Signed private key bundle (#175)

feat: private key bundle v2

Introducting PrivateKeyBundleV2 with signed private keys.
Also moving wallet encryption to EncryptedKeyStore.

Author: mkobetic

src/Client.ts

@@ -1,4 +1,4 @@
-import { PublicKeyBundle, PrivateKeyBundle } from './crypto'
+import { PublicKeyBundle, PrivateKeyBundleV1 } from './crypto'
 import Message from './Message'
 import {
   buildDirectMessageTopic,
@@ -8,7 +8,7 @@ import {
 import Stream, { MessageFilter, noTransformation } from './Stream'
 import { Signer } from 'ethers'
 import {
-  EncryptedStore,
+  EncryptedKeyStore,
   KeyStore,
   LocalStorageStore,
   PrivateTopicStore,
@@ -24,7 +24,7 @@ import {
 } from './MessageContent'
 import { decompress, compress } from './Compression'
 import { xmtpEnvelope, messageApi, fetcher } from '@xmtp/proto'
-import { DecodeContactBundle } from './ContactBundle'
+import { decodeContactBundle } from './ContactBundle'
 import ApiClient, { SortDirection } from './ApiClient'
 import { Authenticator } from './authn'
 const { Compression } = xmtpEnvelope
@@ -125,15 +125,15 @@ export function defaultOptions(opts?: Partial<ClientOptions>): ClientOptions {
  */
 export default class Client {
   address: string
-  keys: PrivateKeyBundle
+  keys: PrivateKeyBundleV1
   apiClient: ApiClient
   private contacts: Set<string> // address which we have connected to
   private knownPublicKeyBundles: Map<string, PublicKeyBundle> // addresses and key bundles that we have witnessed
   private _conversations: Conversations
   private _codecs: Map<string, ContentCodec<any>>
   private _maxContentSize: number
 
-  constructor(keys: PrivateKeyBundle, apiClient: ApiClient) {
+  constructor(keys: PrivateKeyBundleV1, apiClient: ApiClient) {
     this.contacts = new Set<string>()
     this.knownPublicKeyBundles = new Map<string, PublicKeyBundle>()
     this.keys = keys
@@ -487,13 +487,13 @@ function createKeyStoreFromConfig(
 function createNetworkPrivateKeyStore(
   wallet: Signer,
   apiClient: ApiClient
-): EncryptedStore {
-  return new EncryptedStore(wallet, new PrivateTopicStore(apiClient))
+): EncryptedKeyStore {
+  return new EncryptedKeyStore(wallet, new PrivateTopicStore(apiClient))
 }
 
 // Create Encrypted store which uses LocalStorage to store KeyBundles
-function createLocalPrivateKeyStore(wallet: Signer): EncryptedStore {
-  return new EncryptedStore(wallet, new LocalStorageStore())
+function createLocalPrivateKeyStore(wallet: Signer): EncryptedKeyStore {
+  return new EncryptedKeyStore(wallet, new LocalStorageStore())
 }
 
 function createStaticStore(privateKeyOverride: Uint8Array): KeyStore {
@@ -505,15 +505,15 @@ function createStaticStore(privateKeyOverride: Uint8Array): KeyStore {
 async function loadOrCreateKeysFromStore(
   wallet: Signer | null,
   store: KeyStore
-): Promise<PrivateKeyBundle> {
+): Promise<PrivateKeyBundleV1> {
   let keys = await store.loadPrivateKeyBundle()
   if (keys) {
     return keys
   }
   if (!wallet) {
     throw new Error('No wallet found')
   }
-  keys = await PrivateKeyBundle.generate(wallet)
+  keys = await PrivateKeyBundleV1.generate(wallet)
   await store.storePrivateKeyBundle(keys)
   return keys
 }
@@ -565,7 +565,7 @@ async function getUserContactFromNetwork(
 
   for await (const env of stream) {
     if (!env.message) continue
-    const bundle = DecodeContactBundle(b64Decode(env.message.toString()))
+    const bundle = decodeContactBundle(b64Decode(env.message.toString()))
     const keyBundle = bundle.keyBundle
 
     const address = keyBundle?.walletSignatureAddress()

src/ContactBundle.ts

@@ -43,13 +43,19 @@ export class ContactBundleV2 implements contact.ContactBundleV2 {
       },
     }).finish()
   }
+
+  static fromLegacyBundle(bundle: ContactBundleV1): ContactBundleV2 {
+    return new ContactBundleV2({
+      keyBundle: SignedPublicKeyBundle.fromLegacyBundle(bundle.keyBundle),
+    })
+  }
 }
 
 // This is the union of all supported bundle versions.
 export type ContactBundle = ContactBundleV1 | ContactBundleV2
 
 // This is the primary function for reading contact bundles off the wire.
-export function DecodeContactBundle(bytes: Uint8Array): ContactBundle {
+export function decodeContactBundle(bytes: Uint8Array): ContactBundle {
   let cb: contact.ContactBundle
   try {
     cb = contact.ContactBundle.decode(bytes)

src/Message.ts

@@ -3,7 +3,7 @@ import Long from 'long'
 import Ciphertext from './crypto/Ciphertext'
 import {
   PublicKeyBundle,
-  PrivateKeyBundle,
+  PrivateKeyBundleV1,
   PublicKey,
   decrypt,
   encrypt,
@@ -105,7 +105,7 @@ export default class Message implements proto.MessageV1 {
 
   // encrypt and serialize the message
   static async encode(
-    sender: PrivateKeyBundle,
+    sender: PrivateKeyBundleV1,
     recipient: PublicKeyBundle,
     message: Uint8Array,
     timestamp: Date
@@ -137,7 +137,7 @@ export default class Message implements proto.MessageV1 {
   // throws if any part of the messages (including the header) was tampered with
   // or the recipient preKey used to encrypt the message is not recognized
   static async decode(
-    viewer: PrivateKeyBundle,
+    viewer: PrivateKeyBundleV1,
     bytes: Uint8Array
   ): Promise<Message> {
     const message = proto.Message.decode(bytes)