tildefriends/src/ssb.js.c

#include "ssb.js.h"

#include "log.h"
#include "mem.h"
#include "ssb.db.h"
#include "ssb.h"
#include "trace.h"
#include "util.js.h"

#include "sodium/crypto_box.h"
#include "sodium/crypto_scalarmult.h"
#include "sodium/crypto_scalarmult_curve25519.h"
#include "sodium/crypto_scalarmult_ed25519.h"
#include "sodium/crypto_secretbox.h"
#include "sodium/crypto_sign.h"
#include "sodium/randombytes.h"
#include "string.h"
#include "sqlite3.h"
#include "uv.h"

#include <assert.h>
#include <inttypes.h>

#if !defined(_countof)
#define _countof(a) ((int)(sizeof((a)) / sizeof(*(a))))
#endif

static const int k_sql_async_timeout_ms = 60 * 1000;

static JSClassID _tf_ssb_classId;

void _tf_ssb_on_rpc(tf_ssb_connection_t* connection, uint8_t flags, int32_t request_number, JSValue args, const uint8_t* message, size_t size, void* user_data);
static JSValue _tf_ssb_appendMessageWithIdentity(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv);

static JSValue _tf_ssb_createIdentity(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	JSValue result = JS_UNDEFINED;
	if (ssb)
	{
		const char* user = JS_ToCString(context, argv[0]);
		int count = tf_ssb_db_identity_get_count_for_user(ssb, user);
		if (count < 16)
		{
			char public[512];
			char private[512];
			tf_ssb_generate_keys_buffer(public, sizeof(public), private, sizeof(private));
			if (tf_ssb_db_identity_add(ssb, user, public, private))
			{
				char id[513];
				snprintf(id, sizeof(id), "@%s", public);
				result = JS_NewString(context, id);
			}
			else
			{
				result = JS_ThrowInternalError(context, "Unable to add identity.");
			}
		}
		else
		{
			result = JS_ThrowInternalError(context, "Too many identities for user.");
		}
		JS_FreeCString(context, user);
	}
	return result;
}

static JSValue _tf_ssb_addIdentity(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	JSValue result = JS_UNDEFINED;
	if (ssb)
	{
		const char* user = JS_ToCString(context, argv[0]);

		JSValue buffer = JS_UNDEFINED;
		size_t length = 0;
		uint8_t* array = tf_util_try_get_array_buffer(context, &length, argv[1]);
		if (!array)
		{
			size_t offset;
			size_t element_size;
			buffer = tf_util_try_get_typed_array_buffer(context, argv[1], &offset, &length, &element_size);
			if (!JS_IsException(buffer))
			{
				array = tf_util_try_get_array_buffer(context, &length, buffer);
			}
		}

		if (array)
		{
			if (length == crypto_sign_SECRETKEYBYTES / 2)
			{
				uint8_t public_key[crypto_sign_PUBLICKEYBYTES];
				unsigned char seed[crypto_sign_SEEDBYTES];
				uint8_t secret_key[crypto_sign_SECRETKEYBYTES] = { 0 };
				memcpy(secret_key, array, sizeof(secret_key) / 2);
				if (crypto_sign_ed25519_sk_to_seed(seed, secret_key) == 0 &&
					crypto_sign_seed_keypair(public_key, secret_key, seed) == 0)
				{
					char public_key_b64[512];
					tf_base64_encode(public_key, sizeof(public_key), public_key_b64, sizeof(public_key_b64));
					snprintf(public_key_b64 + strlen(public_key_b64), sizeof(public_key_b64) - strlen(public_key_b64), ".ed25519");

					uint8_t combined[crypto_sign_SECRETKEYBYTES];
					memcpy(combined, array, length);
					memcpy(combined + length, public_key, sizeof(public_key));
					char combined_b64[512];
					tf_base64_encode(combined, sizeof(combined), combined_b64, sizeof(combined_b64));
					snprintf(combined_b64 + strlen(combined_b64), sizeof(combined_b64) - strlen(combined_b64), ".ed25519");

					if (tf_ssb_db_identity_add(ssb, user, public_key_b64, combined_b64))
					{
						result = JS_TRUE;
					}
					else
					{
						tf_printf("Unable to add the identity.");
					}
				}
			}
			else
			{
				tf_printf("Unexpected private key size: %zd vs. %d\n", length, crypto_sign_SECRETKEYBYTES);
			}
		}
		else
		{
			tf_printf("didn't find array\n");
		}
		JS_FreeValue(context, buffer);

		JS_FreeCString(context, user);
	}
	else
	{
		tf_printf("no ssb\n");
	}
	return result;
}

static JSValue _tf_ssb_deleteIdentity(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	JSValue result = JS_UNDEFINED;
	if (ssb)
	{
		const char* user = JS_ToCString(context, argv[0]);
		const char* id = JS_ToCString(context, argv[1]);
		if (id && user)
		{
			if (tf_ssb_db_identity_delete(ssb, user, *id == '@' ? id + 1 : id))
			{
				result = JS_TRUE;
			}
		}
		JS_FreeCString(context, id);
		JS_FreeCString(context, user);
	}
	return result;
}

static JSValue _set_server_following_internal(tf_ssb_t* ssb, JSValueConst this_val, JSValue id, JSValue following)
{
	JSContext* context = tf_ssb_get_context(ssb);
	JSValue message = JS_NewObject(context);
	JSValue server_user = JS_NewString(context, ":admin");
	char server_id_buffer[k_id_base64_len] = { 0 };
	tf_ssb_whoami(ssb, server_id_buffer, sizeof(server_id_buffer));
	JSValue server_id = JS_NewString(context, server_id_buffer);
	JS_SetPropertyStr(context, message, "type", JS_NewString(context, "contact"));
	JS_SetPropertyStr(context, message, "contact", JS_DupValue(context, id));
	JS_SetPropertyStr(context, message, "following", JS_DupValue(context, following));
	JSValue args[] =
	{
		server_user,
		server_id,
		message,
	};
	JSValue result = _tf_ssb_appendMessageWithIdentity(context, this_val, _countof(args), args);
	JS_FreeValue(context, server_id);
	JS_FreeValue(context, server_user);
	JS_FreeValue(context, message);
	return result;
}

static JSValue _tf_ssb_set_server_following_me(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	JSValue result = JS_UNDEFINED;
	if (ssb)
	{
		char server_id[k_id_base64_len];
		tf_ssb_whoami(ssb, server_id, sizeof(server_id));
		const char* user = JS_ToCString(context, argv[0]);
		const char* key = JS_ToCString(context, argv[1]);
		if (!tf_ssb_db_identity_get_private_key(ssb, user, key, NULL, 0))
		{
			result = JS_ThrowInternalError(context, "User %s does not own key %s.", user, key);
		}
		else
		{
			const char* server_id_ptr = server_id;
			const char** current_following = tf_ssb_db_following_deep_ids(ssb, &server_id_ptr, 1, 1);
			bool is_following = false;
			for (const char** it = current_following; *it; it++)
			{
				if (strcmp(key, *it) == 0)
				{
					is_following = true;
					break;
				}
			}
			tf_free(current_following);

			bool want_following = JS_ToBool(context, argv[2]);
			if ((want_following && !is_following) || (!want_following && is_following))
			{
				result = _set_server_following_internal(ssb, this_val, argv[1], argv[2]);
			}
		}
		JS_FreeCString(context, key);
		JS_FreeCString(context, user);
	}
	return result;
}

typedef struct _identities_visit_t
{
	JSContext* context;
	JSValue array;
	int count;
} identities_visit_t;

static void _tf_ssb_getIdentities_visit(const char* identity, void* data)
{
	identities_visit_t* state = data;
	char id[k_id_base64_len];
	snprintf(id, sizeof(id), "@%s", identity);
	JS_SetPropertyUint32(state->context, state->array, state->count++, JS_NewString(state->context, id));
}

static JSValue _tf_ssb_getIdentities(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	JSValue result = JS_NewArray(context);
	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	if (ssb)
	{
		const char* user = JS_ToCString(context, argv[0]);
		identities_visit_t state =
		{
			.context = context,
			.array = result,
		};
		tf_ssb_db_identity_visit(ssb, user, _tf_ssb_getIdentities_visit, &state);
		JS_FreeCString(context, user);
	}
	return result;
}

static JSValue _tf_ssb_getPrivateKey(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	JSValue result = JS_UNDEFINED;
	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	const char* user = JS_ToCString(context, argv[0]);
	const char* id = JS_ToCString(context, argv[1]);
	uint8_t private_key[crypto_sign_SECRETKEYBYTES];
	if (tf_ssb_db_identity_get_private_key(ssb, user, id, private_key, sizeof(private_key)))
	{
		result = tf_util_new_uint8_array(context, private_key, sizeof(private_key) / 2);
	}
	JS_FreeCString(context, user);
	JS_FreeCString(context, id);
	return result;
}

static JSValue _tf_ssb_getServerIdentity(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	JSValue result = JS_NewArray(context);
	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	if (ssb)
	{
		char id[k_id_base64_len] = { 0 };
		if (tf_ssb_whoami(ssb, id, sizeof(id)))
		{
			result = JS_NewString(context, id);
		}
	}
	return result;
}

static JSValue _tf_ssb_getAllIdentities(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	JSValue result = JS_NewArray(context);
	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	if (ssb)
	{
		identities_visit_t state =
		{
			.context = context,
			.array = result,
		};
		tf_ssb_db_identity_visit_all(ssb, _tf_ssb_getIdentities_visit, &state);
	}
	return result;
}

typedef struct _append_message_t
{
	JSContext* context;
	JSValue promise[2];
} append_message_t;

static void _tf_ssb_appendMessage_finish(append_message_t* async, bool success, JSValue result)
{
	JSValue error = JS_Call(async->context, success ? async->promise[0] : async->promise[1], JS_UNDEFINED, 1, &result);
	tf_util_report_error(async->context, error);
	JS_FreeValue(async->context, error);
	JS_FreeValue(async->context, async->promise[0]);
	JS_FreeValue(async->context, async->promise[1]);
	tf_free(async);
}

static void _tf_ssb_appendMessageWithIdentity_callback(const char* id, bool verified, bool is_new, void* user_data)
{
	append_message_t* async = user_data;
	JSValue result = JS_UNDEFINED;
	if (verified)
	{
		result = is_new ? JS_TRUE : JS_FALSE;
	}
	_tf_ssb_appendMessage_finish(async, verified, result);
}

static JSValue _tf_ssb_appendMessageWithIdentity(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	append_message_t* async = tf_malloc(sizeof(append_message_t));
	*async = (append_message_t) { .context = context };
	JSValue result = JS_NewPromiseCapability(context, async->promise);

	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	if (ssb)
	{
		const char* user = JS_ToCString(context, argv[0]);
		const char* id = JS_ToCString(context, argv[1]);
		uint8_t private_key[crypto_sign_SECRETKEYBYTES];
		if (tf_ssb_db_identity_get_private_key(ssb, user, id, private_key, sizeof(private_key)))
		{
			tf_ssb_verify_strip_and_store_message(ssb, tf_ssb_sign_message(ssb, id, private_key, argv[2]), _tf_ssb_appendMessageWithIdentity_callback, async);
		}
		else
		{
			_tf_ssb_appendMessage_finish(async, false, JS_ThrowInternalError(context, "Unable to get private key for user %s with identity %s.", user, id));
		}
		JS_FreeCString(context, id);
		JS_FreeCString(context, user);
	}
	else
	{
		_tf_ssb_appendMessage_finish(async, false, JS_ThrowInternalError(context, "No SSB instance."));
	}
	return result;
}

static JSValue _tf_ssb_getMessage(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	JSValue result = JS_NULL;
	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	if (ssb)
	{
		const char* id = JS_ToCString(context, argv[0]);
		int64_t sequence = 0;
		JS_ToInt64(context, &sequence, argv[1]);
		double timestamp = -1.0;
		char* contents = NULL;
		if (tf_ssb_db_get_message_by_author_and_sequence(ssb, id, sequence, NULL, 0, &timestamp, &contents))
		{
			result = JS_NewObject(context);
			JS_SetPropertyStr(context, result, "timestamp", JS_NewFloat64(context, timestamp));
			JS_SetPropertyStr(context, result, "content", JS_NewString(context, contents));
			tf_free(contents);
		}
		JS_FreeCString(context, id);
	}
	return result;
}

static JSValue _tf_ssb_blobGet(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	JSValue result = JS_NULL;
	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	if (ssb)
	{
		const char* id = JS_ToCString(context, argv[0]);
		uint8_t* blob = NULL;
		size_t size = 0;
		if (tf_ssb_db_blob_get(ssb, id, &blob, &size))
		{
			result = JS_NewArrayBufferCopy(context, blob, size);
			tf_free(blob);
		}
		JS_FreeCString(context, id);
	}
	return result;
}

typedef struct _blob_store_t
{
	JSContext* context;
	JSValue promise[2];
	uint8_t* buffer;
} blob_store_t;

void _tf_ssb_blob_store_complete(blob_store_t* store, const char* id)
{
	JSValue result = JS_UNDEFINED;
	if (id)
	{
		JSValue id_value = JS_NewString(store->context, id);
		JSValue result = JS_Call(store->context, store->promise[0], JS_UNDEFINED, 1, &id_value);
		tf_util_report_error(store->context, result);
		JS_FreeValue(store->context, result);
	}
	else
	{
		JSValue result = JS_Call(store->context, store->promise[1], JS_UNDEFINED, 0, NULL);
		tf_util_report_error(store->context, result);
		JS_FreeValue(store->context, result);
	}
	tf_util_report_error(store->context, result);
	JS_FreeValue(store->context, result);
	JS_FreeValue(store->context, store->promise[0]);
	JS_FreeValue(store->context, store->promise[1]);
	tf_free(store->buffer);
	tf_free(store);
}

void _tf_ssb_blob_store_callback(const char* id, bool is_new, void* user_data)
{
	blob_store_t* store = user_data;
	_tf_ssb_blob_store_complete(store, id);
}

static JSValue _tf_ssb_blobStore(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	blob_store_t* store = tf_malloc(sizeof(blob_store_t));
	*store = (blob_store_t) { .context = context };
	JSValue result = JS_NewPromiseCapability(context, store->promise);

	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	if (ssb)
	{
		uint8_t* blob = NULL;
		size_t size = 0;
		if (JS_IsString(argv[0]))
		{
			const char* text = JS_ToCStringLen(context, &size, argv[0]);
			store->buffer = tf_malloc(size);
			memcpy(store->buffer, text, size);
			tf_ssb_db_blob_store_async(ssb, store->buffer, size, _tf_ssb_blob_store_callback, store);
			JS_FreeCString(context, text);
		}
		else if ((blob = tf_util_try_get_array_buffer(context, &size, argv[0])) != 0)
		{
			store->buffer = tf_malloc(size);
			memcpy(store->buffer, blob, size);
			tf_ssb_db_blob_store_async(ssb, store->buffer, size, _tf_ssb_blob_store_callback, store);
		}
		else
		{
			size_t offset;
			size_t element_size;
			JSValue buffer = tf_util_try_get_typed_array_buffer(context, argv[0], &offset, &size, &element_size);
			if (!JS_IsException(buffer))
			{
				blob = tf_util_try_get_array_buffer(context, &size, buffer);
				if (blob)
				{
					store->buffer = tf_malloc(size);
					memcpy(store->buffer, blob, size);
					tf_ssb_db_blob_store_async(ssb, store->buffer, size, _tf_ssb_blob_store_callback, store);
				}
				else
				{
					_tf_ssb_blob_store_complete(store, NULL);
				}
			}
			else
			{
				_tf_ssb_blob_store_complete(store, NULL);
			}
			JS_FreeValue(context, buffer);
		}
	}
	return result;
}

static JSValue _tf_ssb_messageContentGet(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	JSValue result = JS_NULL;
	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	if (ssb)
	{
		const char* id = JS_ToCString(context, argv[0]);
		uint8_t* blob = NULL;
		size_t size = 0;
		if (tf_ssb_db_message_content_get(ssb, id, &blob, &size))
		{
			result = JS_NewArrayBufferCopy(context, blob, size);
			tf_free(blob);
		}
		JS_FreeCString(context, id);
	}
	return result;
}

static JSValue _tf_ssb_connections(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	JSValue result = JS_NULL;
	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	if (ssb)
	{
		tf_ssb_connection_t* connections[32];
		int count = tf_ssb_get_connections(ssb, connections, _countof(connections));

		result = JS_NewArray(context);
		for (int i = 0; i < count; i++)
		{
			char id[k_id_base64_len] = { 0 };
			tf_ssb_connection_t* connection = connections[i];
			JSValue object = JS_NewObject(context);
			tf_ssb_connection_get_id(connection, id, sizeof(id));
			JS_SetPropertyStr(context, object, "id", JS_NewString(context, id));
			JS_SetPropertyStr(context, object, "host", JS_NewString(context, tf_ssb_connection_get_host(connection)));
			JS_SetPropertyStr(context, object, "port", JS_NewInt32(context, tf_ssb_connection_get_port(connection)));
			tf_ssb_connection_t* tunnel = tf_ssb_connection_get_tunnel(connection);
			if (tunnel)
			{
				int tunnel_index = -1;
				for (int j = 0; j < count; j++)
				{
					if (connections[j] == tunnel)
					{
						tunnel_index = j;
						break;
					}
				}
				JS_SetPropertyStr(context, object, "tunnel", JS_NewInt32(context, tunnel_index));
			}
			JS_SetPropertyUint32(context, result, i, object);
		}
	}
	return result;
}

static JSValue _tf_ssb_storedConnections(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	JSValue result = JS_NULL;
	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	if (ssb)
	{
		int count = 0;
		tf_ssb_db_stored_connection_t* connections = tf_ssb_db_get_stored_connections(ssb, &count);
		result = JS_NewArray(context);
		for (int i = 0; i < count; i++)
		{
			JSValue connection = JS_NewObject(context);
			JS_SetPropertyStr(context, connection, "address", JS_NewString(context, connections[i].address));
			JS_SetPropertyStr(context, connection, "port", JS_NewInt32(context, connections[i].port));
			JS_SetPropertyStr(context, connection, "pubkey", JS_NewString(context, connections[i].pubkey));
			JS_SetPropertyUint32(context, result, i, connection);
		}
		tf_free(connections);
	}
	return result;
}

static JSValue _tf_ssb_getConnection(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	const char* id = JS_ToCString(context, argv[0]);
	tf_ssb_connection_t* connection = tf_ssb_connection_get(ssb, id);
	JS_FreeCString(context, id);
	return JS_DupValue(context, tf_ssb_connection_get_object(connection));
}

static JSValue _tf_ssb_closeConnection(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	const char* id = JS_ToCString(context, argv[0]);
	tf_ssb_connection_t* connection = tf_ssb_connection_get(ssb, id);
	if (connection)
	{
		tf_ssb_connection_close(connection);
	}
	JS_FreeCString(context, id);
	return connection ? JS_TRUE : JS_FALSE;
}

typedef struct _sql_work_t
{
	uv_work_t request;
	uv_async_t async;
	uv_timer_t timeout;
	tf_ssb_t* ssb;
	sqlite3* db;
	uv_mutex_t lock;
	const char* query;
	uint8_t* binds;
	size_t binds_count;
	uint8_t* rows;
	size_t rows_count;
	JSValue callback;
	JSValue promise[2];
	int result;
	char* error;
} sql_work_t;

static void _tf_ssb_sql_append(uint8_t** rows, size_t* rows_count, const void* data, size_t size)
{
	*rows = tf_resize_vec(*rows, *rows_count + size);
	memcpy(*rows + *rows_count, data, size);
	*rows_count += size;
}

static void _tf_ssb_sqlAsync_work(uv_work_t* work)
{
	sql_work_t* sql_work = work->data;
	tf_ssb_record_thread_busy(sql_work->ssb, true);
	tf_trace_t* trace = tf_ssb_get_trace(sql_work->ssb);
	tf_trace_begin(trace, "sql_async_work");
	sqlite3* db = tf_ssb_acquire_db_reader_restricted(sql_work->ssb);
	uv_mutex_lock(&sql_work->lock);
	sql_work->db = db;
	uv_mutex_unlock(&sql_work->lock);
	uv_async_send(&sql_work->async);
	sqlite3_stmt* statement = NULL;
	sql_work->result = sqlite3_prepare(db, sql_work->query, -1, &statement, NULL);
	if (sql_work->result == SQLITE_OK)
	{
		const uint8_t* p = sql_work->binds;
		int column = 0;
		while (p < sql_work->binds + sql_work->binds_count)
		{
			switch (*p++)
			{
			case SQLITE_INTEGER:
				{
					int64_t value = 0;
					memcpy(&value, p, sizeof(value));
					sqlite3_bind_int64(statement, column + 1, value);
					p += sizeof(value);
				}
				break;
			case SQLITE_TEXT:
				{
					size_t length = 0;
					memcpy(&length, p, sizeof(length));
					p += sizeof(length);
					sqlite3_bind_text(statement, column + 1, (const char*)p, length, NULL);
					p += length;
				}
				break;
			case SQLITE_NULL:
				sqlite3_bind_null(statement, column + 1);
				break;
			default:
				abort();
			}
			column++;
		}
		int r = SQLITE_OK;
		while ((r = sqlite3_step(statement)) == SQLITE_ROW)
		{
			_tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, &(uint8_t[]) { 'r' }, 1);
			for (int i = 0; i < sqlite3_column_count(statement); i++)
			{
				_tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, &(uint8_t[]) { 'c' }, 1);
				const char* name = sqlite3_column_name(statement, i);
				_tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, name, strlen(name) + 1);
				uint8_t type = sqlite3_column_type(statement, i);
				_tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, &type, sizeof(type));
				switch (type)
				{
				case SQLITE_INTEGER:
					{
						int64_t value = sqlite3_column_int64(statement, i);
						_tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, &value, sizeof(value));
					}
					break;
				case SQLITE_FLOAT:
					{
						double value = sqlite3_column_double(statement, i);
						_tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, &value, sizeof(value));
					}
					break;
				case SQLITE_TEXT:
					{
						size_t bytes = sqlite3_column_bytes(statement, i);
						_tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, &bytes, sizeof(bytes));
						_tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, sqlite3_column_text(statement, i), bytes);
					}
					break;
				case SQLITE_BLOB:
					{
						size_t bytes = sqlite3_column_bytes(statement, i);
						_tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, &bytes, sizeof(bytes));
						_tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, sqlite3_column_blob(statement, i), bytes);
					}
					break;
				case SQLITE_NULL:
					break;
				default:
					abort();
				}
			}
		}
		sql_work->result = r;
		if (r != SQLITE_OK && r != SQLITE_DONE)
		{
			if (sqlite3_is_interrupted(db))
			{
				sql_work->error = tf_strdup("Timed out");
			}
			else
			{
				sql_work->error = tf_strdup(sqlite3_errmsg(db));
			}
		}
		_tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, &(uint8_t[]) { 0 }, 1);
		sqlite3_finalize(statement);
	}
	else
	{
		sql_work->error = tf_strdup(sqlite3_errmsg(db));
	}
	uv_mutex_lock(&sql_work->lock);
	sql_work->db = NULL;
	uv_mutex_unlock(&sql_work->lock);
	tf_ssb_release_db_reader(sql_work->ssb, db);
	tf_ssb_record_thread_busy(sql_work->ssb, false);
	tf_trace_end(trace);
}

static void _tf_ssb_sqlAsync_handle_close(uv_handle_t* handle)
{
	sql_work_t* work = handle->data;
	handle->data = NULL;
	if (!work->async.data &&
		!work->timeout.data)
	{
		tf_free(work);
	}
}

static void _tf_ssb_sqlAsync_destroy(sql_work_t* work)
{
	tf_free(work->binds);
	tf_free(work->error);
	if (work->rows)
	{
		tf_free(work->rows);
	}
	uv_mutex_destroy(&work->lock);
	uv_close((uv_handle_t*)&work->timeout, _tf_ssb_sqlAsync_handle_close);
	uv_close((uv_handle_t*)&work->async, _tf_ssb_sqlAsync_handle_close);
}

static void _tf_ssb_sqlAsync_after_work(uv_work_t* work, int status)
{
	sql_work_t* sql_work = work->data;
	tf_trace_t* trace = tf_ssb_get_trace(sql_work->ssb);
	tf_trace_begin(trace, "sql_async_after_work");
	JSContext* context = tf_ssb_get_context(sql_work->ssb);
	uint8_t* p = sql_work->rows;
	while (p < sql_work->rows + sql_work->rows_count)
	{
		if (*p++ == 'r')
		{
			JSValue row = JS_NewObject(context);

			while (*p == 'c')
			{
				p++;
				const char* column_name = (const char*)p;
				size_t length = strlen((char*)p);
				p += length + 1;

				switch (*p++)
				{
				case SQLITE_INTEGER:
					{
						int64_t value = 0;
						memcpy(&value, p, sizeof(value));
						JS_SetPropertyStr(context, row, column_name, JS_NewInt64(context, value));
						p += sizeof(value);
					}
					break;
				case SQLITE_FLOAT:
					{
						double value = 0.0;
						memcpy(&value, p, sizeof(value));
						JS_SetPropertyStr(context, row, column_name, JS_NewFloat64(context, value));
						p += sizeof(value);
					}
					break;
				case SQLITE_TEXT:
				case SQLITE_BLOB:
					{
						size_t length = 0;
						memcpy(&length, p, sizeof(length));
						p += sizeof(length);
						JS_SetPropertyStr(context, row, column_name, JS_NewStringLen(context, (const char*)p, length));
						p += length;
					}
					break;
				case SQLITE_NULL:
					JS_SetPropertyStr(context, row, column_name, JS_NULL);
					break;
				}
			}

			JSValue response = JS_Call(context, sql_work->callback, JS_UNDEFINED, 1, &row);
			bool is_error = tf_util_report_error(context, response);
			JS_FreeValue(context, response);
			JS_FreeValue(context, row);
			if (is_error)
			{
				break;
			}
		}
		else
		{
			break;
		}
	}

	JSValue result = JS_UNDEFINED;
	if (sql_work->result == SQLITE_OK || sql_work->result == SQLITE_DONE)
	{
		result = JS_Call(context, sql_work->promise[0], JS_UNDEFINED, 0, NULL);
		tf_util_report_error(context, result);
	}
	else
	{
		JSValue error = JS_ThrowInternalError(context, "SQL Error %s: %s", sql_work->error, sql_work->query);
		JSValue exception = JS_GetException(context);
		result = JS_Call(context, sql_work->promise[1], JS_UNDEFINED, 1, &exception);
		tf_util_report_error(context, result);
		JS_FreeValue(context, exception);
		JS_FreeValue(context, error);
	}
	JS_FreeValue(context, result);
	JS_FreeValue(context, sql_work->promise[0]);
	JS_FreeValue(context, sql_work->promise[1]);
	JS_FreeValue(context, sql_work->callback);
	_tf_ssb_sqlAsync_destroy(sql_work);
	tf_trace_end(trace);
}

static void _tf_ssb_sqlAsync_timeout(uv_timer_t* timer)
{
	sql_work_t* work = timer->data;
	uv_mutex_lock(&work->lock);
	if (work->db)
	{
		sqlite3_interrupt(work->db);
	}
	uv_mutex_unlock(&work->lock);
}

static void _tf_ssb_sqlAsync_start_timer(uv_async_t* async)
{
	sql_work_t* work = async->data;
	uv_timer_start(&work->timeout, _tf_ssb_sqlAsync_timeout, k_sql_async_timeout_ms, 0);
}

static JSValue _tf_ssb_sqlAsync(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	const char* query = JS_ToCString(context, argv[0]);
	sql_work_t* work = tf_malloc(sizeof(sql_work_t));
	*work = (sql_work_t)
	{
		.request =
		{
			.data = work,
		},
		.async =
		{
			.data = work,
		},
		.timeout =
		{
			.data = work,
		},
		.ssb = ssb,
		.callback = JS_DupValue(context, argv[2]),
		.query = query,
	};
	uv_mutex_init(&work->lock);
	uv_async_init(tf_ssb_get_loop(ssb), &work->async, _tf_ssb_sqlAsync_start_timer);
	uv_timer_init(tf_ssb_get_loop(ssb), &work->timeout);
	JSValue result = JS_NewPromiseCapability(context, work->promise);
	JSValue error_value = JS_UNDEFINED;
	if (ssb)
	{
		int32_t length = tf_util_get_length(context, argv[1]);
		for (int i = 0; i < length; i++)
		{
			JSValue value = JS_GetPropertyUint32(context, argv[1], i);
			if (JS_IsNumber(value))
			{
				uint8_t type = SQLITE_INTEGER;
				int64_t number = 0;
				JS_ToInt64(context, &number, value);
				_tf_ssb_sql_append(&work->binds, &work->binds_count, &type, sizeof(type));
				_tf_ssb_sql_append(&work->binds, &work->binds_count, &number, sizeof(number));
			}
			else if (JS_IsBool(value))
			{
				uint8_t type = SQLITE_INTEGER;
				int64_t number = JS_ToBool(context, value) ? 1 : 0;
				_tf_ssb_sql_append(&work->binds, &work->binds_count, &type, sizeof(type));
				_tf_ssb_sql_append(&work->binds, &work->binds_count, &number, sizeof(number));
			}
			else if (JS_IsNull(value))
			{
				uint8_t type = SQLITE_NULL;
				_tf_ssb_sql_append(&work->binds, &work->binds_count, &type, sizeof(type));
			}
			else
			{
				uint8_t type = SQLITE_TEXT;
				size_t length = 0;
				const char* string = JS_ToCStringLen(context, &length, value);
				if (!string)
				{
					string = "";
				}
				_tf_ssb_sql_append(&work->binds, &work->binds_count, &type, sizeof(type));
				_tf_ssb_sql_append(&work->binds, &work->binds_count, &length, sizeof(length));
				_tf_ssb_sql_append(&work->binds, &work->binds_count, string, length);
				JS_FreeCString(context, string);
			}
			JS_FreeValue(context, value);
		}
		int r = uv_queue_work(tf_ssb_get_loop(ssb), &work->request, _tf_ssb_sqlAsync_work, _tf_ssb_sqlAsync_after_work);
		if (r)
		{
			error_value = JS_ThrowInternalError(context, "uv_queue_work failed: %s", uv_strerror(r));
		}
	}
	if (!JS_IsUndefined(error_value))
	{
		JSValue call_result = JS_Call(context, work->promise[1], JS_UNDEFINED, 1, &error_value);
		tf_util_report_error(context, call_result);
		JS_FreeValue(context, call_result);
		JS_FreeValue(context, error_value);
		JS_FreeCString(context, query);
		JS_FreeValue(context, work->promise[0]);
		JS_FreeValue(context, work->promise[1]);
		JS_FreeValue(context, work->callback);
		_tf_ssb_sqlAsync_destroy(work);
	}
	return result;
}

typedef struct _message_store_t
{
	JSContext* context;
	JSValue promise[2];
} message_store_t;

void _tf_ssb_message_store_callback(const char* id, bool verified, bool is_new, void* user_data)
{
	message_store_t* store = user_data;
	JSValue result = JS_Call(store->context, id ? store->promise[0] : store->promise[1], JS_UNDEFINED, 0, NULL);
	tf_util_report_error(store->context, result);
	JS_FreeValue(store->context, result);
	JS_FreeValue(store->context, store->promise[0]);
	JS_FreeValue(store->context, store->promise[1]);
	tf_free(store);
}

static JSValue _tf_ssb_storeMessage(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	message_store_t* store = tf_malloc(sizeof(message_store_t));
	*store = (message_store_t) { .context = context };
	JSValue result = JS_NewPromiseCapability(context, store->promise);
	tf_ssb_verify_strip_and_store_message(ssb, argv[0], _tf_ssb_message_store_callback, store);
	return result;
}

typedef struct _broadcasts_t
{
	JSContext* context;
	JSValue array;
	int length;
} broadcasts_t;

static void _tf_ssb_broadcasts_visit(const char* host, const struct sockaddr_in* addr, tf_ssb_connection_t* tunnel, const uint8_t* pub, void* user_data)
{
	broadcasts_t* broadcasts = user_data;
	JSValue entry = JS_NewObject(broadcasts->context);
	char pubkey[k_id_base64_len];
	tf_ssb_id_bin_to_str(pubkey, sizeof(pubkey), pub);
	if (tunnel)
	{
		JS_SetPropertyStr(broadcasts->context, entry, "tunnel", JS_DupValue(broadcasts->context, tf_ssb_connection_get_object(tunnel)));
	}
	else
	{
		JS_SetPropertyStr(broadcasts->context, entry, "address", JS_NewString(broadcasts->context, host));
		JS_SetPropertyStr(broadcasts->context, entry, "port", JS_NewInt32(broadcasts->context, ntohs(addr->sin_port)));
	}
	JS_SetPropertyStr(broadcasts->context, entry, "pubkey", JS_NewString(broadcasts->context, pubkey));
	JS_SetPropertyUint32(broadcasts->context, broadcasts->array, broadcasts->length++, entry);
}

static JSValue _tf_ssb_getBroadcasts(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	JSValue result = JS_UNDEFINED;
	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	if (ssb)
	{
		result = JS_NewArray(context);
		broadcasts_t broadcasts = {
			.context = context,
			.array = result,
			.length = 0,
		};
		tf_ssb_visit_broadcasts(ssb, _tf_ssb_broadcasts_visit, &broadcasts);
	}
	return result;
}

static JSValue _tf_ssb_connect(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	JSValue args = argv[0];
	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	if (ssb)
	{
		if (JS_IsString(args))
		{
			const char* address_str = JS_ToCString(context, args);
			tf_printf("Connecting to %s\n", address_str);
			tf_ssb_connect_str(ssb, address_str);
			JS_FreeCString(context, address_str);
		}
		else
		{
			JSValue address = JS_GetPropertyStr(context, args, "address");
			JSValue port = JS_GetPropertyStr(context, args, "port");
			JSValue pubkey = JS_GetPropertyStr(context, args, "pubkey");
			const char* address_str = JS_ToCString(context, address);
			int32_t port_int = 0;
			JS_ToInt32(context, &port_int, port);
			const char* pubkey_str = JS_ToCString(context, pubkey);
			if (pubkey_str)
			{
				tf_printf("Connecting to %s:%d\n", address_str, port_int);
				uint8_t pubkey_bin[k_id_bin_len];
				tf_ssb_id_str_to_bin(pubkey_bin, pubkey_str);
				tf_ssb_connect(ssb, address_str, port_int, pubkey_bin);
			}
			else
			{
				tf_printf("Not connecting to null.\n");
			}
			JS_FreeCString(context, pubkey_str);
			JS_FreeCString(context, address_str);
			JS_FreeValue(context, address);
			JS_FreeValue(context, port);
			JS_FreeValue(context, pubkey);
		}
	}
	return JS_UNDEFINED;
}

static JSValue _tf_ssb_forgetStoredConnection(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	JSValue args = argv[0];
	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	if (ssb)
	{
		JSValue address = JS_GetPropertyStr(context, args, "address");
		JSValue port = JS_GetPropertyStr(context, args, "port");
		JSValue pubkey = JS_GetPropertyStr(context, args, "pubkey");
		const char* address_str = JS_ToCString(context, address);
		int32_t port_int = 0;
		JS_ToInt32(context, &port_int, port);
		const char* pubkey_str = JS_ToCString(context, pubkey);
		if (pubkey_str)
		{
			tf_ssb_db_forget_stored_connection(ssb, address_str, port_int, pubkey_str);
		}
		JS_FreeCString(context, pubkey_str);
		JS_FreeCString(context, address_str);
		JS_FreeValue(context, address);
		JS_FreeValue(context, port);
		JS_FreeValue(context, pubkey);
	}
	return JS_UNDEFINED;
}

static void _tf_ssb_cleanup_value(tf_ssb_t* ssb, void* user_data)
{
	JSValue callback = JS_MKPTR(JS_TAG_OBJECT, user_data);
	JS_FreeValue(tf_ssb_get_context(ssb), callback);
}

static void _tf_ssb_on_message_added_callback(tf_ssb_t* ssb, const char* id, void* user_data)
{
	JSContext* context = tf_ssb_get_context(ssb);
	JSValue callback = JS_MKPTR(JS_TAG_OBJECT, user_data);
	JSValue string = JS_NewString(context, id);
	JSValue response = JS_Call(context, callback, JS_UNDEFINED, 1, &string);
	if (tf_util_report_error(context, response))
	{
		tf_ssb_remove_message_added_callback(ssb, _tf_ssb_on_message_added_callback, user_data);
	}
	JS_FreeValue(context, response);
	JS_FreeValue(context, string);
}

static void _tf_ssb_on_blob_want_added_callback(tf_ssb_t* ssb, const char* id, void* user_data)
{
	JSContext* context = tf_ssb_get_context(ssb);
	JSValue callback = JS_MKPTR(JS_TAG_OBJECT, user_data);
	JSValue string = JS_NewString(context, id);
	JSValue response = JS_Call(context, callback, JS_UNDEFINED, 1, &string);
	if (tf_util_report_error(context, response))
	{
		tf_ssb_remove_blob_want_added_callback(ssb, _tf_ssb_on_blob_want_added_callback, user_data);
	}
	JS_FreeValue(context, response);
	JS_FreeValue(context, string);
}

static void _tf_ssb_on_connections_changed_callback(tf_ssb_t* ssb, tf_ssb_change_t change, tf_ssb_connection_t* connection, void* user_data)
{
	JSContext* context = tf_ssb_get_context(ssb);
	JSValue callback = JS_MKPTR(JS_TAG_OBJECT, user_data);
	JSValue response = JS_UNDEFINED;
	switch (change)
	{
	case k_tf_ssb_change_create:
		break;
	case k_tf_ssb_change_connect:
		{
			JSValue object = JS_DupValue(context, tf_ssb_connection_get_object(connection));
			JSValue args[] =
			{
				JS_NewString(context, "add"),
				object,
			};
			response = JS_Call(context, callback, JS_UNDEFINED, 2, args);
			if (tf_util_report_error(context, response))
			{
				tf_ssb_remove_connections_changed_callback(ssb, _tf_ssb_on_connections_changed_callback, user_data);
			}
			JS_FreeValue(context, args[0]);
			JS_FreeValue(context, object);
		}
		break;
	case k_tf_ssb_change_remove:
		{
			JSValue object = JS_DupValue(context, tf_ssb_connection_get_object(connection));
			JSValue args[] =
			{
				JS_NewString(context, "remove"),
				object,
			};
			response = JS_Call(context, callback, JS_UNDEFINED, 2, args);
			if (tf_util_report_error(context, response))
			{
				tf_ssb_remove_connections_changed_callback(ssb, _tf_ssb_on_connections_changed_callback, user_data);
			}
			JS_FreeValue(context, args[0]);
			JS_FreeValue(context, object);
		}
		break;
	}
	JS_FreeValue(context, response);
}

static void _tf_ssb_on_broadcasts_changed_callback(tf_ssb_t* ssb, void* user_data)
{
	JSContext* context = tf_ssb_get_context(ssb);
	JSValue callback = JS_MKPTR(JS_TAG_OBJECT, user_data);
	JSValue argv = JS_UNDEFINED;
	JSValue response = JS_Call(context, callback, JS_UNDEFINED, 1, &argv);
	if (tf_util_report_error(context, response))
	{
		tf_ssb_remove_broadcasts_changed_callback(ssb, _tf_ssb_on_broadcasts_changed_callback, user_data);
	}
	JS_FreeValue(context, response);
}

static JSValue _tf_ssb_add_event_listener(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	const char* event_name = JS_ToCString(context, argv[0]);
	JSValue callback = argv[1];
	JSValue result = JS_UNDEFINED;

	if (!event_name)
	{
		result = JS_ThrowTypeError(context, "Expected argument 1 to be a string event name.");
	}
	else if (!JS_IsFunction(context, callback))
	{
		result = JS_ThrowTypeError(context, "Expected argument 2 to be a function.");
	}
	else
	{
		if (strcmp(event_name, "connections") == 0)
		{
			void* ptr = JS_VALUE_GET_PTR(JS_DupValue(context, callback));
			tf_ssb_add_connections_changed_callback(ssb, _tf_ssb_on_connections_changed_callback, _tf_ssb_cleanup_value, ptr);
		}
		else if (strcmp(event_name, "broadcasts") == 0)
		{
			void* ptr = JS_VALUE_GET_PTR(JS_DupValue(context, callback));
			tf_ssb_add_broadcasts_changed_callback(ssb, _tf_ssb_on_broadcasts_changed_callback, _tf_ssb_cleanup_value, ptr);
		}
		else if (strcmp(event_name, "message") == 0)
		{
			void* ptr = JS_VALUE_GET_PTR(JS_DupValue(context, callback));
			tf_ssb_add_message_added_callback(ssb, _tf_ssb_on_message_added_callback, _tf_ssb_cleanup_value, ptr);
		}
		else if (strcmp(event_name, "blob_want_added") == 0)
		{
			void* ptr = JS_VALUE_GET_PTR(JS_DupValue(context, callback));
			tf_ssb_add_blob_want_added_callback(ssb, _tf_ssb_on_blob_want_added_callback, _tf_ssb_cleanup_value, ptr);
		}
	}

	JS_FreeCString(context, event_name);
	return result;
}

static JSValue _tf_ssb_remove_event_listener(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	const char* event_name = JS_ToCString(context, argv[0]);
	JSValue callback = argv[1];
	JSValue result = JS_UNDEFINED;

	if (!event_name)
	{
		result = JS_ThrowTypeError(context, "Expected argument 1 to be a string event name.");
	}
	else if (!JS_IsFunction(context, callback))
	{
		result = JS_ThrowTypeError(context, "Expected argument 2 to be a function.");
	}
	else
	{
		if (strcmp(event_name, "connections") == 0)
		{
			void* ptr = JS_VALUE_GET_PTR(JS_DupValue(context, callback));
			tf_ssb_remove_connections_changed_callback(ssb, _tf_ssb_on_connections_changed_callback, ptr);
		}
		else if (strcmp(event_name, "broadcasts") == 0)
		{
			void* ptr = JS_VALUE_GET_PTR(JS_DupValue(context, callback));
			tf_ssb_remove_broadcasts_changed_callback(ssb, _tf_ssb_on_broadcasts_changed_callback, ptr);
		}
		else if (strcmp(event_name, "message") == 0)
		{
			void* ptr = JS_VALUE_GET_PTR(JS_DupValue(context, callback));
			tf_ssb_remove_message_added_callback(ssb, _tf_ssb_on_message_added_callback, ptr);
		}
		else if (strcmp(event_name, "blob_want_added") == 0)
		{
			void* ptr = JS_VALUE_GET_PTR(JS_DupValue(context, callback));
			tf_ssb_remove_blob_want_added_callback(ssb, _tf_ssb_on_blob_want_added_callback, ptr);
		}
	}

	JS_FreeCString(context, event_name);
	return result;
}

static JSValue _tf_ssb_hmacsha256_sign(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	JSValue result = JS_UNDEFINED;
	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);

	size_t payload_length = 0;
	const char* payload = JS_ToCStringLen(context, &payload_length, argv[0]);
	const char* user = JS_ToCString(context, argv[1]);
	const char* public_key = JS_ToCString(context, argv[2]);

	uint8_t private_key[crypto_sign_SECRETKEYBYTES];
	if (tf_ssb_db_identity_get_private_key(ssb, user, public_key, private_key, sizeof(private_key)))
	{
		uint8_t signature[crypto_sign_BYTES];
		unsigned long long siglen;
		if (crypto_sign_detached(signature, &siglen, (const uint8_t*)payload, payload_length, private_key) == 0)
		{
			char signature_base64[crypto_sign_BYTES * 2];
			tf_base64_encode(signature, sizeof(signature), signature_base64, sizeof(signature_base64));
			result = JS_NewString(context, signature_base64);
		}
	}
	else
	{
		result = JS_ThrowInternalError(context, "Private key not found.");
	}

	JS_FreeCString(context, public_key);
	JS_FreeCString(context, user);
	JS_FreeCString(context, payload);

	return result;
}

static JSValue _tf_ssb_hmacsha256_verify(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	JSValue result = JS_UNDEFINED;

	size_t public_key_length = 0;
	const char* public_key = JS_ToCStringLen(context, &public_key_length, argv[0]);
	size_t payload_length = 0;
	const char* payload = JS_ToCStringLen(context, &payload_length, argv[1]);
	size_t signature_length = 0;
	const char* signature = JS_ToCStringLen(context, &signature_length, argv[2]);

	const char* public_key_start = public_key && *public_key == '@' ? public_key + 1 : public_key;
	const char* public_key_end = public_key_start ? strstr(public_key_start, ".ed25519") : NULL;
	if (public_key_start && !public_key_end)
	{
		public_key_end = public_key_start + strlen(public_key_start);
	}

	uint8_t bin_public_key[crypto_sign_PUBLICKEYBYTES] = { 0 };
	if (tf_base64_decode(public_key_start, public_key_end - public_key_start, bin_public_key, sizeof(bin_public_key)) > 0)
	{
		uint8_t bin_signature[crypto_sign_BYTES] = { 0 };
		if (tf_base64_decode(signature, signature_length, bin_signature, sizeof(bin_signature)) > 0)
		{
			if (crypto_sign_verify_detached(bin_signature, (const uint8_t*)payload, payload_length, bin_public_key) == 0)
			{
				result = JS_TRUE;
			}
		}
	}

	JS_FreeCString(context, signature);
	JS_FreeCString(context, payload);
	JS_FreeCString(context, public_key);

	return result;
}

static JSValue _tf_ssb_createTunnel(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	JSValue result = JS_UNDEFINED;
	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	const char* portal_id = JS_ToCString(context, argv[0]);
	const char* target_id = JS_ToCString(context, argv[1]);

	tf_ssb_connection_t* connection = tf_ssb_connection_get(ssb, portal_id);
	if (connection)
	{
		int32_t request_number = tf_ssb_connection_next_request_number(connection);
		JSValue message = JS_NewObject(context);
		JSValue name = JS_NewArray(context);
		JS_SetPropertyUint32(context, name, 0, JS_NewString(context, "tunnel"));
		JS_SetPropertyUint32(context, name, 1, JS_NewString(context, "connect"));
		JS_SetPropertyStr(context, message, "name", name);
		JSValue arg = JS_NewObject(context);
		JS_SetPropertyStr(context, arg, "portal", JS_NewString(context, portal_id));
		JS_SetPropertyStr(context, arg, "target", JS_NewString(context, target_id));
		JSValue args = JS_NewArray(context);
		JS_SetPropertyUint32(context, args, 0, arg);
		JS_SetPropertyStr(context, message, "args", args);
		JS_SetPropertyStr(context, message, "type", JS_NewString(context, "duplex"));
		tf_ssb_connection_rpc_send_json(connection, k_ssb_rpc_flag_stream | k_ssb_rpc_flag_new_request, request_number, message, NULL, NULL, NULL);
		JS_FreeValue(context, message);

		tf_ssb_connection_tunnel_create(ssb, portal_id, request_number, target_id);
		result = JS_TRUE;
	}

	JS_FreeCString(context, target_id);
	JS_FreeCString(context, portal_id);
	return result;
}

enum { k_max_private_message_recipients = 8 };

static bool _tf_ssb_get_private_key_curve25519(sqlite3* db, const char* user, const char* identity, uint8_t out_private_key[static crypto_sign_SECRETKEYBYTES])
{
	if (!user || !identity || !out_private_key)
	{
		tf_printf("user=%p identity=%p out_private_key=%p\n", user, identity, out_private_key);
		return false;
	}

	bool success = false;
	sqlite3_stmt* statement = NULL;
	if (sqlite3_prepare(db, "SELECT private_key FROM identities WHERE user = ? AND public_key = ?", -1, &statement, NULL) == SQLITE_OK)
	{
		if (sqlite3_bind_text(statement, 1, user, -1, NULL) == SQLITE_OK &&
			sqlite3_bind_text(statement, 2, *identity == '@' ? identity + 1 : identity, -1, NULL) == SQLITE_OK)
		{
			while (sqlite3_step(statement) == SQLITE_ROW)
			{
				uint8_t key[crypto_sign_SECRETKEYBYTES] = { 0 };
				int length = tf_base64_decode(
					(const char*)sqlite3_column_text(statement, 0),
					sqlite3_column_bytes(statement, 0) - strlen(".ed25519"),
					key,
					sizeof(key));
				if (length == crypto_sign_SECRETKEYBYTES)
				{
					success = crypto_sign_ed25519_sk_to_curve25519(out_private_key, key) == 0;
				}
			}
		}
		sqlite3_finalize(statement);
	}
	return success;
}

static JSValue _tf_ssb_private_message_encrypt(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	JSValue result = JS_UNDEFINED;
	int recipient_count = tf_util_get_length(context, argv[2]);
	if (recipient_count < 1 || recipient_count > k_max_private_message_recipients)
	{
		return JS_ThrowRangeError(context, "Number of recipients must be between 1 and %d.", k_max_private_message_recipients);
	}

	const char* signer_user = JS_ToCString(context, argv[0]);
	const char* signer_identity = JS_ToCString(context, argv[1]);
	uint8_t recipients[k_max_private_message_recipients][crypto_scalarmult_curve25519_SCALARBYTES];
	size_t message_size = 0;
	const char* message = JS_ToCStringLen(context, &message_size, argv[3]);
	for (int i = 0; i < recipient_count && JS_IsUndefined(result); i++)
	{
		JSValue recipient = JS_GetPropertyUint32(context, argv[2], i);
		const char* id = JS_ToCString(context, recipient);
		if (id)
		{
			const char* type = strstr(id, ".ed25519");
			const char* id_start = *id == '@' ? id + 1 : id;
			uint8_t key[crypto_box_PUBLICKEYBYTES] = { 0 };
			if (tf_base64_decode(id_start, type ? (size_t)(type - id_start) : strlen(id_start), key, sizeof(key)) != sizeof(key))
			{
				result = JS_ThrowInternalError(context, "Invalid recipient: %s.\n", id);
			}
			else if (crypto_sign_ed25519_pk_to_curve25519(recipients[i], key) != 0)
			{
				result = JS_ThrowInternalError(context, "Failed to convert recipient ID.\n");
			}
			JS_FreeCString(context, id);
		}
		JS_FreeValue(context, recipient);
	}

	if (JS_IsUndefined(result))
	{
		tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
		uint8_t private_key[crypto_sign_SECRETKEYBYTES] = { 0 };

		sqlite3* db = tf_ssb_acquire_db_reader(ssb);
		bool found = _tf_ssb_get_private_key_curve25519(db, signer_user, signer_identity, private_key);
		tf_ssb_release_db_reader(ssb, db);

		if (found)
		{
			uint8_t public_key[crypto_box_PUBLICKEYBYTES] = { 0 };
			uint8_t secret_key[crypto_box_SECRETKEYBYTES] = { 0 };
			uint8_t nonce[crypto_box_NONCEBYTES] = { 0 };
			uint8_t body_key[crypto_box_SECRETKEYBYTES] = { 0 };
			crypto_box_keypair(public_key, secret_key);
			randombytes_buf(nonce, sizeof(nonce));
			randombytes_buf(body_key, sizeof(body_key));

			uint8_t length_and_key[1 + sizeof(body_key)];
			length_and_key[0] = (uint8_t)recipient_count;
			memcpy(length_and_key + 1, body_key, sizeof(body_key));

			size_t payload_size = sizeof(nonce) +
				sizeof(public_key) +
				(crypto_secretbox_MACBYTES + sizeof(length_and_key)) * recipient_count +
				crypto_secretbox_MACBYTES + message_size;

			uint8_t* payload = tf_malloc(payload_size);

			uint8_t* p = payload;
			memcpy(p, nonce, sizeof(nonce));
			p += sizeof(nonce);

			memcpy(p, public_key, sizeof(public_key));
			p += sizeof(public_key);

			for (int i = 0; i < recipient_count && JS_IsUndefined(result); i++)
			{
				uint8_t shared_secret[crypto_secretbox_KEYBYTES] = { 0 };
				if (crypto_scalarmult(shared_secret, secret_key, recipients[i]) == 0)
				{
					if (crypto_secretbox_easy(p, length_and_key, sizeof(length_and_key), nonce, shared_secret) != 0)
					{
						result = JS_ThrowInternalError(context, "crypto_secretbox_easy failed");
					}
					else
					{
						p += crypto_secretbox_MACBYTES + sizeof(length_and_key);
					}
				}
				else
				{
					result = JS_ThrowInternalError(context, "crypto_scalarmult failed");
				}
			}

			if (JS_IsUndefined(result))
			{
				if (crypto_secretbox_easy(p, (const uint8_t*)message, message_size, nonce, body_key) != 0)
				{
					result = JS_ThrowInternalError(context, "crypto_secretbox_easy failed for the message.\n");
				}
				else
				{
					p += crypto_secretbox_MACBYTES + message_size;
					assert((size_t)(p - payload) == payload_size);

					char* encoded = tf_malloc(payload_size * 2 + 5);
					size_t encoded_length = tf_base64_encode(payload, payload_size, encoded, payload_size * 2 + 5);
					memcpy(encoded + encoded_length, ".box", 5);
					encoded_length += 4;
					result = JS_NewStringLen(context, encoded, encoded_length);
					tf_free(encoded);
				}
			}
			tf_free(payload);
		}
		else
		{
			result = JS_ThrowInternalError(context, "Unable to get key for ID %s of user %s.", signer_identity, signer_user);
		}
	}

	JS_FreeCString(context, signer_user);
	JS_FreeCString(context, signer_identity);
	JS_FreeCString(context, message);
	return result;

}

static JSValue _tf_ssb_private_message_decrypt(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	JSValue result = JS_UNDEFINED;
	const char* user = JS_ToCString(context, argv[0]);
	const char* identity = JS_ToCString(context, argv[1]);
	size_t message_size = 0;
	const char* message = JS_ToCStringLen(context, &message_size, argv[2]);

	uint8_t private_key[crypto_sign_SECRETKEYBYTES] = { 0 };

	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	sqlite3* db = tf_ssb_acquire_db_reader(ssb);
	bool found = _tf_ssb_get_private_key_curve25519(db, user, identity, private_key);
	tf_ssb_release_db_reader(ssb, db);

	if (found)
	{
		uint8_t* decoded = tf_malloc(message_size);
		int decoded_length = tf_base64_decode(message, message_size - strlen(".box"), decoded, message_size);
		uint8_t* nonce = decoded;
		uint8_t* public_key = decoded + crypto_box_NONCEBYTES;
		if (public_key + crypto_secretbox_KEYBYTES < decoded + decoded_length)
		{
			uint8_t shared_secret[crypto_secretbox_KEYBYTES] = { 0 };
			if (crypto_scalarmult(shared_secret, private_key, public_key) == 0)
			{
				enum { k_recipient_header_bytes = crypto_secretbox_MACBYTES + sizeof(uint8_t) + crypto_secretbox_KEYBYTES };
				for (uint8_t* p = decoded + crypto_box_NONCEBYTES + crypto_secretbox_KEYBYTES; p <= decoded + decoded_length - k_recipient_header_bytes; p += k_recipient_header_bytes)
				{
					uint8_t out[k_recipient_header_bytes] = { 0 };
					int opened = crypto_secretbox_open_easy(out, p, k_recipient_header_bytes, nonce, shared_secret);
					if (opened != -1)
					{
						int recipients = (int)out[0];
						uint8_t* body = decoded + crypto_box_NONCEBYTES + crypto_secretbox_KEYBYTES + k_recipient_header_bytes * recipients;
						size_t body_size = decoded + decoded_length - body;
						uint8_t* decrypted = tf_malloc(body_size);
						uint8_t* key = out + 1;
						if (crypto_secretbox_open_easy(decrypted, body, body_size, nonce, key) != -1)
						{
							result = JS_NewStringLen(context, (const char*)decrypted, body_size - crypto_secretbox_MACBYTES);
						}
						else
						{
							result = JS_ThrowInternalError(context, "Received key to open secret box containing message body, but it did not work.");
						}
						tf_free(decrypted);
					}
				}
			}
			else
			{
				result = JS_ThrowInternalError(context, "crypto_scalarmult failed.");
			}
		}
		else
		{
			result = JS_ThrowInternalError(context, "Encrypted message was not long enough to contains its one-time public key.");
		}
		tf_free(decoded);
	}
	else
	{
		result = JS_ThrowInternalError(context, "Private key not found for user %s with id %s.", user, identity);
	}

	JS_FreeCString(context, user);
	JS_FreeCString(context, identity);
	JS_FreeCString(context, message);

	return result;
}

typedef struct _following_t
{
	uv_work_t work;
	tf_ssb_t* ssb;
	JSContext* context;
	JSValue promise[2];

	tf_ssb_following_t* out_following;

	int depth;
	int ids_count;
	const char* ids[];
} following_t;

static void _tf_ssb_following_work(uv_work_t* work)
{
	following_t* following = work->data;
	tf_ssb_record_thread_busy(following->ssb, true);
	following->out_following = tf_ssb_db_following_deep(following->ssb, following->ids, following->ids_count, following->depth);
	tf_ssb_record_thread_busy(following->ssb, false);
}

static void _tf_ssb_following_after_work(uv_work_t* work, int status)
{
	following_t* following = work->data;
	JSContext* context = following->context;
	if (status == 0)
	{
		JSValue object = JS_NewObject(context);
		for (int i = 0; *following->out_following[i].id; i++)
		{
			JSValue entry = JS_NewObject(context);
			JS_SetPropertyStr(context, entry, "of", JS_NewInt32(context, following->out_following[i].following_count));
			JS_SetPropertyStr(context, entry, "ob", JS_NewInt32(context, following->out_following[i].blocking_count));
			JS_SetPropertyStr(context, entry, "if", JS_NewInt32(context, following->out_following[i].followed_by_count));
			JS_SetPropertyStr(context, entry, "ib", JS_NewInt32(context, following->out_following[i].blocked_by_count));
			JS_SetPropertyStr(context, object, following->out_following[i].id, entry);
		}
		JSValue result = JS_Call(context, following->promise[0], JS_UNDEFINED, 1, &object);
		tf_util_report_error(context, result);
		JS_FreeValue(context, result);
		JS_FreeValue(context, object);
	}
	else
	{
		char buffer[256];
		uv_strerror_r(status, buffer, sizeof(buffer));
		JSValue message = JS_NewString(context, buffer);
		JSValue result = JS_Call(context, following->promise[1], JS_UNDEFINED, 1, &message);
		tf_util_report_error(context, result);
		JS_FreeValue(context, result);
		JS_FreeValue(context, message);
	}

	for (int i = 0; i < following->ids_count; i++)
	{
		tf_free((void*)following->ids[i]);
	}
	tf_free(following->out_following);
	tf_free(following);
}

static JSValue _tf_ssb_following(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId);
	int ids_count = tf_util_get_length(context, argv[0]);

	following_t* following = tf_malloc(sizeof(following_t) + sizeof(char*) * ids_count);
	*following = (following_t)
	{
		.work =
		{
			.data = following,
		},
		.context = context,
		.ssb = ssb,
	};
	JS_ToInt32(context, &following->depth, argv[1]);

	JSValue result = JS_NewPromiseCapability(context, following->promise);

	for (int i = 0; i < ids_count; i++)
	{
		JSValue id_value = JS_GetPropertyUint32(context, argv[0], i);
		if (!JS_IsUndefined(id_value))
		{
			const char* id_string = JS_ToCString(context, id_value);
			following->ids[following->ids_count++] = tf_strdup(id_string);
			JS_FreeCString(context, id_string);
			JS_FreeValue(context, id_value);
		}
	}

	int r = uv_queue_work(tf_ssb_get_loop(ssb), &following->work, _tf_ssb_following_work, _tf_ssb_following_after_work);
	if (r)
	{
		_tf_ssb_following_after_work(&following->work, r);
	}
	return result;
}

void tf_ssb_register(JSContext* context, tf_ssb_t* ssb)
{
	JS_NewClassID(&_tf_ssb_classId);
	JSClassDef def =
	{
		.class_name = "ssb",
	};
	if (JS_NewClass(JS_GetRuntime(context), _tf_ssb_classId, &def) != 0)
	{
		fprintf(stderr, "Failed to register ssb.\n");
	}

	JSValue global = JS_GetGlobalObject(context);
	JSValue object = JS_NewObjectClass(context, _tf_ssb_classId);
	JS_SetPropertyStr(context, global, "ssb", object);
	JS_SetOpaque(object, ssb);

	/* Requires an identity. */
	JS_SetPropertyStr(context, object, "createIdentity", JS_NewCFunction(context, _tf_ssb_createIdentity, "createIdentity", 1));
	JS_SetPropertyStr(context, object, "addIdentity", JS_NewCFunction(context, _tf_ssb_addIdentity, "addIdentity", 2));
	JS_SetPropertyStr(context, object, "deleteIdentity", JS_NewCFunction(context, _tf_ssb_deleteIdentity, "deleteIdentity", 2));
	JS_SetPropertyStr(context, object, "setServerFollowingMe", JS_NewCFunction(context, _tf_ssb_set_server_following_me, "setServerFollowingMe", 3));
	JS_SetPropertyStr(context, object, "getIdentities", JS_NewCFunction(context, _tf_ssb_getIdentities, "getIdentities", 1));
	JS_SetPropertyStr(context, object, "getPrivateKey", JS_NewCFunction(context, _tf_ssb_getPrivateKey, "getPrivateKey", 2));
	JS_SetPropertyStr(context, object, "hmacsha256sign", JS_NewCFunction(context, _tf_ssb_hmacsha256_sign, "hmacsha256sign", 3));
	JS_SetPropertyStr(context, object, "hmacsha256verify", JS_NewCFunction(context, _tf_ssb_hmacsha256_verify, "hmacsha256verify", 3));
	JS_SetPropertyStr(context, object, "privateMessageEncrypt", JS_NewCFunction(context, _tf_ssb_private_message_encrypt, "privateMessageEncrypt", 4));
	JS_SetPropertyStr(context, object, "privateMessageDecrypt", JS_NewCFunction(context, _tf_ssb_private_message_decrypt, "privateMessageDecrypt", 3));
	/* Write. */
	JS_SetPropertyStr(context, object, "appendMessageWithIdentity", JS_NewCFunction(context, _tf_ssb_appendMessageWithIdentity, "appendMessageWithIdentity", 3));

	/* Does not require an identity. */
	JS_SetPropertyStr(context, object, "getServerIdentity", JS_NewCFunction(context, _tf_ssb_getServerIdentity, "getServerIdentity", 0));
	JS_SetPropertyStr(context, object, "getAllIdentities", JS_NewCFunction(context, _tf_ssb_getAllIdentities, "getAllIdentities", 0));
	JS_SetPropertyStr(context, object, "getMessage", JS_NewCFunction(context, _tf_ssb_getMessage, "getMessage", 2));
	JS_SetPropertyStr(context, object, "blobGet", JS_NewCFunction(context, _tf_ssb_blobGet, "blobGet", 1));
	JS_SetPropertyStr(context, object, "messageContentGet", JS_NewCFunction(context, _tf_ssb_messageContentGet, "messageContentGet", 1));
	JS_SetPropertyStr(context, object, "connections", JS_NewCFunction(context, _tf_ssb_connections, "connections", 0));
	JS_SetPropertyStr(context, object, "storedConnections", JS_NewCFunction(context, _tf_ssb_storedConnections, "storedConnections", 0));
	JS_SetPropertyStr(context, object, "getConnection", JS_NewCFunction(context, _tf_ssb_getConnection, "getConnection", 1));
	JS_SetPropertyStr(context, object, "closeConnection", JS_NewCFunction(context, _tf_ssb_closeConnection, "closeConnection", 1));
	JS_SetPropertyStr(context, object, "forgetStoredConnection", JS_NewCFunction(context, _tf_ssb_forgetStoredConnection, "forgetStoredConnection", 1));
	JS_SetPropertyStr(context, object, "sqlAsync", JS_NewCFunction(context, _tf_ssb_sqlAsync, "sqlAsync", 3));
	JS_SetPropertyStr(context, object, "getBroadcasts", JS_NewCFunction(context, _tf_ssb_getBroadcasts, "getBroadcasts", 0));
	JS_SetPropertyStr(context, object, "connect", JS_NewCFunction(context, _tf_ssb_connect, "connect", 1));
	JS_SetPropertyStr(context, object, "createTunnel", JS_NewCFunction(context, _tf_ssb_createTunnel, "createTunnel", 3));
	JS_SetPropertyStr(context, object, "following", JS_NewCFunction(context, _tf_ssb_following, "following", 2));
	/* Write. */
	JS_SetPropertyStr(context, object, "storeMessage", JS_NewCFunction(context, _tf_ssb_storeMessage, "storeMessage", 1));
	JS_SetPropertyStr(context, object, "blobStore", JS_NewCFunction(context, _tf_ssb_blobStore, "blobStore", 1));

	/* Should be trusted only. */
	JS_SetPropertyStr(context, object, "addEventListener", JS_NewCFunction(context, _tf_ssb_add_event_listener, "addEventListener", 2));
	JS_SetPropertyStr(context, object, "removeEventListener", JS_NewCFunction(context, _tf_ssb_remove_event_listener, "removeEventListener", 2));

	JS_FreeValue(context, global);
}