ok"):
+            return result.get("count", 0)
+        # Fall through to direct query if RPC doesn't exist yet
+
+    # Fallback: direct SELECT (tests/legacy)
     pending = sb_select(
         "mc_messages",
         f"project_id=eq.{project_id}&to_agent=eq.{quote(agent)}&read=eq.false&type=neq.ack",
@@ -396,8 +457,15 @@ def get_mesh_key(api_key: str, project_id: str) -> Optional[str]:
     return None
 
 
-def encrypt_payload(payload: Dict, hex_key: str) -> str:
-    """Encrypt a JSON payload using AES-256-GCM. Returns base64-encoded ciphertext."""
+def encrypt_payload(payload: Dict, hex_key: str, aad: Optional[str] = None) -> str:
+    """Encrypt a JSON payload using AES-256-GCM with optional AAD.
+
+    Args:
+        payload: JSON-serializable dict to encrypt.
+        hex_key: Hex-encoded AES-256 key.
+        aad: Additional Authenticated Data (e.g. project_id) to bind
+             ciphertext to context and prevent replay/swap attacks.
+    """
     import base64
     try:
         from cryptography.hazmat.primitives.ciphers.aead import AESGCM
@@ -406,14 +474,19 @@ def encrypt_payload(payload: Dict, hex_key: str) -> str:
     key = bytes.fromhex(hex_key)
     nonce = os.urandom(12)  # 96-bit nonce for GCM
     plaintext = json.dumps(payload).encode("utf-8")
+    aad_bytes = aad.encode("utf-8") if aad else None
     aesgcm = AESGCM(key)
-    ciphertext = aesgcm.encrypt(nonce, plaintext, None)
+    ciphertext = aesgcm.encrypt(nonce, plaintext, aad_bytes)
     # Format: base64(nonce + ciphertext)
     return base64.b64encode(nonce + ciphertext).decode("ascii")
 
 
-def decrypt_payload(encrypted_b64: str, hex_key: str) -> Optional[Dict]:
-    """Decrypt an AES-256-GCM encrypted payload. Returns None on failure."""
+def decrypt_payload(encrypted_b64: str, hex_key: str, aad: Optional[str] = None) -> Optional[Dict]:
+    """Decrypt an AES-256-GCM encrypted payload. Returns None on failure.
+
+    Tries with AAD first, falls back to no-AAD for backward compat
+    with messages encrypted before AAD was added.
+    """
     import base64
     try:
         from cryptography.hazmat.primitives.ciphers.aead import AESGCM
@@ -425,6 +498,15 @@ def decrypt_payload(encrypted_b64: str, hex_key: str) -> Optional[Dict]:
         nonce = raw[:12]
         ciphertext = raw[12:]
         aesgcm = AESGCM(key)
+        aad_bytes = aad.encode("utf-8") if aad else None
+        # Try with AAD first
+        if aad_bytes:
+            try:
+                plaintext = aesgcm.decrypt(nonce, ciphertext, aad_bytes)
+                return json.loads(plaintext.decode("utf-8"))
+            except Exception:
+                pass  # Fall through to no-AAD for backward compat
+        # Try without AAD (legacy messages)
         plaintext = aesgcm.decrypt(nonce, ciphertext, None)
         return json.loads(plaintext.decode("utf-8"))
     except Exception:

{meshcode-2.5.7 → meshcode-2.5.8}/meshcode/meshcode_mcp/server.py

@@ -1148,6 +1148,7 @@ def meshcode_send(to: str, message: Any, in_reply_to: Optional[str] = None,
                 "p_api_key": api_key,
                 "p_source_project": PROJECT_NAME,
                 "p_target_project": target_meshwork,
+                "p_agent_name": AGENT_NAME,
             })
             if not isinstance(key_result, dict) or not key_result.get("ok"):
                 err = key_result.get("error", "unknown") if isinstance(key_result, dict) else "RPC failed"
@@ -1426,7 +1427,7 @@ def meshcode_check(include_acks: bool = False, since: Optional[str] = None) -> D
         since: ISO-8601 timestamp. Only return messages newer than this.
                Use meshcode_remember("last_seen", ts) to persist across sessions.
     """
-    pending = be.count_pending(_PROJECT_ID, AGENT_NAME)
+    pending = be.count_pending(_PROJECT_ID, AGENT_NAME, api_key=_get_api_key())
     # Peek at realtime buffer WITHOUT draining — check is non-destructive
     realtime_buffered = _REALTIME.peek() if _REALTIME else []
     # Don't mark as seen — meshcode_check is a peek, not a consume
@@ -2079,7 +2080,15 @@ def history_resource() -> str:
 # ============================================================
 
 def _auto_update() -> None:
-    """Silently upgrade meshcode from PyPI in background on every launch."""
+    """Upgrade meshcode from PyPI in background — opt-in via MESHCODE_AUTO_UPDATE=1.
+
+    Disabled by default to mitigate supply chain risk: if the PyPI account
+    is compromised, every agent would silently install malicious code.
+    """
+    if os.environ.get("MESHCODE_AUTO_UPDATE", "0") != "1":
+        log.debug("[meshcode] Auto-update disabled (set MESHCODE_AUTO_UPDATE=1 to enable)")
+        return
+
     import threading
 
     def _upgrade():

{meshcode-2.5.7 → meshcode-2.5.8}/meshcode.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: meshcode
-Version: 2.5.7
+Version: 2.5.8
 Summary: Real-time communication between AI agents — Supabase-backed CLI
 Author-email: MeshCode <hello@meshcode.io>
 License: MIT

{meshcode-2.5.7 → meshcode-2.5.8}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "meshcode"
-version = "2.5.7"
+version = "2.5.8"
 description = "Real-time communication between AI agents — Supabase-backed CLI"
 readme = "README.md"
 license = {text = "MIT"}