npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@ajna-inc/group-messaging

v0.1.2

Published

DIDComm v2 Group Messaging Protocol with MLS

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

vinaysingh8866vinaysingh8866

Keywords

didcommgroup-messagingmlsdecentralized-identityend-to-end-encryptionrouter-mesh

Readme

Group Messaging Module (@credo-ts/group-messaging)

DIDComm v2 Group Messaging Protocol with MLS (Messaging Layer Security) for Credo Framework.

Overview

This module implements the DIDComm Group Messaging v1.0 Protocol, providing end-to-end encrypted group chat using:

  • MLS (RFC 9420) - Messaging Layer Security for group encryption
  • DIDComm v2 - Decentralized messaging
  • Signing Protocol v1.0 - Authorization artifacts, join tokens, router attestations
  • HPKE (RFC 9180) - Hybrid Public Key Encryption for sealed secrets

Features

End-to-End Encrypted Group Chat - MLS provides forward secrecy and post-compromise security ✅ Decentralized Identity - DIDs for rooms and participants ✅ Multi-Device Support - Members can join with multiple devices ✅ Role-Based Access Control - Owner, admin, and member roles ✅ Admin Governance - Authorization artifacts for privileged operations ✅ Replay-Proof Join Tokens - HPKE-encrypted join tokens with monotonic counters ✅ Message Deduplication - Content-based deduplication with mls_msg_idDelivery Receipts - Track message delivery status ✅ Commit Ordering - Host ensures one commit per epoch (conflict resolution) ✅ Mesh Routing - Optional router support for relay topology

Installation

pnpm add @credo-ts/group-messaging @ajna-inc/signing

Usage

1. Register the Module

import { Agent } from '@credo-ts/core'
import { GroupMessagingModule } from '@credo-ts/group-messaging'
import { SigningModule } from '@ajna-inc/signing'

const agent = new Agent({
  config: { /* ... */ },
  modules: {
    signing: new SigningModule(),
    groupMessaging: new GroupMessagingModule(),
  },
})

await agent.initialize()

2. Create a Room

const ownerDid = await agent.dids.create({ method: 'key' })

const room = await agent.modules.groupMessaging.createRoom({
  roomDid: 'did:peer:room-123',
  label: 'Project Team',
  ownerDid: ownerDid.didState.did!,
  policy: {
    join: 'invite-only',
    maxMembers: 100,
  },
  ciphersuite: 'MLS_128_DHKEMX25519_AES128GCM_SHA256_Ed25519',
})

console.log('Room created:', room.id)

3. Send Encrypted Messages

const messageId = await agent.modules.groupMessaging.sendMessage(
  room.id,
  'Hello, team!',
  senderDid
)

console.log('Message sent:', messageId)

4. Get Roster

const roster = await agent.modules.groupMessaging.getRoster(room.id)

console.log('Active members:', roster.members.filter(m => m.status === 'active'))

5. Check Receipt Status

const status = await agent.modules.groupMessaging.getReceiptStatus(room.id, messageId)

console.log('Delivered to:', status.received)
console.log('Pending:', status.pending)

Architecture

┌─────────────────────────────────────────────────────────────┐
│                  Group Messaging Stack                       │
├─────────────────────────────────────────────────────────────┤
│  Application: Chat, File Sharing, Notifications             │
├─────────────────────────────────────────────────────────────┤
│  Group Messaging Protocol: Room Management, Membership       │
├─────────────────────────────────────────────────────────────┤
│  MLS (ts-mls): E2EE, Key Management, Forward Secrecy       │
├─────────────────────────────────────────────────────────────┤
│  Signing Protocol: Authorization, Join Tokens, Attestations  │
├─────────────────────────────────────────────────────────────┤
│  DIDComm v2: Routing, Mediation, Message Pickup            │
├─────────────────────────────────────────────────────────────┤
│  Transport: HTTPS, WebSocket, WebTransport                  │
└─────────────────────────────────────────────────────────────┘

Components

Core Models

  • Room - Group chat room with DID, policy, MLS group ID
  • Roster - Member list with roles, devices, status
  • Member - DID with role (owner/admin/member), status, devices
  • Device - Multi-device support with MLS leaf index

Services

  • RoomService - CRUD operations for rooms
  • MembershipService - Invite, join, remove, ban operations
  • MLSService - MLS encryption/decryption wrapper
  • GroupMessagingService - Send/receive encrypted messages
  • ReceiptService - Delivery receipt tracking
  • HostService - Message ordering, commit resolution, fan-out
  • DeduplicationService - Prevent duplicate message processing

DIDComm Messages

  • create / created - Room creation
  • invite - Invite member (requires admin authz)
  • join - Join room (requires join token + key package)
  • moderate - Add/remove/ban (requires admin authz)
  • roster-request / roster - Get member list
  • msg - Encrypted application message
  • delivery-receipts - Delivery acknowledgments

Protocol Roles

  • Owner - Creates the room, controls the Room DID
  • Admin(s) - Authorized to change membership/policy
  • Member - MLS leaf participant (multi-device supported)
  • Host (Delivery Service) - Orders commits, fans out messages
  • Router - Optional relay for mesh topology

Security

Encryption

  • MLS provides end-to-end encryption for all group messages
  • Forward Secrecy - Past messages safe even if keys compromised
  • Post-Compromise Security - Future messages safe after key rotation

Authorization

  • Admin operations require Signing Protocol authorization artifacts
  • Join operations require replay-proof join tokens with:
    • Monotonic counter (prevents replay)
    • HPKE envelope (cryptographic binding)
    • Expiry and capacity limits

Deduplication

  • Messages identified by mls_msg_id (content ID)
  • Seen-set tracking prevents duplicate processing
  • Idempotent re-ack for duplicates

Supported MLS Ciphersuites

  • MLS_128_DHKEMX25519_AES128GCM_SHA256_Ed25519 (recommended)
  • MLS_128_DHKEMP256_AES128GCM_SHA256_P256
  • MLS_128_DHKEMX25519_CHACHA20POLY1305_SHA256_Ed25519

Dependencies

  • @credo-ts/core - Credo framework core
  • @ajna-inc/signing - DIDComm Signing Protocol
  • ts-mls - TypeScript MLS (RFC 9420) implementation
  • @hpke/core - HPKE (RFC 9180) for sealed secrets
  • @noble/curves - Cryptographic curves
  • @noble/ciphers - Cryptographic ciphers

Specification Compliance

This implementation follows:

Implementation Status

| Phase | Component | Status | |-------|-----------|--------| | 0.1 | Authorization Artifacts | ✅ Complete | | 0.2 | Join Tokens + HPKE | ✅ Complete | | 0.3 | Router Attestation | ✅ Complete | | 1 | Room Management | ✅ Complete | | 2 | MLS Integration | ✅ Complete | | 3 | Membership Management | ✅ Complete | | 4 | Host/Delivery Service | ✅ Complete | | 5 | Messaging & Receipts | ✅ Complete | | 6 | Router Implementation | 🟡 Framework Ready | | 7 | DIDComm Transport | 🟡 Framework Ready | | 8 | Complete API | ✅ Complete | | 9 | Testing & Docs | 🟡 In Progress |

Roadmap

  • [ ] Complete message handler implementations
  • [ ] Router mesh topology implementation
  • [ ] Full DIDComm transport integration
  • [ ] Message Pickup protocol integration
  • [ ] Comprehensive integration tests
  • [ ] Performance benchmarks
  • [ ] Production deployment guide

License

Apache-2.0

Contributing

Contributions welcome! Please see the main Credo repository for contribution guidelines.

Resources