Stian/Shade
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
v4.2.1
Shade/packages/shade-transport-bridge
History
Sterister b77b7e771c
Some checks failed
Publish / publish (push) Has been cancelled
Details
Docker build and publish / docker (push) Has been cancelled
Details
release(v4.2.1): fix concurrent-ratchet desync via OutboundQueue waiter cursor 
Pull-mode httpClient + drainer + parallel RPCs against the same peer
deteriorated after ~10s with `DecryptionError`. Two bugs combined:

- `OutboundQueue.enqueue` woke `drain` waiters with a `since=0`
  snapshot, replaying already-processed events into
  `Shade.acceptTransferEnvelope` → `manager.decrypt` twice. The
  duplicate consumed an already-used skipped key and corrupted the
  Double Ratchet receive chain.

- `ratchetDecrypt` then propagated the corruption: a same-DH
  message behind the chain with no cached skipped key fell through
  to `kdfChainKey` on the ahead state and rewound `chain.counter`,
  permanently desyncing the chain.

Fix `OutboundQueue` to honor each waiter's `since`, and harden
`ratchetDecrypt` so any future duplicate fails cleanly without
mutating state. Adds regression coverage at all three layers.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-04 22:58:26 +02:00
..
src
release(v4.0.1): strict-TS publishability fixes
2026-05-03 19:36:47 +02:00
tests
release(v4.0.0): Shade GA — V3.x consolidation + audit prep
2026-05-03 18:35:35 +02:00
package.json
release(v4.2.1): fix concurrent-ratchet desync via OutboundQueue waiter cursor
2026-05-04 22:58:26 +02:00
README.md
release(v4.0.0): Shade GA — V3.x consolidation + audit prep
2026-05-03 18:35:35 +02:00
tsconfig.json
release(v4.0.0): Shade GA — V3.x consolidation + audit prep
2026-05-03 18:35:35 +02:00

README.md

@shade/transport-bridge

Transport-agnostic delivery for Shade: WS → SSE → long-poll, in priority order, behind a single IncomingMessage interface.

import {
  FallbackBridgeTransport,
  WsBridge,
  SseBridge,
  LongPollBridge,
} from '@shade/transport-bridge';

const auth = { crypto, signingPrivateKey, address: 'bob' };

const bridge = new FallbackBridgeTransport([
  new WsBridge({       baseUrl, auth }),
  new SseBridge({      baseUrl, auth }),
  new LongPollBridge({ baseUrl, auth }),
]);

await bridge.connect({
  onMessage: (msg) => {
    // msg: { from: string; bytes: Uint8Array; receivedAt: number; msgId?: string }
  },
});

console.log(bridge.activeKind); // "ws" | "sse" | "long-poll"

Pair with createBridgeRoutes in @shade/inbox-server to expose the matching /v1/bridge/{stream,poll,ws} endpoints. Full design + threat model in docs/transport.md.

What it solves

Browser extensions, strict corporate proxies, and edge runtimes routinely block long-lived WebSockets. Apps that already use the Shade inbox shouldn't have to write three custom delivery paths to handle the realistic mix of hostile networks they ship into. This package is the canonical answer.

Status

V3.7. Stable wire format, additive change to @shade/inbox-server. See CHANGELOG.

Reference in New Issue View Git Blame Copy Permalink