alezmad/claudemesh
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a3cf9b938e791cc2d7b1a95e5f080fa08f9d33f1
claudemesh/apps/web/src/services/crypto/identity.ts
Alejandro Gutiérrez a3cf9b938e
Some checks failed
CI / Lint (push) Has been cancelled
Details
CI / Typecheck (push) Has been cancelled
Details
CI / Broker tests (Postgres) (push) Has been cancelled
Details
CI / Docker build (linux/amd64) (push) Has been cancelled
Details
feat(web+api): browser-side per-topic encryption (v0.3.0 phase 3.5) 
Closes the v1-vs-v2 split between CLI and dashboard. The web chat
panel now reads and writes the same crypto_secretbox-under-topic-key
ciphertext that CLI 1.8.0+ writes — every encrypted topic finally
renders correctly from the browser.

API
- POST /v1/me/peer-pubkey replaces the throwaway pubkey that
  mutations.ts mints at mesh-create time with one whose secret the
  browser actually holds. Idempotent; auth via the dashboard apikey
  whose issuedByMemberId is the row to update.

Web
- apps/web/src/services/crypto/identity.ts — IndexedDB-backed
  ed25519 identity, lazy-init on first use. Generates once per
  browser-profile; survives reload. ed25519 → x25519 derivation for
  crypto_box decrypt. Module-cached after first call.
- apps/web/src/services/crypto/topic-key.ts — mirrors the CLI
  topic-key service. Fetches GET /v1/topics/:name/key, decrypts the
  sealed copy with our x25519 secret, caches the 32-byte symmetric
  key in-memory keyed by (apikey-prefix, topic). encryptMessage /
  decryptMessage map directly onto crypto_secretbox{,_open}.
- apps/web/src/modules/mesh/topic-chat-panel.tsx — on mount:
  registers our pubkey, fetches the topic key, polls /key every 5s
  while not_sealed (matching the CLI's 30s re-seal cadence). Render
  branches on bodyVersion: v2 -> decrypted-cache, v1 -> legacy
  base64. Send branches: encrypts under the topic key when key is
  ready, falls back to v1 plaintext on legacy or not-yet-sealed
  topics. Composer shows a 🔒 v0.3.0 / "waiting for re-seal" badge.

Adds libsodium-wrappers + @types to apps/web. Browser bundle picks
up its own copy; the existing CLI/broker/API copies are untouched.

Threat model: IndexedDB is per-origin and not exfiltratable from
other sites; XSS or a malicious extension still wins, same as for
any browser-stored secret. Documented divergence from the CLI's
~/.claudemesh-stored keypair in the identity module's preamble.
2026-05-02 22:59:08 +01:00

137 lines
4.4 KiB
TypeScript
Raw Blame History

/**
* Browser-side persistent peer identity for claudemesh.
*
* Stores an ed25519 keypair in IndexedDB so the same browser tab,
* the same browser after a reload, and the same user across reloads
* keeps the same identity. Without this, every page-reload would
* mint a new pubkey and the broker's per-topic-key seal would have
* to chase a moving target.
*
* The keypair lives at `claudemesh-identity / kp / default`. There's
* one identity per browser profile, shared across every mesh the
* dashboard user is in. The matching `mesh.member.peer_pubkey` rows
* are kept in sync server-side via `POST /v1/me/peer-pubkey`.
*
* Threat model: IndexedDB is per-origin and not exfiltratable from
* other sites. A malicious extension or full XSS still wins — same
* as for any browser-stored secret. The CLI's own keypair has
* stronger guarantees because it lives in `~/.claudemesh/` outside
* of the browser. We document the divergence in the dashboard UI.
*/
import sodium from "libsodium-wrappers";
export interface BrowserIdentity {
/** ed25519 public key — registered as `mesh.member.peer_pubkey`. */
edPub: Uint8Array;
/** ed25519 secret key — never leaves IndexedDB. */
edSec: Uint8Array;
/** x25519 public key, derived from edPub. Used in `crypto_box`. */
xPub: Uint8Array;
/** x25519 secret key, derived from edSec. Used in `crypto_box_open`. */
xSec: Uint8Array;
/** Hex form of `edPub` — what the API and DB store. */
edPubHex: string;
}
const DB_NAME = "claudemesh-identity";
const STORE = "kp";
const KEY = "default";
let cached: BrowserIdentity | null = null;
let initPromise: Promise<BrowserIdentity> | null = null;
async function openDb(): Promise<IDBDatabase> {
return new Promise((resolve, reject) => {
const req = indexedDB.open(DB_NAME, 1);
req.onupgradeneeded = () => {
req.result.createObjectStore(STORE);
};
req.onsuccess = () => resolve(req.result);
req.onerror = () => reject(req.error);
});
}
async function readKeypair(): Promise<{
edPub: Uint8Array;
edSec: Uint8Array;
} | null> {
const db = await openDb();
return new Promise((resolve, reject) => {
const tx = db.transaction(STORE, "readonly");
const req = tx.objectStore(STORE).get(KEY);
req.onsuccess = () => {
const v = req.result as
| { edPub: Uint8Array; edSec: Uint8Array }
| undefined;
resolve(v ?? null);
};
req.onerror = () => reject(req.error);
});
}
async function writeKeypair(kp: {
edPub: Uint8Array;
edSec: Uint8Array;
}): Promise<void> {
const db = await openDb();
return new Promise((resolve, reject) => {
const tx = db.transaction(STORE, "readwrite");
tx.objectStore(STORE).put(kp, KEY);
tx.oncomplete = () => resolve();
tx.onerror = () => reject(tx.error);
});
}
/**
* Get-or-create the browser's persistent identity. First call on a
* given origin generates a fresh ed25519 keypair, persists it, and
* derives the matching x25519 pair. Subsequent calls return the
* in-memory cache.
*
* Server registration (`POST /v1/me/peer-pubkey`) is the caller's
* responsibility — this module only manages the local keypair.
*/
export async function getBrowserIdentity(): Promise<BrowserIdentity> {
if (cached) return cached;
if (initPromise) return initPromise;
initPromise = (async () => {
await sodium.ready;
let stored = await readKeypair();
if (!stored) {
const kp = sodium.crypto_sign_keypair();
stored = { edPub: kp.publicKey, edSec: kp.privateKey };
await writeKeypair(stored);
}
const xPub = sodium.crypto_sign_ed25519_pk_to_curve25519(stored.edPub);
const xSec = sodium.crypto_sign_ed25519_sk_to_curve25519(stored.edSec);
cached = {
edPub: stored.edPub,
edSec: stored.edSec,
xPub,
xSec,
edPubHex: sodium.to_hex(stored.edPub),
};
return cached;
})();
return initPromise;
}
/**
* Wipe the local identity. The server-side `mesh.member.peer_pubkey`
* is NOT cleared by this — call `POST /v1/me/peer-pubkey` again with
* a fresh pubkey after rotation.
*/
export async function clearBrowserIdentity(): Promise<void> {
cached = null;
initPromise = null;
const db = await openDb();
await new Promise<void>((resolve, reject) => {
const tx = db.transaction(STORE, "readwrite");
tx.objectStore(STORE).delete(KEY);
tx.oncomplete = () => resolve();
tx.onerror = () => reject(tx.error);
});
}
Reference in New Issue View Git Blame Copy Permalink