Sterister
e6fdf31b49
Some checks failed
Test / test (push) Has been cancelled
Cross-platform vectors / TypeScript vectors (bun) (push) Has been cancelled
Cross-platform vectors / Kotlin vectors (gradle) (push) Has been cancelled
Docker build and publish / docker (push) Has been cancelled
Publish / publish (push) Has been cancelled
V3.1 → V3.12 consolidated and tagged for the first GA release. Wire format unchanged from 0.4.x — 4.0 peers interoperate with 0.4.x peers byte-for-byte. The version bump is semantic: audit-cycle complete, opt-in surface fully exposed, threat model refreshed for every new surface. Highlights: - All 24 @shade/* packages bumped to 4.0.0 in lockstep. - CHANGELOG 4.0.0 section is the canonical manifest of what landed. - THREAT-MODEL extended (§10 fingerprint gates, §11 WebRTC P2P, §12 Web-Worker boundary) + residual-risks table refreshed. - OpenAPI now covers all 27 routes: prekey, transfer, KT, inbox, bridge, observer, /metrics, /healthz, /ready. - MIGRATION 0.3.x → 4.0 documented + smoke-tested against shade migrate-storage on a real SQLite DB. - docs/audit/REVIEW-BUNDLE.md + SCOPE.md ready for external reviewer. - scripts/soak.ts harness for the GA-stable 2-week soak window. - All V*.md plans archived under docs/archive/ with Status: Done. - Voice/Video carved out into V5.0; 4.0 audit focuses on the frozen non-realtime stack. Tests: TS 1000/1000 + Kotlin 11/11 cross-platform vectors green. Docker: gt.zyon.no/stian/shade-prekey:4.0.0 builds and reports version 4.0.0 on /health. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
69 lines
2.2 KiB
TypeScript
69 lines
2.2 KiB
TypeScript
import { Hono } from 'hono';
|
|
import { createShade } from '@shade/sdk';
|
|
|
|
/**
|
|
* __PROJECT_NAME__ — Shade-enabled Bun server template.
|
|
*
|
|
* Exposes two endpoints:
|
|
* POST /send — encrypt a message to a peer
|
|
* POST /receive — decrypt an incoming envelope
|
|
*/
|
|
|
|
const shade = await createShade({
|
|
prekeyServer: process.env.SHADE_PREKEY_SERVER ?? '__PREKEY_SERVER__',
|
|
storage: process.env.SHADE_DB_PATH ?? 'sqlite:./.shade/client.db',
|
|
address: '__PROJECT_NAME__',
|
|
});
|
|
|
|
console.log(`Shade initialized as ${shade.myAddress}`);
|
|
console.log(`Fingerprint: ${await shade.fingerprint}`);
|
|
|
|
shade.onMessage((from, msg) => {
|
|
console.log(`[${from}] ${msg}`);
|
|
});
|
|
|
|
// ─── Resumable-stream retention ──────────────────────────────────
|
|
//
|
|
// Drop stream-state records older than SHADE_STREAM_RETENTION_DAYS
|
|
// (default 14d). See docs/streams.md § Retention. Override the
|
|
// horizon with the env var; cron interval is fixed at 24h.
|
|
const STREAM_RETENTION_DAYS = Number(process.env.SHADE_STREAM_RETENTION_DAYS ?? 14);
|
|
const ONE_DAY_MS = 24 * 60 * 60 * 1000;
|
|
const HORIZON_MS = STREAM_RETENTION_DAYS * ONE_DAY_MS;
|
|
|
|
async function pruneStreamStatesOnce(): Promise<void> {
|
|
try {
|
|
await shade.pruneStreamStates(Date.now() - HORIZON_MS);
|
|
} catch (err) {
|
|
console.error('[shade] pruneStreamStates failed:', err);
|
|
}
|
|
}
|
|
|
|
await pruneStreamStatesOnce();
|
|
const streamPruneTimer = setInterval(pruneStreamStatesOnce, ONE_DAY_MS);
|
|
// Don't keep the process alive for the timer alone.
|
|
if (typeof streamPruneTimer.unref === 'function') streamPruneTimer.unref();
|
|
|
|
const app = new Hono();
|
|
|
|
app.get('/', (c) => c.text(`__PROJECT_NAME__ — Shade-enabled backend`));
|
|
|
|
app.post('/send', async (c) => {
|
|
const { to, message } = await c.req.json();
|
|
const envelope = await shade.send(to, message);
|
|
return c.json({ envelope });
|
|
});
|
|
|
|
app.post('/receive', async (c) => {
|
|
const { from, envelope } = await c.req.json();
|
|
const plaintext = await shade.receive(from, envelope);
|
|
return c.json({ plaintext });
|
|
});
|
|
|
|
export default {
|
|
port: Number(process.env.PORT ?? 3000),
|
|
fetch: app.fetch,
|
|
};
|
|
|
|
console.log(`Server listening on :${process.env.PORT ?? 3000}`);
|