fix!: remove localPeer from secureInbound and secureOutbound

packages/connection-encrypter-plaintext/src/index.ts

@@ -31,6 +31,7 @@ import type { Uint8ArrayList } from 'uint8arraylist'
 const PROTOCOL = '/plaintext/2.0.0'
 
 export interface PlaintextComponents {
+  peerId: PeerId
   logger: ComponentLogger
 }
 
@@ -44,20 +45,22 @@ export interface PlaintextInit {
 
 class Plaintext implements ConnectionEncrypter {
   public protocol: string = PROTOCOL
+  private readonly peerId: PeerId
   private readonly log: Logger
   private readonly timeout: number
 
   constructor (components: PlaintextComponents, init: PlaintextInit = {}) {
+    this.peerId = components.peerId
     this.log = components.logger.forComponent('libp2p:plaintext')
     this.timeout = init.timeout ?? 1000
   }
 
-  async secureInbound <Stream extends Duplex<AsyncGenerator<Uint8Array | Uint8ArrayList>> = MultiaddrConnection> (localId: PeerId, conn: Stream, remoteId?: PeerId): Promise<SecuredConnection<Stream>> {
-    return this._encrypt(localId, conn, remoteId)
+  async secureInbound <Stream extends Duplex<AsyncGenerator<Uint8Array | Uint8ArrayList>> = MultiaddrConnection> (conn: Stream, remoteId?: PeerId): Promise<SecuredConnection<Stream>> {
+    return this._encrypt(this.peerId, conn, remoteId)
   }
 
-  async secureOutbound <Stream extends Duplex<AsyncGenerator<Uint8Array | Uint8ArrayList>> = MultiaddrConnection> (localId: PeerId, conn: Stream, remoteId?: PeerId): Promise<SecuredConnection<Stream>> {
-    return this._encrypt(localId, conn, remoteId)
+  async secureOutbound <Stream extends Duplex<AsyncGenerator<Uint8Array | Uint8ArrayList>> = MultiaddrConnection> (conn: Stream, remoteId?: PeerId): Promise<SecuredConnection<Stream>> {
+    return this._encrypt(this.peerId, conn, remoteId)
   }
 
   /**

packages/connection-encrypter-plaintext/test/index.spec.ts

@@ -19,6 +19,7 @@ describe('plaintext', () => {
   let remotePeer: PeerId
   let wrongPeer: PeerId
   let encrypter: ConnectionEncrypter
+  let encrypterRemote: ConnectionEncrypter
 
   beforeEach(async () => {
     [localPeer, remotePeer, wrongPeer] = await Promise.all([
@@ -28,6 +29,11 @@ describe('plaintext', () => {
     ])
 
     encrypter = plaintext()({
+      peerId: localPeer,
+      logger: defaultLogger()
+    })
+    encrypterRemote = plaintext()({
+      peerId: remotePeer,
       logger: defaultLogger()
     })
   })
@@ -46,8 +52,8 @@ describe('plaintext', () => {
     })
 
     await Promise.all([
-      encrypter.secureInbound(remotePeer, inbound),
-      encrypter.secureOutbound(localPeer, outbound, wrongPeer)
+      encrypterRemote.secureInbound(inbound),
+      encrypter.secureOutbound(outbound, wrongPeer)
     ]).then(() => expect.fail('should have failed'), (err) => {
       expect(err).to.exist()
       expect(err).to.have.property('code', UnexpectedPeerError.code)
@@ -67,8 +73,8 @@ describe('plaintext', () => {
     })
 
     await expect(Promise.all([
-      encrypter.secureInbound(localPeer, inbound),
-      encrypter.secureOutbound(remotePeer, outbound, localPeer)
+      encrypter.secureInbound(inbound),
+      encrypterRemote.secureOutbound(outbound, localPeer)
     ]))
       .to.eventually.be.rejected.with.property('code', InvalidCryptoExchangeError.code)
   })

packages/interface-compliance-tests/src/connection-encryption/index.ts

@@ -12,18 +12,21 @@ import type { ConnectionEncrypter, PeerId } from '@libp2p/interface'
 export default (common: TestSetup<ConnectionEncrypter>): void => {
   describe('interface-connection-encrypter compliance tests', () => {
     let crypto: ConnectionEncrypter
+    let cryptoRemote: ConnectionEncrypter
     let localPeer: PeerId
     let remotePeer: PeerId
     let mitmPeer: PeerId
 
     before(async () => {
       [
         crypto,
+        cryptoRemote,
         localPeer,
         remotePeer,
         mitmPeer
       ] = await Promise.all([
         common.setup(),
+        common.setup({ peerId: PeerIdFactory.createFromJSON(peers[1]) }),
         PeerIdFactory.createFromJSON(peers[0]),
         PeerIdFactory.createFromJSON(peers[1]),
         PeerIdFactory.createFromJSON(peers[2])
@@ -46,8 +49,8 @@ export default (common: TestSetup<ConnectionEncrypter>): void => {
         inboundResult,
         outboundResult
       ] = await Promise.all([
-        crypto.secureInbound(remotePeer, localConn),
-        crypto.secureOutbound(localPeer, remoteConn, remotePeer)
+        cryptoRemote.secureInbound(localConn),
+        crypto.secureOutbound(remoteConn, remotePeer)
       ])
 
       // Echo server
@@ -73,8 +76,8 @@ export default (common: TestSetup<ConnectionEncrypter>): void => {
         inboundResult,
         outboundResult
       ] = await Promise.all([
-        crypto.secureInbound(remotePeer, localConn),
-        crypto.secureOutbound(localPeer, remoteConn, remotePeer)
+        cryptoRemote.secureInbound(localConn),
+        crypto.secureOutbound(remoteConn, remotePeer)
       ])
 
       // Inbound should return the initiator (local) peer
@@ -87,8 +90,8 @@ export default (common: TestSetup<ConnectionEncrypter>): void => {
       const [localConn, remoteConn] = createMaConnPair()
 
       await Promise.all([
-        crypto.secureInbound(remotePeer, localConn, mitmPeer),
-        crypto.secureOutbound(localPeer, remoteConn, remotePeer)
+        cryptoRemote.secureInbound(localConn, mitmPeer),
+        crypto.secureOutbound(remoteConn, remotePeer)
       ]).then(() => expect.fail(), (err) => {
         expect(err).to.exist()
         expect(err).to.have.property('code', UnexpectedPeerError.code)

packages/interface/src/connection-encrypter/index.ts

@@ -15,14 +15,14 @@ export interface ConnectionEncrypter<Extension = unknown> {
    * pass it for extra verification, otherwise it will be determined during
    * the handshake.
    */
-  secureOutbound <Stream extends Duplex<AsyncGenerator<Uint8Array | Uint8ArrayList>> = MultiaddrConnection> (localPeer: PeerId, connection: Stream, remotePeer?: PeerId): Promise<SecuredConnection<Stream, Extension>>
+  secureOutbound <Stream extends Duplex<AsyncGenerator<Uint8Array | Uint8ArrayList>> = MultiaddrConnection> (connection: Stream, remotePeer?: PeerId): Promise<SecuredConnection<Stream, Extension>>
 
   /**
    * Decrypt incoming data. If the remote PeerId is known,
    * pass it for extra verification, otherwise it will be determined during
    * the handshake
    */
-  secureInbound <Stream extends Duplex<AsyncGenerator<Uint8Array | Uint8ArrayList>> = MultiaddrConnection> (localPeer: PeerId, connection: Stream, remotePeer?: PeerId): Promise<SecuredConnection<Stream, Extension>>
+  secureInbound <Stream extends Duplex<AsyncGenerator<Uint8Array | Uint8ArrayList>> = MultiaddrConnection> (connection: Stream, remotePeer?: PeerId): Promise<SecuredConnection<Stream, Extension>>
 }
 
 export interface SecuredConnection<Stream = any, Extension = unknown> {

packages/libp2p/src/upgrader.ts

@@ -637,7 +637,7 @@ export class DefaultUpgrader implements Upgrader {
       connection.log('encrypting inbound connection using', protocol)
 
       return {
-        ...await encrypter.secureInbound(this.components.peerId, stream),
+        ...await encrypter.secureInbound(stream),
         protocol
       }
     } catch (err: any) {
@@ -673,7 +673,7 @@ export class DefaultUpgrader implements Upgrader {
       connection.log('encrypting outbound connection to %p using %p', remotePeerId)
 
       return {
-        ...await encrypter.secureOutbound(this.components.peerId, stream, remotePeerId),
+        ...await encrypter.secureOutbound(stream, remotePeerId),
         protocol
       }
     } catch (err: any) {

packages/transport-webtransport/src/index.ts

@@ -82,10 +82,6 @@ class WebTransportTransport implements Transport {
     options?.signal?.throwIfAborted()
 
     this.log('dialing %s', ma)
-    const localPeer = this.components.peerId
-    if (localPeer === undefined) {
-      throw new Error('Need a local peerid')
-    }
 
     options = options ?? {}
 
@@ -167,7 +163,7 @@ class WebTransportTransport implements Transport {
           cleanUpWTSession('remote_close')
         })
 
-      if (!await this.authenticateWebTransport(wt, localPeer, remotePeer, certhashes)) {
+      if (!await this.authenticateWebTransport(wt, remotePeer, certhashes)) {
         throw new Error('Failed to authenticate webtransport')
       }
 
@@ -213,7 +209,7 @@ class WebTransportTransport implements Transport {
     }
   }
 
-  async authenticateWebTransport (wt: InstanceType<typeof WebTransport>, localPeer: PeerId, remotePeer: PeerId, certhashes: Array<MultihashDigest<number>>): Promise<boolean> {
+  async authenticateWebTransport (wt: InstanceType<typeof WebTransport>, remotePeer: PeerId, certhashes: Array<MultihashDigest<number>>): Promise<boolean> {
     const stream = await wt.createBidirectionalStream()
     const writer = stream.writable.getWriter()
     const reader = stream.readable.getReader()
@@ -246,7 +242,7 @@ class WebTransportTransport implements Transport {
 
     const n = noise()(this.components)
 
-    const { remoteExtensions } = await n.secureOutbound(localPeer, duplex, remotePeer)
+    const { remoteExtensions } = await n.secureOutbound(duplex, remotePeer)
 
     // We're done with this authentication stream
     writer.close().catch((err: Error) => {