feat!: keychain and configurable crypto

package.json

@@ -47,6 +47,9 @@
     "packages/*"
   ],
   "overrides": {
-    "playwright-core": "1.55.1"
+    "multiformats": "^14.0.0",
+    "uint8arrays": "^6.0.0",
+    "interface-datastore": "^10.0.1",
+    "uint8-varint": "^3.0.0"
   }
 }

packages/helia/package.json

@@ -52,7 +52,7 @@
     "@chainsafe/libp2p-noise": "^17.0.0",
     "@chainsafe/libp2p-yamux": "^8.0.1",
     "@helia/block-brokers": "^5.2.4",
-    "@helia/delegated-routing-v1-http-api-client": "^6.0.1",
+    "@helia/delegated-routing-v1-http-api-client": "^7.0.1",
     "@helia/interface": "^6.2.1",
     "@helia/routers": "^5.1.1",
     "@helia/utils": "^2.5.2",
@@ -79,7 +79,6 @@
     "blockstore-core": "^7.0.1",
     "datastore-core": "^12.0.1",
     "interface-datastore": "^10.0.1",
-    "ipns": "^11.0.0",
     "libp2p": "^3.2.0",
     "multiformats": "^14.0.0"
   },

packages/helia/src/utils/libp2p-defaults.browser.ts

@@ -14,8 +14,6 @@ import { mplex } from '@libp2p/mplex'
 import { ping } from '@libp2p/ping'
 import { webRTC, webRTCDirect } from '@libp2p/webrtc'
 import { webSockets } from '@libp2p/websockets'
-import { ipnsSelector } from 'ipns/selector'
-import { ipnsValidator } from 'ipns/validator'
 import { userAgent } from 'libp2p/user-agent'
 import { name, version } from '../version.ts'
 import { bootstrapConfig } from './bootstrappers.ts'
@@ -74,13 +72,7 @@ export function libp2pDefaults (options: Libp2pDefaultsOptions = {}): Libp2pOpti
       dcutr: dcutr(),
       delegatedRouting: delegatedRoutingV1HttpApiClient(delegatedHTTPRoutingDefaults()),
       dht: kadDHT({
-        clientMode: true,
-        validators: {
-          ipns: ipnsValidator
-        },
-        selectors: {
-          ipns: ipnsSelector
-        }
+        clientMode: true
       }),
       identify: identify(),
       identifyPush: identifyPush(),

packages/helia/src/utils/libp2p-defaults.ts

@@ -1,6 +1,6 @@
 import { noise } from '@chainsafe/libp2p-noise'
 import { yamux } from '@chainsafe/libp2p-yamux'
-import { delegatedRoutingV1HttpApiClient } from '@helia/delegated-routing-v1-http-api-client'
+import { delegatedRoutingV1HttpApiClientContentRouting, delegatedRoutingV1HttpApiClientPeerRouting } from '@helia/delegated-routing-v1-http-api-client'
 import { delegatedHTTPRoutingDefaults } from '@helia/routers'
 import { autoTLS } from '@ipshipyard/libp2p-auto-tls'
 import { autoNAT } from '@libp2p/autonat'
@@ -19,8 +19,6 @@ import { tls } from '@libp2p/tls'
 import { uPnPNAT } from '@libp2p/upnp-nat'
 import { webRTC, webRTCDirect } from '@libp2p/webrtc'
 import { webSockets } from '@libp2p/websockets'
-import { ipnsSelector } from 'ipns/selector'
-import { ipnsValidator } from 'ipns/validator'
 import { userAgent } from 'libp2p/user-agent'
 import { name, version } from '../version.ts'
 import { bootstrapConfig } from './bootstrappers.ts'
@@ -38,7 +36,8 @@ export interface DefaultLibp2pServices extends Record<string, unknown> {
   autoNAT: unknown
   autoTLS: AutoTLS
   dcutr: unknown
-  delegatedRouting: unknown
+  delegatedContentRouting: unknown
+  delegatedPeerRouting: unknown
   dht: KadDHT
   identify: Identify
   keychain: Keychain
@@ -116,15 +115,9 @@ export function libp2pDefaults (options: Libp2pDefaultsOptions = {}): Libp2pOpti
       autoNAT: autoNAT(),
       autoTLS: autoTLS(),
       dcutr: dcutr(),
-      delegatedRouting: delegatedRoutingV1HttpApiClient(delegatedHTTPRoutingDefaults()),
-      dht: kadDHT({
-        validators: {
-          ipns: ipnsValidator
-        },
-        selectors: {
-          ipns: ipnsSelector
-        }
-      }),
+      delegatedPeerRouting: delegatedRoutingV1HttpApiClientPeerRouting(delegatedHTTPRoutingDefaults()),
+      delegatedContentRouting: delegatedRoutingV1HttpApiClientContentRouting(delegatedHTTPRoutingDefaults()),
+      dht: kadDHT(),
       identify: identify(),
       identifyPush: identifyPush(),
       keychain: keychain(options.keychain),

packages/helia/src/utils/libp2p.ts

@@ -26,7 +26,6 @@ export async function createLibp2p <T extends Record<string, unknown>> (options:
 
   // if no peer id was passed, try to load it from the keychain
   if (libp2pOptions.privateKey == null && options.datastore != null) {
-    // @ts-expect-error libp2p needs dep updates
     libp2pOptions.privateKey = await loadOrCreateSelfKey(options.datastore, options.keychain)
   }
 

packages/http/package.json

@@ -49,7 +49,7 @@
   },
   "dependencies": {
     "@helia/block-brokers": "^5.2.4",
-    "@helia/delegated-routing-v1-http-api-client": "^6.0.1",
+    "@helia/delegated-routing-v1-http-api-client": "^7.0.1",
     "@helia/interface": "^6.2.1",
     "@helia/routers": "^5.1.1",
     "@helia/utils": "^2.5.2",

packages/http/src/utils/libp2p.ts

@@ -26,7 +26,6 @@ export async function createLibp2p <T extends Record<string, unknown>> (options:
 
   // if no peer id was passed, try to load it from the keychain
   if (libp2pOptions.privateKey == null && options.datastore != null) {
-    // @ts-expect-error libp2p needs dep updates
     libp2pOptions.privateKey = await loadOrCreateSelfKey(options.datastore, options.keychain)
   }
 

packages/interface/package.json

@@ -75,6 +75,7 @@
     "@libp2p/interface": "^3.2.0",
     "@multiformats/dns": "^1.0.13",
     "@multiformats/multiaddr": "^13.0.1",
+    "abort-error": "^1.0.2",
     "interface-blockstore": "^7.0.1",
     "interface-datastore": "^10.0.1",
     "multiformats": "^14.0.0",

packages/interface/src/errors.ts

@@ -42,3 +42,8 @@ export class InvalidCodecError extends Error {
     this.name = 'InvalidCodecError'
   }
 }
+
+export class UnknownCryptoError extends Error {
+  static name = 'UnknownCryptoError'
+  name = 'UnknownCryptoError'
+}

packages/interface/src/index.ts

@@ -15,21 +15,156 @@
  */
 
 import type { Blocks } from './blocks.ts'
+import type { Keychain } from './keychain.ts'
 import type { Pins } from './pins.ts'
 import type { Routing } from './routing.ts'
-import type { AbortOptions, ComponentLogger, Libp2p, Metrics, TypedEventEmitter } from '@libp2p/interface'
+import type { ComponentLogger, Libp2p, Metrics, TypedEventEmitter } from '@libp2p/interface'
 import type { DNS } from '@multiformats/dns'
+import type { AbortOptions } from 'abort-error'
 import type { Datastore } from 'interface-datastore'
 import type { BlockCodec, MultihashHasher } from 'multiformats'
-import type { CID } from 'multiformats/cid'
+import type { CID, MultihashDigest } from 'multiformats/cid'
 import type { ProgressEvent, ProgressOptions } from 'progress-events'
 
 export interface CodecLoader {
-  <T = any, Code extends number = any>(code: Code): BlockCodec<Code, T> | Promise<BlockCodec<Code, T>>
+  <T = any, Code extends number = any>(code: Code, options?: AbortOptions): BlockCodec<Code, T> | Promise<BlockCodec<Code, T>>
 }
 
 export interface HasherLoader {
-  (code: number): MultihashHasher | Promise<MultihashHasher>
+  (code: number, options?: AbortOptions): MultihashHasher | Promise<MultihashHasher>
+}
+
+export interface CryptoKeyLoader {
+  (codeOrName: number | string, options?: AbortOptions): CryptoKeyImplementation | Promise<CryptoKeyImplementation>
+}
+
+export interface PublicKey {
+  /**
+   * The type of the crypto implementation, e.g. `Ed15519`
+   */
+  readonly type: string
+
+  /**
+   * The code that is used as the `Type` field in the protobuf representation of
+   * the public/private keys
+   */
+  readonly code: number
+
+  /**
+   * Return a MultihashDigest that represents this key
+   */
+  toMultihash (): MultihashDigest
+
+  /**
+   * Return the libp2p-key CID that represents this key
+   */
+  toCID (): CID<unknown, 0x72, number, 1>
+
+  /**
+   * Return this key encoded as a protobuf PublicKey message
+   */
+  toProtobuf (): Uint8Array<ArrayBuffer>
+
+  /**
+   * Verify the passed message against it's signature
+   */
+  verify(message: Uint8Array, signature: Uint8Array, options?: AbortOptions): boolean | Promise<boolean>
+}
+
+export function isPublicKey (obj?: any): obj is PublicKey {
+  if (obj == null) {
+    return false
+  }
+
+  return typeof obj.type === 'string' && typeof obj.code === 'number' && typeof obj.verify === 'function'
+}
+
+export interface PrivateKey {
+  /**
+   * The type of the crypto implementation, e.g. `Ed15519`
+   */
+  readonly type: string
+
+  /**
+   * The code that is used as the `Type` field in the protobuf representation of
+   * the public/private keys
+   */
+  readonly code: number
+
+  /**
+   * The public key that corresponds to this private key
+   */
+  readonly publicKey: PublicKey
+
+  /**
+   * Return this key encoded as a protobuf PrivateKey message
+   */
+  toProtobuf (): Uint8Array<ArrayBuffer>
+
+  /**
+   * Sign the passed message and return a signature
+   */
+  sign(message: Uint8Array, options?: AbortOptions): Uint8Array<ArrayBuffer> | Promise<Uint8Array<ArrayBuffer>>
+}
+
+export function isPrivateKey (obj?: any): obj is PrivateKey {
+  if (obj == null) {
+    return false
+  }
+
+  return typeof obj.type === 'string' && typeof obj.code === 'number' && typeof obj.sign === 'function' && isPublicKey(obj.publicKey)
+}
+
+export interface CipherOptions extends AbortOptions {
+  iterations?: number
+  hash?: string
+  keyLength?: number
+  algorithm?: string
+}
+
+export interface EncryptionResult {
+  salt: Uint8Array<ArrayBuffer>
+  iv: Uint8Array<ArrayBuffer>
+  cipherText: Uint8Array<ArrayBuffer>
+}
+
+export interface Cipher {
+  encrypt(data: Uint8Array, options?: AbortOptions): Promise<EncryptionResult>
+  decrypt(salt: Uint8Array, iv: Uint8Array, cipherText: Uint8Array, options?: CipherOptions): Promise<Uint8Array<ArrayBuffer>>
+}
+
+export interface CryptoKeyImplementation {
+  /**
+   * The type of the crypto implementation, e.g. `Ed15519`
+   */
+  type: string
+
+  /**
+   * The code that is used as the `Type` field in the protobuf representation of
+   * the public/private keys
+   */
+  code: number
+
+  /**
+   * Create a new private key
+   */
+  createPrivateKey(options?: AbortOptions & Record<string, any>): Promise<PrivateKey>
+
+  /**
+   * Convert the passed bytes into a public key. The bytes come from the `.Data`
+   * field of a `PublicKey` protobuf message.
+   */
+  publicKeyFromProtobuf(buf: Uint8Array, options?: AbortOptions): PublicKey | Promise<PublicKey>
+
+  /**
+   * Convert a private key into a string suitable for storing in a datastore
+   */
+  serialize (key: PrivateKey, cipher: Cipher, options?: AbortOptions): Promise<string>
+
+  /**
+   * Convert a string from a datastore into a private key
+   */
+  deserialize (pem: string, cipher: Cipher, options?: AbortOptions): Promise<PrivateKey>
 }
 
 /**
@@ -56,6 +191,11 @@ export interface Helia<T extends Libp2p = Libp2p> {
    */
   events: TypedEventEmitter<HeliaEvents<T>>
 
+  /**
+   * Secure storage for private keys
+   */
+  keychain: Keychain
+
   /**
    * Pinning operations for blocks in the blockstore
    */
@@ -111,6 +251,11 @@ export interface Helia<T extends Libp2p = Libp2p> {
    * the hasher is being fetched from the network.
    */
   getHasher: HasherLoader
+
+  /**
+   * Cryptography implementations securely sign and verify data
+   */
+  getCryptoKey: CryptoKeyLoader
 }
 
 export type GcEvents =
@@ -147,5 +292,6 @@ export interface HeliaEvents<T extends Libp2p = Libp2p> {
 
 export * from './blocks.ts'
 export * from './errors.ts'
+export * from './keychain.ts'
 export * from './pins.ts'
 export * from './routing.ts'