@stryke/capnp/schemas/persistent.mjs.map

A package to assist in running the Cap'n Proto compiler and creating Cap'n Proto serialization protocol schemas.

{"version":3,"file":"persistent.mjs","names":["$.Struct","$.ObjectSize","$.Pipeline","$.Server","$.Interface"],"sources":["../../schemas/persistent.ts"],"sourcesContent":["/* eslint-disable */\n// biome-ignore lint: disable\n// Generated by storm-capnpc\n// Note: Do not edit this file manually - it will be overwritten automatically\nimport * as $ from \"@stryke/capnp\";\nexport const _capnpFileId = BigInt(\"0xb8630836983feed7\");\nexport class Persistent_SaveParams extends $.Struct {\n  public static override readonly _capnp = {\n    displayName: \"SaveParams\",\n    id: \"f76fba59183073a5\",\n    size: new $.ObjectSize(0, 1),\n  };\n  _adoptSealFor(value: $.Orphan<$.Pointer>): void {\n    $.utils.adopt(value, $.utils.getPointer(0, this));\n  }\n  _disownSealFor(): $.Orphan<$.Pointer> {\n    return $.utils.disown(this.sealFor);\n  }\n  /**\n* Seal the SturdyRef so that it can only be restored by the specified Owner. This is meant\n* to mitigate damage when a SturdyRef is leaked. See comments above.\n*\n* Leaving this value null may or may not be allowed; it is up to the realm to decide. If a\n* realm does allow a null owner, this should indicate that anyone is allowed to restore the\n* ref.\n*\n*/\n  get sealFor(): $.Pointer {\n    return $.utils.getPointer(0, this);\n  }\n  _hasSealFor(): boolean {\n    return !$.utils.isNull($.utils.getPointer(0, this));\n  }\n  set sealFor(value: $.Pointer) {\n    $.utils.copyFrom(value, $.utils.getPointer(0, this));\n  }\n  public override toString(): string { return \"Persistent_SaveParams_\" + super.toString(); }\n}\nexport class Persistent_SaveResults extends $.Struct {\n  public static override readonly _capnp = {\n    displayName: \"SaveResults\",\n    id: \"b76848c18c40efbf\",\n    size: new $.ObjectSize(0, 1),\n  };\n  _adoptSturdyRef(value: $.Orphan<$.Pointer>): void {\n    $.utils.adopt(value, $.utils.getPointer(0, this));\n  }\n  _disownSturdyRef(): $.Orphan<$.Pointer> {\n    return $.utils.disown(this.sturdyRef);\n  }\n  get sturdyRef(): $.Pointer {\n    return $.utils.getPointer(0, this);\n  }\n  _hasSturdyRef(): boolean {\n    return !$.utils.isNull($.utils.getPointer(0, this));\n  }\n  set sturdyRef(value: $.Pointer) {\n    $.utils.copyFrom(value, $.utils.getPointer(0, this));\n  }\n  public override toString(): string { return \"Persistent_SaveResults_\" + super.toString(); }\n}\nexport class Persistent_SaveResults$Promise {\n  pipeline: $.Pipeline<any, any, Persistent_SaveResults>;\n  constructor(pipeline: $.Pipeline<any, any, Persistent_SaveResults>) {\n    this.pipeline = pipeline;\n  }\n  async promise(): Promise<Persistent_SaveResults> {\n    return await this.pipeline.struct();\n  }\n}\nexport class Persistent$Client {\n  client: $.Client;\n  static readonly interfaceId: bigint = BigInt(\"0xc8cb212fcd9f5691\");\n  constructor(client: $.Client) {\n    this.client = client;\n  }\n  static readonly methods: [\n    $.Method<Persistent_SaveParams, Persistent_SaveResults>\n  ] = [\n    {\n      ParamsClass: Persistent_SaveParams,\n      ResultsClass: Persistent_SaveResults,\n      interfaceId: Persistent$Client.interfaceId,\n      methodId: 0,\n      interfaceName: \"packages/capnp/schemas/persistent.capnp:Persistent\",\n      methodName: \"save\"\n    }\n  ];\n  /**\n* Save a capability persistently so that it can be restored by a future connection.  Not all\n* capabilities can be saved -- application interfaces should define which capabilities support\n* this and which do not.\n*\n*/\n  save(paramsFunc?: (params: Persistent_SaveParams) => void): Persistent_SaveResults$Promise {\n    const answer = this.client.call({\n      method: Persistent$Client.methods[0],\n      paramsFunc: paramsFunc\n    });\n    const pipeline = new $.Pipeline(Persistent_SaveResults, answer);\n    return new Persistent_SaveResults$Promise(pipeline);\n  }\n}\n$.Registry.register(Persistent$Client.interfaceId, Persistent$Client);\nexport interface Persistent$Server$Target {\n  save(params: Persistent_SaveParams, results: Persistent_SaveResults): Promise<void>;\n}\nexport class Persistent$Server extends $.Server {\n  public override readonly target: Persistent$Server$Target;\n  constructor(target: Persistent$Server$Target) {\n    super(target, [\n      {\n        ...Persistent$Client.methods[0],\n        impl: target.save\n      }\n    ]);\n    this.target = target;\n  }\n  client(): Persistent$Client {\n    return new Persistent$Client(this);\n  }\n}\n/**\n* Interface implemented by capabilities that outlive a single connection. A client may save()\n* the capability, producing a SturdyRef. The SturdyRef can be stored to disk, then later used to\n* obtain a new reference to the capability on a future connection.\n*\n* The exact format of SturdyRef depends on the \"realm\" in which the SturdyRef appears. A \"realm\"\n* is an abstract space in which all SturdyRefs have the same format and refer to the same set of\n* resources. Every vat is in exactly one realm. All capability clients within that vat must\n* produce SturdyRefs of the format appropriate for the realm.\n*\n* Similarly, every VatNetwork also resides in a particular realm. Usually, a vat's \"realm\"\n* corresponds to the realm of its main VatNetwork. However, a Vat can in fact communicate over\n* a VatNetwork in a different realm -- in this case, all SturdyRefs need to be transformed when\n* coming or going through said VatNetwork. The RPC system has hooks for registering\n* transformation callbacks for this purpose.\n*\n* Since the format of SturdyRef is realm-dependent, it is not defined here. An application should\n* choose an appropriate realm for itself as part of its design. Note that under Sandstorm, every\n* application exists in its own realm and is therefore free to define its own SturdyRef format;\n* the Sandstorm platform handles translating between realms.\n*\n* Note that whether a capability is persistent is often orthogonal to its type. In these cases,\n* the capability's interface should NOT inherit `Persistent`; instead, just perform a cast at\n* runtime. It's not type-safe, but trying to be type-safe in these cases will likely lead to\n* tears. In cases where a particular interface only makes sense on persistent capabilities, it\n* still should not explicitly inherit Persistent because the `SturdyRef` and `Owner` types will\n* vary between realms (they may even be different at the call site than they are on the\n* implementation). Instead, mark persistent interfaces with the $persistent annotation (defined\n* below).\n*\n* Sealing\n* -------\n*\n* As an added security measure, SturdyRefs may be \"sealed\" to a particular owner, such that\n* if the SturdyRef itself leaks to a third party, that party cannot actually restore it because\n* they are not the owner. To restore a sealed capability, you must first prove to its host that\n* you are the rightful owner. The precise mechanism for this authentication is defined by the\n* realm.\n*\n* Sealing is a defense-in-depth mechanism meant to mitigate damage in the case of catastrophic\n* attacks. For example, say an attacker temporarily gains read access to a database full of\n* SturdyRefs: it would be unfortunate if it were then necessary to revoke every single reference\n* in the database to prevent the attacker from using them.\n*\n* In general, an \"owner\" is a course-grained identity. Because capability-based security is still\n* the primary mechanism of security, it is not necessary nor desirable to have a separate \"owner\"\n* identity for every single process or object; that is exactly what capabilities are supposed to\n* avoid! Instead, it makes sense for an \"owner\" to literally identify the owner of the machines\n* where the capability is stored. If untrusted third parties are able to run arbitrary code on\n* said machines, then the sandbox for that code should be designed using Distributed Confinement\n* such that the third-party code never sees the bits of the SturdyRefs and cannot directly\n* exercise the owner's power to restore refs. See:\n*\n*     http://www.erights.org/elib/capability/dist-confine.html\n*\n* Resist the urge to represent an Owner as a simple public key. The whole point of sealing is to\n* defend against leaked-storage attacks. Such attacks can easily result in the owner's private\n* key being stolen as well. A better solution is for `Owner` to contain a simple globally unique\n* identifier for the owner, and for everyone to separately maintain a mapping of owner IDs to\n* public keys. If an owner's private key is compromised, then humans will need to communicate\n* and agree on a replacement public key, then update the mapping.\n*\n* As a concrete example, an `Owner` could simply contain a domain name, and restoring a SturdyRef\n* would require signing a request using the domain's private key. Authenticating this key could\n* be accomplished through certificate authorities or web-of-trust techniques.\n*\n*/\nexport class Persistent extends $.Interface {\n  static readonly SaveParams = Persistent_SaveParams;\n  static readonly SaveResults = Persistent_SaveResults;\n  static readonly Client = Persistent$Client;\n  static readonly Server = Persistent$Server;\n  public static override readonly _capnp = {\n    displayName: \"Persistent\",\n    id: \"c8cb212fcd9f5691\",\n    size: new $.ObjectSize(0, 0),\n  };\n  public override toString(): string { return \"Persistent_\" + super.toString(); }\n}\n"],"mappings":";;;AAKA,MAAa,eAAe,OAAO,qBAAqB;AACxD,IAAa,wBAAb,cAA2CA,OAAS;CAClD,OAAgC,SAAS;EACvC,aAAa;EACb,IAAI;EACJ,MAAM,IAAIC,WAAa,GAAG,EAAE;EAC7B;CACD,cAAc,OAAkC;AAC9C,QAAQ,MAAM,aAAe,WAAW,GAAG,KAAK,CAAC;;CAEnD,iBAAsC;AACpC,eAAe,OAAO,KAAK,QAAQ;;;;;;;;;;;CAWrC,IAAI,UAAqB;AACvB,eAAe,WAAW,GAAG,KAAK;;CAEpC,cAAuB;AACrB,SAAO,OAAS,aAAe,WAAW,GAAG,KAAK,CAAC;;CAErD,IAAI,QAAQ,OAAkB;AAC5B,QAAQ,SAAS,aAAe,WAAW,GAAG,KAAK,CAAC;;CAEtD,AAAgB,WAAmB;AAAE,SAAO,2BAA2B,MAAM,UAAU;;;AAEzF,IAAa,yBAAb,cAA4CD,OAAS;CACnD,OAAgC,SAAS;EACvC,aAAa;EACb,IAAI;EACJ,MAAM,IAAIC,WAAa,GAAG,EAAE;EAC7B;CACD,gBAAgB,OAAkC;AAChD,QAAQ,MAAM,aAAe,WAAW,GAAG,KAAK,CAAC;;CAEnD,mBAAwC;AACtC,eAAe,OAAO,KAAK,UAAU;;CAEvC,IAAI,YAAuB;AACzB,eAAe,WAAW,GAAG,KAAK;;CAEpC,gBAAyB;AACvB,SAAO,OAAS,aAAe,WAAW,GAAG,KAAK,CAAC;;CAErD,IAAI,UAAU,OAAkB;AAC9B,QAAQ,SAAS,aAAe,WAAW,GAAG,KAAK,CAAC;;CAEtD,AAAgB,WAAmB;AAAE,SAAO,4BAA4B,MAAM,UAAU;;;AAE1F,IAAa,iCAAb,MAA4C;CAC1C;CACA,YAAY,UAAwD;AAClE,OAAK,WAAW;;CAElB,MAAM,UAA2C;AAC/C,SAAO,MAAM,KAAK,SAAS,QAAQ;;;AAGvC,IAAa,oBAAb,MAAa,kBAAkB;CAC7B;CACA,OAAgB,cAAsB,OAAO,qBAAqB;CAClE,YAAY,QAAkB;AAC5B,OAAK,SAAS;;CAEhB,OAAgB,UAEZ,CACF;EACE,aAAa;EACb,cAAc;EACd,aAAa,kBAAkB;EAC/B,UAAU;EACV,eAAe;EACf,YAAY;EACb,CACF;;;;;;;CAOD,KAAK,YAAsF;EACzF,MAAM,SAAS,KAAK,OAAO,KAAK;GAC9B,QAAQ,kBAAkB,QAAQ;GACtB;GACb,CAAC;AAEF,SAAO,IAAI,+BAA+B,IADrBC,SAAW,wBAAwB,OACN,CAAC;;;SAG5C,SAAS,kBAAkB,aAAa,kBAAkB;AAIrE,IAAa,oBAAb,cAAuCC,OAAS;CAC9C,AAAyB;CACzB,YAAY,QAAkC;AAC5C,QAAM,QAAQ,CACZ;GACE,GAAG,kBAAkB,QAAQ;GAC7B,MAAM,OAAO;GACd,CACF,CAAC;AACF,OAAK,SAAS;;CAEhB,SAA4B;AAC1B,SAAO,IAAI,kBAAkB,KAAK;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAsEtC,IAAa,aAAb,cAAgCC,UAAY;CAC1C,OAAgB,aAAa;CAC7B,OAAgB,cAAc;CAC9B,OAAgB,SAAS;CACzB,OAAgB,SAAS;CACzB,OAAgC,SAAS;EACvC,aAAa;EACb,IAAI;EACJ,MAAM,IAAIH,WAAa,GAAG,EAAE;EAC7B;CACD,AAAgB,WAAmB;AAAE,SAAO,gBAAgB,MAAM,UAAU"}