loa_core/

identity.rs

//! Agent Identity Management
//!
//! Handles Ed25519 keypairs for signing and X25519 keypairs for encryption.
//!
//! # Key Usage
//! - **Ed25519**: Currently used for heartbeat authentication (signing messages)
//! - **X25519**: Reserved for future encrypted agent-to-agent communication
//!   (encrypted metrics, encrypted commands, etc.). The API stores both public
//!   keys but only validates Ed25519 signatures currently.

use crate::{Error, Result};
use libp2p_identity::{ed25519, Keypair, PeerId};
use once_cell::sync::OnceCell;
use rand::rngs::OsRng;
use serde::{Deserialize, Serialize};
use std::{fs, path::Path, path::PathBuf, sync::Arc};
use x25519_dalek::{PublicKey as X25519PublicKey, StaticSecret as X25519SecretKey};

/// Lightweight agent information that can be read without starting the runtime.
///
/// Use this for CLI info commands, status checks, or any scenario where you need
/// agent metadata without spawning the full actor system.
#[derive(Debug, Clone)]
pub struct AgentInfo {
    /// Unique agent identifier derived from Ed25519 public key
    pub peer_id: PeerId,
    /// Human-readable agent name (truncated peer_id)
    pub name: String,
    /// Path to agent storage directory
    pub storage_path: PathBuf,
    /// Dashboard URL for this agent
    pub dashboard_url: String,
    /// Ed25519 public key in hex format
    pub ed25519_public_key_hex: String,
    /// X25519 public key in hex format (for future encrypted communication)
    pub x25519_public_key_hex: String,
    /// Workspace claim token if agent is claimed
    pub claim_token: Option<String>,
}

impl AgentInfo {
    /// Read agent info from storage without starting the runtime.
    ///
    /// This is a lightweight operation that only reads files from disk.
    /// No actors, databases, or network connections are started.
    ///
    /// # Arguments
    ///
    /// * `storage_path` - Path to the agent's storage directory
    ///
    /// # Returns
    ///
    /// Returns `AgentInfo` if the identity file exists, or an error if the
    /// agent has not been initialized yet.
    ///
    /// # Example
    ///
    /// ```no_run
    /// use elo::AgentInfo;
    /// use std::path::Path;
    ///
    /// let info = AgentInfo::read(Path::new("/var/lib/loa"))?;
    /// println!("Agent: {} ({})", info.name, info.peer_id);
    /// println!("Dashboard: {}", info.dashboard_url);
    /// # Ok::<(), elo::Error>(())
    /// ```
    pub fn read(storage_path: &Path) -> Result<Self> {
        let identity_path = storage_path.join("agent_id.key");

        if !identity_path.exists() {
            return Err(Error::Config(format!(
                "Agent not initialized. No identity found at {}",
                identity_path.display()
            )));
        }

        // Load identity (this doesn't start any actors)
        let identity = AgentIdentity::from_file_or_generate_new(&identity_path)?;

        // Read claim token if it exists
        let claim_token_path = storage_path.join("claim_token");
        let claim_token = if claim_token_path.exists() {
            fs::read_to_string(&claim_token_path)
                .ok()
                .map(|s| s.trim().to_string())
                .filter(|s| !s.is_empty())
        } else {
            None
        };

        let peer_id = identity.peer_id().clone();
        let peer_id_str = peer_id.to_string();

        // Generate human-readable name (first 8 chars of peer_id)
        let name = format!("agent-{}", &peer_id_str[..8.min(peer_id_str.len())]);

        // Build dashboard URL
        let api_url = crate::constants::api_url();
        let dashboard_url = if api_url.contains("localhost") {
            format!("http://localhost:3000/agents/{}", peer_id)
        } else if api_url.contains("workers.dev") {
            // Dev environment
            format!("https://loa-web.pages.dev/agents/{}", peer_id)
        } else {
            // Production
            format!("https://loa.sh/agents/{}", peer_id)
        };

        Ok(Self {
            peer_id,
            name,
            storage_path: storage_path.to_path_buf(),
            dashboard_url,
            ed25519_public_key_hex: identity.ed25519_public_key_hex().to_string(),
            x25519_public_key_hex: identity.x25519_public_key_hex().to_string(),
            claim_token,
        })
    }

    /// Check if the agent identity exists at the given storage path.
    ///
    /// This is a quick check that doesn't load the identity file.
    pub fn exists(storage_path: &Path) -> bool {
        storage_path.join("agent_id.key").exists()
    }
}

/// Global agent identity singleton
///
/// Initialized once during agent startup and accessible from all actors.
static AGENT_IDENTITY: OnceCell<Arc<AgentIdentity>> = OnceCell::new();

/// Initialize the global agent identity
///
/// This should be called once during agent startup, typically in the builder.
///
/// # Panics
///
/// Panics if called more than once.
pub fn init_global_identity(identity: Arc<AgentIdentity>) {
    AGENT_IDENTITY
        .set(identity)
        .expect("Global identity already initialized");
}

/// Get a clone of the global agent identity
///
/// Returns an Arc clone for efficient sharing across actors.
///
/// # Panics
///
/// Panics if called before `init_global_identity()`.
pub fn get_global_identity() -> Arc<AgentIdentity> {
    AGENT_IDENTITY
        .get()
        .expect("Global identity not initialized - call init_global_identity() first")
        .clone()
}

#[derive(Serialize, Deserialize)]
struct PersistedKeys {
    ed25519_bytes: Vec<u8>,
    x25519_bytes: Vec<u8>,
}

pub struct AgentIdentity {
    ed25519_keypair: Keypair,
    x25519_secret: X25519SecretKey,
    /// X25519 public key - reserved for future encrypted communication.
    /// Currently only sent to API during registration; not used locally yet.
    #[allow(dead_code)]
    x25519_public: X25519PublicKey,
    peer_id: PeerId,
    ed25519_public_key_hex: String,
    x25519_public_key_hex: String,
}

// Manual Debug impl that skips secret fields for security
impl std::fmt::Debug for AgentIdentity {
    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        f.debug_struct("AgentIdentity")
            .field("peer_id", &self.peer_id)
            .field("ed25519_public_key_hex", &self.ed25519_public_key_hex)
            .field("x25519_public_key_hex", &self.x25519_public_key_hex)
            .finish_non_exhaustive()
    }
}

impl AgentIdentity {
    pub fn from_file_or_generate_new(path: &Path) -> Result<Self> {
        let (ed25519_keypair, x25519_secret, x25519_public) = if path.exists() {
            Self::load_keypairs_from_file(path)?
        } else {
            Self::generate_and_save_new_keypairs(path)?
        };

        let peer_id = PeerId::from_public_key(&ed25519_keypair.public());
        let ed25519_public_key_hex = hex::encode(ed25519_keypair.public().encode_protobuf());
        let x25519_public_key_hex = hex::encode(x25519_public.as_bytes());

        Ok(Self {
            ed25519_keypair,
            x25519_secret,
            x25519_public,
            peer_id,
            ed25519_public_key_hex,
            x25519_public_key_hex,
        })
    }

    pub fn peer_id(&self) -> &PeerId {
        &self.peer_id
    }

    pub fn ed25519_public_key_hex(&self) -> &str {
        &self.ed25519_public_key_hex
    }

    pub fn x25519_public_key_hex(&self) -> &str {
        &self.x25519_public_key_hex
    }

    pub fn sign_message_as_hex(&self, message: &[u8]) -> Result<String> {
        let signature = self
            .ed25519_keypair
            .sign(message)
            .map_err(|e| Self::err("sign", e))?;
        Ok(hex::encode(signature))
    }

    /// Decrypt data using x25519 + XChaCha20-Poly1305
    ///
    /// **Note:** This method is reserved for future encrypted communication features
    /// (e.g., encrypted config updates, encrypted metrics). Currently unused but
    /// maintained for forward compatibility with the encryption package.
    ///
    /// Expected format of encrypted_data:
    /// - First 32 bytes: ephemeral x25519 public key
    /// - Remaining bytes: XChaCha20-Poly1305 ciphertext (includes auth tag)
    #[allow(dead_code)]
    pub fn decrypt_x25519(
        &self,
        encrypted_data: &[u8],
        nonce: &[u8],
    ) -> std::result::Result<Vec<u8>, String> {
        use chacha20poly1305::{
            aead::{Aead, KeyInit},
            XChaCha20Poly1305, XNonce,
        };

        // Extract ephemeral public key (first 32 bytes)
        if encrypted_data.len() < 32 {
            return Err("encrypted data too short".to_string());
        }

        let (ephemeral_public_bytes, ciphertext) = encrypted_data.split_at(32);
        let ephemeral_public_array: [u8; 32] = ephemeral_public_bytes
            .try_into()
            .map_err(|_| "invalid ephemeral public key")?;
        let ephemeral_public = X25519PublicKey::from(ephemeral_public_array);

        // Compute shared secret using Diffie-Hellman
        let shared_secret = self.x25519_secret.diffie_hellman(&ephemeral_public);

        // Use shared secret as XChaCha20-Poly1305 key (24-byte nonce)
        let cipher = XChaCha20Poly1305::new(shared_secret.as_bytes().into());

        // Decrypt with provided 24-byte nonce
        let nonce_array: XNonce = nonce
            .try_into()
            .map_err(|_| "Invalid nonce length".to_string())?;
        let plaintext = cipher
            .decrypt(&nonce_array, ciphertext)
            .map_err(|e| format!("decryption failed: {}", e))?;

        Ok(plaintext)
    }

    fn load_keypairs_from_file(path: &Path) -> Result<(Keypair, X25519SecretKey, X25519PublicKey)> {
        tracing::info!("Loading existing agent identity from {}", path.display());

        // Try loading as JSON (new format)
        if let Ok(json) = fs::read_to_string(path) {
            if let Ok(persisted) = serde_json::from_str::<PersistedKeys>(&json) {
                let mut ed25519_bytes = persisted.ed25519_bytes;
                let ed25519_kp = ed25519::Keypair::try_from_bytes(&mut ed25519_bytes)
                    .map_err(|e| Self::err("decode Ed25519 key", e))?;

                let x25519_bytes: [u8; 32] = persisted
                    .x25519_bytes
                    .try_into()
                    .map_err(|_| Self::err("invalid X25519 key length", "expected 32 bytes"))?;
                let x25519_secret = X25519SecretKey::from(x25519_bytes);
                let x25519_public = X25519PublicKey::from(&x25519_secret);

                return Ok((ed25519_kp.into(), x25519_secret, x25519_public));
            }
        }

        // Fall back to loading old binary format and migrate
        tracing::info!("Migrating old identity format to JSON");
        let mut bytes = fs::read(path).map_err(|e| Self::err("read identity file", e))?;
        let ed25519_kp = ed25519::Keypair::try_from_bytes(&mut bytes)
            .map_err(|e| Self::err("decode Ed25519 key", e))?;

        // Generate new X25519 keypair for migration
        let x25519_secret = X25519SecretKey::random_from_rng(OsRng);
        let x25519_public = X25519PublicKey::from(&x25519_secret);

        // Save in new JSON format
        let ed25519_full = ed25519_kp.to_bytes();
        let persisted = PersistedKeys {
            ed25519_bytes: ed25519_full.to_vec(),
            x25519_bytes: x25519_secret.to_bytes().to_vec(),
        };
        let json = serde_json::to_string_pretty(&persisted)
            .map_err(|e| Self::err("serialize keys during migration", e))?;
        fs::write(path, json).map_err(|e| Self::err("write migrated identity file", e))?;

        tracing::info!("Identity migration complete");
        Ok((ed25519_kp.into(), x25519_secret, x25519_public))
    }

    fn generate_and_save_new_keypairs(
        path: &Path,
    ) -> Result<(Keypair, X25519SecretKey, X25519PublicKey)> {
        tracing::info!(
            "Generating new agent identity (saved to {})",
            path.display()
        );

        // Generate random bytes for keypair
        let mut bytes = [0u8; 32];
        use rand::RngCore;
        OsRng.fill_bytes(&mut bytes);
        let ed25519_kp = ed25519::Keypair::from(
            ed25519::SecretKey::try_from_bytes(&mut bytes)
                .map_err(|e| std::io::Error::new(std::io::ErrorKind::Other, e.to_string()))?,
        );
        let ed25519_bytes = ed25519_kp.to_bytes();

        let x25519_secret = X25519SecretKey::random_from_rng(OsRng);
        let x25519_public = X25519PublicKey::from(&x25519_secret);
        let x25519_bytes = x25519_secret.to_bytes();

        let persisted = PersistedKeys {
            ed25519_bytes: ed25519_bytes.to_vec(),
            x25519_bytes: x25519_bytes.to_vec(),
        };

        let json =
            serde_json::to_string_pretty(&persisted).map_err(|e| Self::err("serialize keys", e))?;
        fs::write(path, json).map_err(|e| Self::err("write identity file", e))?;

        Ok((ed25519_kp.into(), x25519_secret, x25519_public))
    }

    fn err(context: &str, error: impl std::fmt::Display) -> Error {
        Error::Io(std::io::Error::new(
            std::io::ErrorKind::Other,
            format!("{}: {}", context, error),
        ))
    }
}