feat: implement CookieBridge M1 — core protocol & relay server

- Protocol spec: encrypted envelope format, device identity (Ed25519 + X25519), LWW conflict resolution with Lamport clocks - E2E encryption: XChaCha20-Poly1305 via sodium-native, X25519 key exchange - WebSocket relay server: stateless message forwarding, device auth via challenge-response, offline message queuing, ping/pong keepalive - Device pairing: time-limited pairing codes, key exchange broker via HTTP - Sync protocol: envelope builder/opener, conflict-resolving cookie store - 31 tests passing (crypto, pairing, conflict resolution, full integration) Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-03-17 14:56:01 +08:00
commit 4326276505
24 changed files with 3847 additions and 0 deletions
--- a/src/index.ts
+++ b/src/index.ts
@@ -0,0 +1,39 @@
+export { RelayServer } from "./relay/index.js";
+export type { RelayServerConfig } from "./relay/index.js";
+
+export {
+  generateKeyPair,
+  deviceIdFromKeys,
+  serializeKeyPair,
+  deserializeKeyPair,
+  deriveSharedKey,
+  encrypt,
+  decrypt,
+  sign,
+  verify,
+  buildSignablePayload,
+} from "./crypto/index.js";
+export type { DeviceKeyPair, SerializedKeyPair } from "./crypto/index.js";
+
+export { PairingStore, generatePairingCode } from "./pairing/index.js";
+export type { PairingSession } from "./pairing/index.js";
+
+export { buildEnvelope, openEnvelope, CookieStore } from "./sync/index.js";
+
+export {
+  PROTOCOL_VERSION,
+  MESSAGE_TYPES,
+  MAX_OFFLINE_QUEUE,
+  PAIRING_CODE_LENGTH,
+  PAIRING_TTL_MS,
+} from "./protocol/spec.js";
+export type {
+  Envelope,
+  MessageType,
+  CookieEntry,
+  CookieSyncPayload,
+  PairingRequest,
+  PairingAccept,
+  PairingResult,
+  DeviceInfo,
+} from "./protocol/spec.js";