Implement exchange protocol that is used by key-exchange-server

	* Split codebase to different source files
	* Modified integration test

.github/workflows/ci.yml

@@ -50,7 +50,7 @@ jobs:
         with:
           toolchain: stable
       - name: Run tests for [common-api]
-        run: cargo test -p common-api --tests --all-features 
+        run: cargo test -p common-api --tests --all-features
   tests-near:
     name: tests-near
     needs: [clippy, fmt]
@@ -62,17 +62,15 @@ jobs:
         with:
           toolchain: stable
           target: wasm32-unknown-unknown
-      - name: Set up ssh access
-        env:
-          SSH_AUTH_SOCK: /tmp/ssh_agent.sock
-        run: |
-          mkdir -p -m 0700 ~/.ssh
-          ssh-keyscan github.com >> ~/.ssh/known_hosts
-          ssh-agent -a $SSH_AUTH_SOCK > /dev/null
-          ssh-add - <<< "${{ secrets.SMARTCONTRACTS_SSH_PRIVATE_KEY }}"
+      - name: Setup ssh access for a private repositories
+        uses: webfactory/ssh-agent@v0.7.0
+        with:
+          ssh-private-key: |
+            ${{ secrets.CLIENT_SSH_PRIVATE_KEY }}
+            ${{ secrets.SMARTCONTRACTS_SSH_PRIVATE_KEY }}
       - name: Run tests for [near-rpc]
         env:
-          SSH_AUTH_SOCK: /tmp/ssh_agent.sock
+          CARGO_NET_GIT_FETCH_WITH_CLI: true
         run: cargo test -p near-rpc --tests
   tests-web:
     name: tests-web
@@ -89,7 +87,7 @@ jobs:
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
       - name: Setup ssh access for a private repositories
-        uses: webfactory/ssh-agent@v0.5.4
+        uses: webfactory/ssh-agent@v0.7.0
         with:
           ssh-private-key: |
             ${{ secrets.CLIENT_SSH_PRIVATE_KEY }}

Dockerfile

@@ -20,4 +20,4 @@ RUN apt-get install -y chromium-driver
 ENV WASM_BINDGEN_TEST_TIMEOUT=120
 
 # Run tests
-CMD wasm-pack test --headless --chrome --tests
+CMD wasm-pack test --headless --chrome

near-rpc/Cargo.toml

@@ -8,7 +8,7 @@ The basic implementation of NEAR RPC.
 """
 
 [dependencies]
-base64 = { version = "0.13" }
+base64 = { version = "0.20" }
 bs58 = "0.4"
 borsh = "0.9"
 common-api = { path = "../common-api" }
@@ -23,7 +23,6 @@ thiserror = "1"
 url = "2"
 
 [dev-dependencies]
-git2 = "0.15.0"
 reqwest = { version = "0.11", features = ["json"] }
 rand = "0.8.5"
 rand_chacha = "0.3"

near-rpc/tests/rpc.rs

@@ -1,15 +1,19 @@
-use common_api::crypto::prelude::*;
-use git2::{Cred, RemoteCallbacks};
-use near_primitives_light::{types::Finality, views::AccessKeyView};
 use near_rpc::{
     client::{NearClient, Signer},
     utils::{ViewAccessKey, ViewAccessKeyResult},
 };
+
+use std::{
+    fs::{create_dir_all, write},
+    str::FromStr,
+};
+
+use common_api::crypto::prelude::*;
+use near_primitives_light::{types::Finality, views::AccessKeyView};
 use rand::{RngCore, SeedableRng};
 use rand_chacha::ChaChaRng;
 use reqwest::Url;
 use serde_json::json;
-use std::{fs::write, path::Path, str::FromStr};
 use workspaces::{network::Sandbox, types::SecretKey, AccountId, Worker};
 
 // auxiliary structs and methods
@@ -60,30 +64,25 @@ async fn clone_and_compile_wasm() -> Vec<u8> {
     let tmp_path = temp_dir().into_path();
     let repo_path = format!("{}/near-smartcontracts", tmp_path.to_string_lossy());
     let target_path = format!("{repo_path}/test-contract");
-    let repo_url = "git@github.com:Relayz-io/near-smartcontracts.git";
-
-    // Prepare callbacks.
-    let mut callbacks = RemoteCallbacks::new();
-    callbacks.credentials(|_, username_from_url, _| {
-        let username = username_from_url
-            .ok_or_else(|| git2::Error::from_str("Parsing the given URL is failed"))
-            .unwrap();
-        Cred::ssh_key_from_agent(username)
-    });
 
-    // Prepare fetch options.
-    let mut fo = git2::FetchOptions::new();
-    fo.remote_callbacks(callbacks);
+    create_dir_all(repo_path.clone()).unwrap();
 
-    // Prepare builder.
-    let mut builder = git2::build::RepoBuilder::new();
-    builder.fetch_options(fo);
-    builder.branch("main");
+    let status = std::process::Command::new("git")
+        .arg("clone")
+        .arg("git@github.com:Relayz-io/near-smartcontracts.git")
+        .arg(&repo_path)
+        .spawn()
+        .unwrap()
+        .wait()
+        .unwrap();
 
-    // Clone the project.
-    builder.clone(repo_url, Path::new(&repo_path)).unwrap();
+    if !status.success() {
+        panic!("Failed to clone a near-smartcontracts");
+    }
 
-    workspaces::compile_project(&target_path).await.unwrap()
+    workspaces::compile_project(target_path.as_str())
+        .await
+        .unwrap()
 }
 
 fn random_bits() -> [u8; ED25519_SECRET_KEY_LENGTH] {

web-client/Cargo.toml

@@ -11,32 +11,31 @@ crate-type = ["cdylib", "rlib"]
 
 [dependencies]
 aes-gcm = "0.10"
-blake2 = "0.10"
-base64 = "0.13"
-console_error_panic_hook = "0.1.7"
+blake3 = "1.3"
+base64 = "0.20"
+console_error_panic_hook = "0.1"
 common-api = { path = "../common-api" }
+console_log = { version = "0.2", features = ["color"] }
 futures = "0.3"
-gloo-timers = { version = "0.2.4", features = ["futures-core", "futures"] }
+gloo-timers = { version = "0.2", features = ["futures-core", "futures"] }
 itertools = "0.10"
 js-sys = "0.3"
+log = "0.4"
 near-primitives-light = { path = "../near-primitives-light" }
 near-primitives-core = "0.15"
 near-units = "0.2"
 near-rpc = { path = "../near-rpc" }
-rand = { version = "0.8.5" }
-reqwest = { version = "0.11", features = ["json"] }
+rand = { version = "0.8" }
 rand_chacha = "0.3"
-serde-wasm-bindgen = "0.4.3"
+reqwest = { version = "0.11", features = ["json"] }
+serde-wasm-bindgen = "0.4"
 serde = { version = "1", default-features = false, features = ["derive"] }
 serde_json = { version = "1", default-features = false }
 uuid = { version = "1.1.2", features = ["v4", "serde", "js"] }
 url = "2.2"
 wasm-bindgen = { version = "0.2", features = ["serde-serialize"] }
-wasm-bindgen-test = "0.3"
-wasm-bindgen-futures = "0.4.32"
-web-sys = { version = "0.3", features = ["console", "WebSocket", "WebSocketDict", "WebSocketElement", "Window"] }
-
+wasm-bindgen-futures = "0.4"
+web-sys = { version = "0.3", features = ["console"] }
 
 [dev-dependencies]
-anyhow = "1"
 wasm-bindgen-test = "0.3"

web-client/src/contract.rs

@@ -0,0 +1,152 @@
+use near_rpc::{
+    client::{NearClient, Signer},
+    Finality,
+};
+
+use crate::{error::ApiError, Handler};
+use common_api::crypto::prelude::*;
+use near_primitives_core::{hash::CryptoHash, types::AccountId};
+use near_units::parse_gas;
+use std::collections::HashSet;
+use uuid::Uuid;
+use wasm_bindgen::prelude::*;
+
+pub async fn init_meeting(
+    Handler {
+        contract_id,
+        rpc_url,
+        ..
+    }: &Handler,
+    signer: &Signer,
+    participants: HashSet<AccountId>,
+) -> Result<(Uuid, CryptoHash), JsValue> {
+    let client = NearClient::new(rpc_url.clone()).map_err(ApiError::from)?;
+    let meet_id = Uuid::new_v4();
+
+    let transaction_id = client
+        .function_call(signer, contract_id, "init_meeting")
+        .args(serde_json::json!({
+            "meet_id": meet_id,
+            "participants": participants
+        }))
+        .gas(parse_gas!("300 T") as u64)
+        .commit(Finality::None)
+        .await
+        .map_err(ApiError::from)?
+        .id();
+
+    Ok((meet_id, transaction_id))
+}
+
+pub async fn add_participant(
+    Handler {
+        contract_id,
+        rpc_url,
+        ..
+    }: &Handler,
+    signer: &Signer,
+    meet_id: Uuid,
+    participant: AccountId,
+) -> Result<CryptoHash, ApiError> {
+    let client = NearClient::new(rpc_url.clone())?;
+
+    let transaction_id = client
+        .function_call(signer, contract_id, "add_participant")
+        .args(serde_json::json!({
+            "meet_id": meet_id,
+            "participant": participant
+        }))
+        .commit(Finality::None)
+        .await?
+        .id();
+
+    Ok(transaction_id)
+}
+
+pub async fn view_moderator_account(
+    Handler {
+        contract_id,
+        rpc_url,
+        ..
+    }: &Handler,
+    meet_id: Uuid,
+) -> Result<Option<AccountId>, ApiError> {
+    let client = NearClient::new(rpc_url.clone())?;
+
+    let moderator = client
+        .view::<Option<AccountId>>(
+            contract_id,
+            Finality::None,
+            "view_moderator_account",
+            Some(serde_json::json!({ "meet_id": meet_id })),
+        )
+        .await?
+        .data();
+
+    Ok(moderator)
+}
+
+pub async fn view_meet_participants(
+    Handler {
+        contract_id,
+        rpc_url,
+        ..
+    }: &Handler,
+    meet_id: Uuid,
+) -> Result<Option<HashSet<AccountId>>, ApiError> {
+    let client = NearClient::new(rpc_url.clone())?;
+
+    let participants = client
+        .view::<Option<HashSet<AccountId>>>(
+            contract_id,
+            Finality::None,
+            "view_meet_participants",
+            Some(serde_json::json!({ "meet_id": meet_id })),
+        )
+        .await?
+        .data();
+
+    Ok(participants)
+}
+
+pub async fn is_meet_participant(
+    Handler {
+        contract_id,
+        rpc_url,
+        ..
+    }: &Handler,
+    meet_id: Uuid,
+    participant: AccountId,
+) -> Result<bool, ApiError> {
+    let client = NearClient::new(rpc_url.clone())?;
+
+    let is_session_participant = *client
+        .view::<bool>(
+            contract_id,
+            Finality::None,
+            "is_meet_participant",
+            Some(serde_json::json!({
+                "meet_id": meet_id,
+                "participant": participant
+            })),
+        )
+        .await?;
+
+    Ok(is_session_participant)
+}
+
+pub async fn view_server_key(
+    Handler {
+        contract_id,
+        rpc_url,
+        ..
+    }: &Handler,
+) -> Result<Ed25519PublicKey, ApiError> {
+    let client = NearClient::new(rpc_url.clone())?;
+
+    let public_key = *client
+        .view::<Ed25519PublicKey>(contract_id, Finality::None, "view_server_key", None)
+        .await?;
+
+    Ok(public_key)
+}

web-client/src/crypto.rs

@@ -0,0 +1,62 @@
+use crate::error::ApiError;
+use aes_gcm::{aead::Aead, Aes256Gcm, KeyInit, Nonce};
+use common_api::{crypto::prelude::*, crypto::Error};
+use rand::{RngCore, SeedableRng};
+use rand_chacha::ChaChaRng;
+use uuid::Uuid;
+
+fn dhx(
+    sk: &Ed25519SecretKey,
+    other_pk: Ed25519PublicKey,
+) -> Result<[u8; SECRET_KEY_LENGTH], Error> {
+    let secret_key = SecretKey::try_from(Ed25519SecretKey::try_from_bytes(sk.as_bytes())?)?;
+    let other_public_key = PublicKey::try_from(other_pk)?;
+
+    Ok(secret_key.exchange(&other_public_key))
+}
+
+fn kdf(input: [u8; SECRET_KEY_LENGTH]) -> [u8; blake3::OUT_LEN] {
+    // TODO: insert a commit hash to make it up to date
+    blake3::derive_key("sample", &input)
+}
+
+pub fn secret() -> [u8; 32] {
+    let mut chacha = ChaChaRng::from_entropy();
+    let mut bytes = [0_u8; 32];
+    chacha.fill_bytes(&mut bytes);
+    bytes
+}
+
+pub fn encrypt(
+    sk: &Ed25519SecretKey,
+    other_pk: Ed25519PublicKey,
+    _exchange_id: Uuid,
+    secret: &[u8],
+) -> Result<Vec<u8>, ApiError> {
+    let bytes = dhx(sk, other_pk).map_err(ApiError::from)?;
+    let secret_key = kdf(bytes);
+    let aes = Aes256Gcm::new_from_slice(&secret_key)
+        .map_err(|err| ApiError::AesKeyCreation(err.to_string()))?;
+    let msg = aes
+        .encrypt(Nonce::from_slice(b"unique nonce"), secret) // TODO: create unique nonce for each encrypt-decrypt pair
+        .map_err(|err| ApiError::MessageEncryption(err.to_string()))?;
+
+    Ok(msg)
+}
+
+pub fn decrypt(
+    sk: &Ed25519SecretKey,
+    other_pk: Ed25519PublicKey,
+    _exchange_id: Uuid,
+    msg: Vec<u8>,
+) -> Result<Vec<u8>, ApiError> {
+    let bytes = dhx(sk, other_pk).map_err(ApiError::from)?;
+    let secret_key = kdf(bytes);
+    let aes = Aes256Gcm::new_from_slice(&secret_key)
+        .map_err(|err| ApiError::AesKeyCreation(err.to_string()))?;
+    let secret = aes
+        .decrypt(Nonce::from_slice(b"unique nonce"), msg.as_slice())
+        .map_err(|err| ApiError::MessageEncryption(err.to_string()))?;
+
+    Ok(secret)
+}

web-client/src/error.rs

@@ -0,0 +1,73 @@
+use common_api::crypto::Error as CryptoErr;
+use near_primitives_core::account::id::ParseAccountError;
+use near_rpc::Error;
+use reqwest::Error as ExchangeError;
+use serde::{Deserialize, Serialize};
+use serde_json::Error as SerializationError;
+use wasm_bindgen::prelude::*;
+
+#[derive(Clone, Debug, Deserialize, Serialize)]
+#[serde(tag = "error", content = "body")]
+#[serde(rename_all = "snake_case")]
+pub enum ApiError {
+    KeyExchange(String),
+    DeserializeResponse(String),
+    SerializeData(String),
+    NearClient(String),
+    InvalidAccountId(String),
+    InvalidSessionUuid(String),
+    CryptoError(String),
+    CreateSignatureHeader,
+    VerifySignatureHeader,
+    NoSignatureHeader,
+    CallTimeout(String),
+    AesKeyCreation(String),
+    MessageEncryption(String),
+    MessageDecryption(String),
+    Other(String),
+}
+
+impl From<Error> for ApiError {
+    fn from(err: Error) -> Self {
+        Self::NearClient(err.to_string())
+    }
+}
+
+impl From<ParseAccountError> for ApiError {
+    fn from(err: ParseAccountError) -> Self {
+        Self::InvalidAccountId(err.to_string())
+    }
+}
+
+impl From<CryptoErr> for ApiError {
+    fn from(err: CryptoErr) -> Self {
+        Self::CryptoError(err.to_string())
+    }
+}
+
+impl From<ExchangeError> for ApiError {
+    fn from(err: ExchangeError) -> Self {
+        Self::KeyExchange(err.to_string())
+    }
+}
+
+impl From<SerializationError> for ApiError {
+    fn from(err: SerializationError) -> Self {
+        Self::DeserializeResponse(err.to_string())
+    }
+}
+
+impl From<uuid::Error> for ApiError {
+    fn from(err: uuid::Error) -> Self {
+        Self::InvalidSessionUuid(err.to_string())
+    }
+}
+
+impl From<ApiError> for JsValue {
+    fn from(api_err: ApiError) -> Self {
+        match serde_wasm_bindgen::to_value(&api_err) {
+            Ok(value) => value,
+            Err(err) => err.into(),
+        }
+    }
+}

web-client/src/errors.rs

@@ -1,61 +0,0 @@
-use near_primitives_core::account::id::ParseAccountError;
-use near_rpc::Error;
-use wasm_bindgen::convert::{FromWasmAbi, IntoWasmAbi};
-use wasm_bindgen::prelude::*;
-
-#[wasm_bindgen]
-#[derive(Clone, Debug)]
-pub struct ApiError {
-    r#type: ErrorType,
-    msg: String,
-}
-
-#[wasm_bindgen]
-impl ApiError {
-    pub fn err_msg(&self) -> String {
-        self.msg.clone()
-    }
-
-    pub fn err_type(&self) -> ErrorType {
-        self.r#type
-    }
-}
-
-impl ApiError {
-    pub fn new(r#type: ErrorType, msg: String) -> Self {
-        Self { r#type, msg }
-    }
-}
-
-impl From<JsValue> for ApiError {
-    fn from(value: JsValue) -> Self {
-        // Should be used only for tests.
-        // No other purpose to use it in code shouldn't appear
-        unsafe { Self::from_abi(value.into_abi()) }
-    }
-}
-
-#[wasm_bindgen]
-#[derive(Clone, Copy, Debug)]
-pub enum ErrorType {
-    NearClient,
-    Other,
-}
-
-impl From<Error> for ApiError {
-    fn from(error: Error) -> Self {
-        ApiError {
-            r#type: ErrorType::NearClient,
-            msg: error.to_string(),
-        }
-    }
-}
-
-impl From<ParseAccountError> for ApiError {
-    fn from(err: ParseAccountError) -> Self {
-        Self::new(
-            ErrorType::NearClient,
-            format!("AccountId has wrong format. Cause: {err}"),
-        )
-    }
-}

web-client/src/exchange_client.rs

@@ -0,0 +1,165 @@
+use common_api::{
+    api::{Data, ExchangeMessage, ParticipantInfo, PublicKeys},
+    headers::{SignatureHeader, SIGNATURE_HEADER_NAME},
+};
+
+use reqwest::{
+    header::{HeaderMap, HeaderName, HeaderValue, CONTENT_TYPE},
+    Client, ClientBuilder, Response,
+};
+
+use crate::{contract::view_server_key, error::ApiError, Handler};
+use near_primitives_core::types::AccountId;
+use near_rpc::client::Signer;
+use std::{collections::HashSet, time::Duration};
+use uuid::Uuid;
+use wasm_bindgen::JsValue;
+
+type Result<T> = std::result::Result<T, JsValue>;
+
+fn client() -> Result<Client> {
+    let mut headers = HeaderMap::new();
+    headers.insert(CONTENT_TYPE, HeaderValue::from_static("application/json"));
+
+    ClientBuilder::new()
+        .default_headers(headers)
+        .build()
+        .map_err(|err| ApiError::Other(err.to_string()).into())
+}
+
+pub async fn public_keys(
+    handler: &Handler,
+    signer: &Signer,
+    meet_id: Uuid,
+    participants: HashSet<AccountId>,
+) -> Result<Vec<ParticipantInfo>> {
+    let client = client()?;
+
+    let public_keys = PublicKeys {
+        timeout: Duration::from_secs(10),
+        participants,
+    };
+
+    let signature_header = signature_header(&public_keys, signer)?;
+
+    // TODO: Handle Server errors
+    let response = client
+        .post(handler.add_path("v1/public-keys"))
+        .query(&[("meet_id", meet_id)])
+        .header(
+            HeaderName::from_static(SIGNATURE_HEADER_NAME),
+            HeaderValue::from_str(&signature_header)
+                .map_err(|_| ApiError::CreateSignatureHeader)?,
+        )
+        .json(&public_keys)
+        .send()
+        .await
+        .and_then(Response::error_for_status)
+        .map_err(ApiError::from)?;
+
+    let infos =
+        serde_json::from_slice::<Vec<ParticipantInfo>>(&verify_response(handler, response).await?)
+            .map_err(ApiError::from)?;
+
+    Ok(infos)
+}
+
+pub async fn receive(handler: &Handler, signer: &Signer, meet_id: Uuid) -> Result<Data> {
+    let client = client()?;
+
+    let duration = Duration::from_secs(10);
+    let signature_header = signature_header(&duration, signer)?;
+
+    // TODO: Handle Server errors
+    let response = client
+        .post(handler.add_path("v1/receive"))
+        .query(&[("meet_id", meet_id)])
+        .header(
+            HeaderName::from_static(SIGNATURE_HEADER_NAME),
+            HeaderValue::from_str(&signature_header)
+                .map_err(|_| ApiError::CreateSignatureHeader)?,
+        )
+        .json(&duration)
+        .send()
+        .await
+        .and_then(Response::error_for_status)
+        .map_err(ApiError::from)?;
+
+    let data = serde_json::from_slice::<Data>(&verify_response(handler, response).await?)
+        .map_err(ApiError::from)?;
+
+    Ok(data)
+}
+
+pub async fn exchange(
+    handler: &Handler,
+    signer: &Signer,
+    meet_id: Uuid,
+    messages: Vec<ExchangeMessage>,
+) -> Result<()> {
+    let client = client()?;
+
+    let signature_header = signature_header(&messages, signer)?;
+
+    let response = client
+        .post(handler.add_path("v1/exchange"))
+        .query(&[("meet_id", meet_id)])
+        .header(
+            HeaderName::from_static(SIGNATURE_HEADER_NAME),
+            HeaderValue::from_str(&signature_header)
+                .map_err(|_| ApiError::CreateSignatureHeader)?,
+        )
+        .json(&messages)
+        .send()
+        .await
+        .and_then(Response::error_for_status)
+        .map_err(ApiError::from)?;
+
+    let _ = verify_response(handler, response).await?;
+
+    Ok(())
+}
+
+fn signature_header<T: serde::Serialize>(value: &T, signer: &Signer) -> Result<String> {
+    serde_json::to_vec(value)
+        .map_err(|_| ApiError::CreateSignatureHeader.into())
+        .and_then(|bytes| {
+            let header = SignatureHeader {
+                public_key: *signer.public_key(),
+                account_id: signer.account().to_owned(),
+                signature: signer.sign(&bytes),
+            };
+
+            serde_json::to_vec(&header).map_err(|_| ApiError::CreateSignatureHeader.into())
+        })
+        .map(base64::encode)
+}
+
+async fn verify_response(handler: &Handler, response: Response) -> Result<Vec<u8>> {
+    let Some(header) = response.headers().get(HeaderName::from_static(SIGNATURE_HEADER_NAME)) else {
+        return Err(ApiError::NoSignatureHeader.into())
+    };
+
+    let SignatureHeader { signature, .. } = header
+        .to_str()
+        .map_err(|_| ApiError::VerifySignatureHeader)
+        .and_then(|header_str| {
+            base64::decode(header_str).map_err(|_| ApiError::VerifySignatureHeader)
+        })
+        .and_then(|bytes| {
+            serde_json::from_slice::<SignatureHeader>(&bytes)
+                .map_err(|_| ApiError::VerifySignatureHeader)
+        })?;
+
+    let bytes = response
+        .bytes()
+        .await
+        .map_err(|_| ApiError::VerifySignatureHeader)?;
+
+    let server_public_key = view_server_key(handler).await?;
+    server_public_key
+        .verify(&bytes, &signature)
+        .map_err(|_| ApiError::VerifySignatureHeader)?;
+
+    Ok(bytes.to_vec())
+}

web-client/src/lib.rs

@@ -1,57 +1,73 @@
-use aes_gcm::{
-    aead::{Aead, KeyInit},
-    Aes256Gcm, Nonce as AesNonce,
+mod contract;
+mod crypto;
+pub mod error;
+mod exchange_client;
+
+pub use contract::{
+    add_participant, init_meeting, is_meet_participant, view_meet_participants,
+    view_moderator_account,
 };
-use futures::{lock::Mutex, select, FutureExt};
-use itertools::Itertools;
-use rand::{RngCore, SeedableRng};
-use serde_json::json;
-use wasm_bindgen::prelude::*;
-
-use near_primitives_core::{account::id::AccountId, types::Nonce};
-use near_primitives_light::types::Finality;
-use near_rpc::client::{NearClient, Signer};
-
-use js_sys::Promise;
-
-use std::{ops::DerefMut, str::FromStr, sync::Arc};
 
-use blake2::{
-    digest::{Update, VariableOutput},
-    Blake2bVar,
-};
-
-pub mod errors;
-use common_api::crypto::prelude::*;
-
-use errors::{ApiError, ErrorType};
+use common_api::api::{Data, ExchangeMessage};
+use crypto::{decrypt, encrypt, secret};
+use error::ApiError;
+use exchange_client::{exchange, public_keys, receive};
+use futures::{select, FutureExt};
 use gloo_timers::future::TimeoutFuture;
-
-#[allow(unused_macros)]
-macro_rules! console_log {
-    ($($t:tt)*) => (web_sys::console::log_1(&format!($($t)*).into()))
-}
+use itertools::Itertools;
+use js_sys::Promise;
+use log::{info, warn};
+use near_primitives_core::{account::id::AccountId, hash::CryptoHash, types::Nonce};
+use near_rpc::client::Signer;
+use serde::{Deserialize, Serialize};
+use std::{collections::HashSet, str::FromStr, sync::Arc};
+use url::Url;
+use uuid::Uuid;
+use wasm_bindgen::prelude::*;
 
 type Result<T> = std::result::Result<T, ApiError>;
 
 #[wasm_bindgen(start)]
-pub fn start() -> std::result::Result<(), JsValue> {
+pub fn start() -> Result<()> {
     console_error_panic_hook::set_once();
+    console_log::init().unwrap();
     Ok(())
 }
 
-struct Handler {
+fn to_value<T: Serialize>(value: &T) -> JsValue {
+    match serde_wasm_bindgen::to_value(value) {
+        Ok(value) => value,
+        Err(err) => err.into(),
+    }
+}
+
+pub struct Handler {
     contract_id: AccountId,
-    owner_sk: SecretKey,
-    url: url::Url,
+    secret: [u8; 32],
+    exchange_url: url::Url,
+    rpc_url: url::Url,
+}
+
+impl Handler {
+    pub fn add_path(&self, path: &str) -> url::Url {
+        let mut url = self.exchange_url.clone();
+        url.set_path(path);
+        url
+    }
+}
+
+#[derive(Clone, Debug, Serialize, Deserialize)]
+pub struct Meeting {
+    pub meet_id: Uuid,
+    pub transaction_id: CryptoHash,
 }
 
 #[wasm_bindgen]
 #[derive(Debug, Clone)]
 pub struct ProvisionerConfig {
     contract_id: AccountId,
-    rpc_url: url::Url,
-    key_exchange_url: url::Url,
+    rpc_url: Url,
+    exchange_url: Url,
 }
 
 #[wasm_bindgen]
@@ -62,25 +78,23 @@ impl ProvisionerConfig {
         rpc_url: &str,
         exchange_url: &str,
     ) -> Result<ProvisionerConfig> {
-        let rpc_url = url::Url::from_str(rpc_url)
-            .map_err(|err| ApiError::new(ErrorType::NearClient, err.to_string()))?;
-        let key_exchange_url = url::Url::from_str(exchange_url)
-            .map_err(|err| ApiError::new(ErrorType::NearClient, err.to_string()))?;
-        let contract_id = AccountId::from_str(&contract_id).map_err(Into::<ApiError>::into)?;
+        let rpc_url = Url::from_str(rpc_url)
+            .map_err(|err| ApiError::Other(format!("Bad rpc url, cause {err}")))?;
+        let exchange_url = Url::from_str(exchange_url)
+            .map_err(|err| ApiError::Other(format!("Bad exchange url, cause {err}")))?;
+        let contract_id = AccountId::from_str(&contract_id).map_err(ApiError::from)?;
 
         Ok(Self {
             contract_id,
             rpc_url,
-            key_exchange_url,
+            exchange_url,
         })
     }
 }
 
 #[wasm_bindgen]
 pub struct KeyProvisioner {
-    client: Arc<NearClient>,
-    participants: Arc<Mutex<Option<Vec<String>>>>,
-    signer: Arc<Mutex<Signer>>,
+    signer: Arc<Signer>,
     handler: Arc<Handler>,
 }
 
@@ -89,11 +103,7 @@ impl KeyProvisioner {
         Arc::clone(&self.handler)
     }
 
-    fn client(&self) -> Arc<NearClient> {
-        Arc::clone(&self.client)
-    }
-
-    fn signer(&self) -> Arc<Mutex<Signer>> {
+    fn signer(&self) -> Arc<Signer> {
         Arc::clone(&self.signer)
     }
 }
@@ -105,29 +115,25 @@ impl KeyProvisioner {
         keypair_str: String,
         nonce: Nonce,
         account_id: String,
-        config: ProvisionerConfig,
+        ProvisionerConfig {
+            contract_id,
+            rpc_url,
+            exchange_url,
+        }: ProvisionerConfig,
     ) -> Result<KeyProvisioner> {
-        let client = Arc::new(NearClient::new(config.rpc_url).map_err(ApiError::from)?);
-        let signer = Arc::new(Mutex::new(
-            Signer::from_secret_str(
-                &keypair_str,
-                AccountId::from_str(&account_id).map_err(Into::<ApiError>::into)?,
-                nonce,
-            )
-            .map_err(ApiError::from)?,
-        ));
+        let signer = Arc::new(Signer::from_secret_str(
+            &keypair_str,
+            AccountId::from_str(&account_id)?,
+            nonce,
+        )?);
         let handler = Arc::new(Handler {
-            contract_id: config.contract_id,
-            owner_sk: new_secret()?,
-            url: config.key_exchange_url,
+            contract_id,
+            secret: secret(),
+            exchange_url,
+            rpc_url,
         });
 
-        Ok(Self {
-            client,
-            signer,
-            handler,
-            participants: Arc::new(Mutex::new(None)),
-        })
+        Ok(Self { signer, handler })
     }
 
     /// Initializes meeting by calling the contract and providing there a set of participants' keys
@@ -136,66 +142,37 @@ impl KeyProvisioner {
     ///
     /// - participants_set - The [`js_sys::Set`] represents hash set of participants' keys
     /// - timeout_ms - The [`u32`] that represents milliseconds that were given not to be exceeded
-    pub fn init(&self, participants_set: js_sys::Set, timeout_ms: u32) -> Promise {
+    pub fn init_meeting(&self, participants_set: js_sys::Set, timeout_ms: u32) -> Promise {
         let handler = self.handler();
-        let client = self.client();
         let signer = self.signer();
-        let participants_lock = self.participants.clone();
 
-        let init = async move {
-            let exchange_uuid = uuid::Uuid::new_v4();
-            let (contract_id, owner_pk) = (
-                handler.contract_id.clone(),
-                PublicKey::from(&handler.owner_sk),
-            );
-
-            let res: Vec<Result<String>> = participants_set
-                .keys()
+        let init_meeting = async move {
+            let participants: HashSet<AccountId> = participants_set
+                .values()
                 .into_iter()
-                .map(|item| {
-                    item.map(|it| {
-                        it.as_string()
-                            .ok_or_else(|| {
-                                ApiError::new(
-                                    ErrorType::Other,
-                                    "participants_set is empty".to_owned(),
-                                )
-                            })
-                            .map_err(ApiError::from)
-                    })
+                .map_ok(|it| {
+                    let Some(acc_id) = it.as_string() else {
+                        return Err(ApiError::Other("Set item type isn't a string".to_owned()));
+                    };
+
+                    AccountId::from_str(&acc_id).map_err(ApiError::from)
                 })
+                .flatten_ok()
                 .try_collect()?;
 
-            let participants: Vec<String> = res.into_iter().try_collect()?;
-
-            client
-                .function_call(
-                    signer.lock().await.deref_mut(),
-                    &contract_id,
-                    "init_meeting",
-                )
-                .gas(near_units::parse_gas!("20 T") as u64)
-                .args(json!({
-                    "owner_public_key": base64::encode(owner_pk.to_bytes()),
-                    "id": exchange_uuid.to_string(),
-                    "participants": participants,
-                }))
-                .build()
-                .map_err(ApiError::from)?
-                .commit(Finality::Final)
-                .await
-                .map_err(ApiError::from)?;
-
-            *participants_lock.lock_owned().await = Some(participants);
-
-            Ok(JsValue::from_str(&exchange_uuid.to_string()))
+            let (meet_id, transaction_id) = init_meeting(&handler, &signer, participants).await?;
+
+            Ok(to_value(&Meeting {
+                meet_id,
+                transaction_id,
+            }))
         };
 
         wasm_bindgen_futures::future_to_promise(async move {
             select! {
-                uuid = init.fuse() => uuid,
+                meet = init_meeting.fuse() => meet,
                 _ = TimeoutFuture::new(timeout_ms).fuse() => {
-                    Err(JsValue::from(ApiError::new(ErrorType::Other, "The initialization has been timed out".to_string())))
+                    Err(ApiError::CallTimeout("The initialization has been timed out".to_owned()).into())
                 }
             }
         })
@@ -209,112 +186,67 @@ impl KeyProvisioner {
     /// - timeout_ms - The [`u32`] that represents milliseconds that were given not to be exceeded
     pub fn send_keys(&self, meeting_id: String, timeout_ms: u32) -> Promise {
         let handler = self.handler();
-        let client = self.client();
-        let participants_lock = self.participants.clone();
+        let signer = self.signer();
+
         let send_keys = async move {
-            let guard = participants_lock.lock().await;
-            let participants = guard
-                .as_ref()
-                .ok_or_else(|| ApiError::new(ErrorType::Other, "Empty participants".to_owned()))?;
-
-            let (contract_id, url) = (handler.contract_id.clone(), &handler.url);
-
-            let fetch_participants_keys = participants.iter().map(|participant| {
-                let client_cp = client.clone();
-                let contract_cp = contract_id.clone();
-                let meeting_id_cp = meeting_id.clone();
-                async move {
-                    loop {
-                        let resp = client_cp
-                            .view::<Option<String>>(
-                                &contract_cp,
-                                Finality::None,
-                                "public_key",
-                                Some(json!({
-                                    "id": meeting_id_cp,
-                                    "participant_id": participant.to_string()
-                                })),
-                            )
-                            .await
-                            .map_err(|err| ApiError::new(ErrorType::NearClient, err.to_string()))?
-                            .data();
-
-                        if let Some(key) = resp {
-                            return Ok::<(String, String), ApiError>((
-                                key,
-                                participant.to_string(),
-                            ));
+            let meet_id = Uuid::from_str(&meeting_id).map_err(ApiError::from)?;
+
+            let mut participants = view_meet_participants(&handler, meet_id)
+                .await?
+                .ok_or_else(|| {
+                    ApiError::InvalidSessionUuid(format!("Wrong Session ID: {meet_id}"))
+                })?;
+
+            info!("Get a meeting participants {participants:?}");
+
+            while !participants.is_empty() {
+                let infos =
+                    match public_keys(&handler, &signer, meet_id, participants.clone()).await {
+                        Ok(infos) => infos,
+                        Err(err) => {
+                            warn!("Failed to fetch a public keys, cause {err:?}");
+                            continue;
                         }
-                    }
-                }
-            });
+                    };
 
-            let participants_keys = futures::future::try_join_all(fetch_participants_keys).await?;
+                // remove infos that is already processed
+                for key in &infos {
+                    participants.remove(&key.account_id);
+                }
 
-            let keys: Vec<(PublicKey, String)> = participants_keys
-                .into_iter()
-                .map(|(pk, participant_id)| {
-                    base64::decode(pk)
-                        .map(|it| (it, participant_id))
-                        .map_err(|err| ApiError::new(ErrorType::Other, err.to_string()))
-                        .and_then(|(pk_bytes, participant_id)| {
-                            PublicKey::try_from_bytes(&pk_bytes)
-                                .map(|it| (it, participant_id))
-                                .map_err(|err| ApiError::new(ErrorType::Other, err.to_string()))
+                let messages = infos
+                    .into_iter()
+                    .map(|info| {
+                        let sk = signer.secret_key();
+                        let other_pk = info.public_key;
+                        let msg = encrypt(sk, other_pk, meet_id, &handler.secret)?;
+                        Ok::<ExchangeMessage, JsValue>(ExchangeMessage {
+                            account_id: info.account_id,
+                            message: Data {
+                                data: msg,
+                                moderator_pk: signer.public_key().to_owned(),
+                            },
                         })
-                })
-                .try_collect()?;
-
-            let aes_secret = base64::encode(new_secret()?.to_bytes());
+                    })
+                    .try_collect()?;
 
-            let encrypted_keys: Vec<(Vec<u8>, String)> = keys
-                .into_iter()
-                .map(|(pk, participant_id)| {
-                    let res_key = handler.owner_sk.exchange(&pk);
-                    encrypt(&res_key, aes_secret.as_bytes(), participant_id)
-                })
-                .try_collect()?;
+                exchange(&handler, &signer, meet_id, messages).await?;
+            }
 
-            let meeting_url = url
-                .join("meeting")
-                .map_err(|err| ApiError::new(ErrorType::Other, err.to_string()))?;
-
-            let _: Vec<reqwest::Response> = futures::future::try_join_all(
-                encrypted_keys.into_iter().map(|(bytes, participant_id)| {
-                    let client = reqwest::ClientBuilder::new().build().unwrap();
-                    client
-                        .post(meeting_url.clone())
-                        .query(&[
-                            ("id", serde_json::to_value(meeting_id.clone()).unwrap()),
-                            ("participant", serde_json::to_value(participant_id).unwrap()),
-                        ])
-                        .json(&serde_json::Value::String(base64::encode(bytes)))
-                        .send()
-                }),
-            )
-            .await
-            .map_err(|err| ApiError::new(ErrorType::Other, err.to_string()))?
-            .into_iter()
-            .map(|it| {
-                it.error_for_status()
-                    .map_err(|err| ApiError::new(ErrorType::Other, err.to_string()))
-            })
-            .try_collect()?;
-
-            Ok(JsValue::from_str(&aes_secret))
+            Ok(JsValue::from_str(&base64::encode(handler.secret)))
         };
 
         wasm_bindgen_futures::future_to_promise(async move {
             select! {
                 aes_secret = send_keys.fuse() => aes_secret,
                 _ = TimeoutFuture::new(timeout_ms).fuse() => {
-                    Err(JsValue::from(ApiError::new(ErrorType::Other, "The send keys operation has been timed out".to_string())))
+                    Err(ApiError::CallTimeout("The send keys operation has been timed out".to_owned()).into())
                 }
             }
         })
     }
 
-    /// Get participant's key from a blockchain
+    /// Get participant's key from a server
     ///
     /// Arguments
     ///
@@ -322,182 +254,22 @@ impl KeyProvisioner {
     /// - timeout_ms - The [`u32`] that represents milliseconds that were given not to be exceeded
     pub fn get_key(&self, meeting_id: String, timeout_ms: u32) -> Promise {
         let handler = self.handler();
-        let client = self.client();
         let signer = self.signer();
 
         let get_key = async move {
-            let (contract_id, sk, url) =
-                (handler.contract_id.clone(), &handler.owner_sk, &handler.url);
-
-            let msg = get_message(url, signer, &meeting_id).await?;
-            loop {
-                let owner_pub_key = client
-                    .view::<Option<String>>(
-                        &contract_id,
-                        Finality::None,
-                        "owner_key",
-                        Some(serde_json::json!({
-                            "id": meeting_id.to_string()
-                        })),
-                    )
-                    .await
-                    .map_err(|err| ApiError::new(ErrorType::NearClient, err.to_string()))?
-                    .data();
-
-                if let Some(owner_pk) = owner_pub_key {
-                    let bytes = base64::decode(owner_pk)
-                        .map_err(|err| ApiError::new(ErrorType::Other, err.to_string()))?;
-                    let owner_pk = PublicKey::try_from_bytes(&bytes)
-                        .map_err(|err| ApiError::new(ErrorType::Other, err.to_string()))?;
-                    let key = sk.exchange(&owner_pk);
-
-                    let msg_bytes = base64::decode(msg)
-                        .map_err(|err| ApiError::new(ErrorType::Other, err.to_string()))?;
-                    let decrypted_msg = decrypt(&key, &msg_bytes)?;
-
-                    return Ok(JsValue::from_str(
-                        std::str::from_utf8(&decrypted_msg)
-                            .map_err(|err| ApiError::new(ErrorType::Other, err.to_string()))?,
-                    ));
-                }
-            }
+            let meet_id = Uuid::from_str(&meeting_id).map_err(ApiError::from)?;
+            let data = receive(&handler, &signer, meet_id).await?;
+            let secret = decrypt(signer.secret_key(), data.moderator_pk, meet_id, data.data)?;
+            Ok(JsValue::from_str(&base64::encode(secret)))
         };
 
         wasm_bindgen_futures::future_to_promise(async move {
             select! {
                 key = get_key.fuse() => key,
                 _ = TimeoutFuture::new(timeout_ms).fuse() => {
-                    Err(JsValue::from(ApiError::new(ErrorType::Other, "The getting key operation has been timed out".to_string())))
-                }
-            }
-        })
-    }
-
-    /// Pushes end-user's key to the blockchain
-    ///
-    /// Arguments
-    ///
-    /// - meeting_id - The [`String`] that indicates ID of the meeting room
-    /// - timeout_ms - The [`u32`] that represents milliseconds that were given not to be exceeded
-    pub fn push_to_near(&self, meeting_id: String, timeout_ms: u32) -> Promise {
-        let handler = self.handler();
-        let client = self.client();
-        let signer = self.signer();
-
-        let push_key = async move {
-            let (contract_id, pk) = (
-                handler.contract_id.clone(),
-                PublicKey::from(&handler.owner_sk),
-            );
-            client
-                .function_call(signer.lock().await.deref_mut(), &contract_id, "set_key")
-                .gas(near_units::parse_gas!("300 T") as u64)
-                .args(json!({
-                    "id": meeting_id.to_string(),
-                    "pk": base64::encode(pk.to_bytes()),
-                }))
-                .build()
-                .map_err(|err| ApiError::new(ErrorType::Other, err.to_string()))?
-                .commit(Finality::None)
-                .await
-                .map_err(|err| ApiError::new(ErrorType::NearClient, err.to_string()))?;
-
-            Ok(JsValue::undefined())
-        };
-
-        wasm_bindgen_futures::future_to_promise(async move {
-            select! {
-                exchange_uuid = push_key.fuse() => exchange_uuid,
-                _ = TimeoutFuture::new(timeout_ms).fuse() => {
-                    Err(JsValue::from(ApiError::new(ErrorType::Other, "The initialization has been timed out".to_string())))
+                    Err(ApiError::CallTimeout("The getting key operation has been timed out".to_owned()).into())
                 }
             }
         })
     }
 }
-
-/// Retrieves encrypted message from the server. That message should be dectypted to grant an access to the meeting.
-///
-/// Arguments
-///
-/// - url - The ['reqwest::Url'] that represents a handler's url
-/// - signer - The [`Arc<Mutex<Signer>>`] is a signer that is used to sign transactions
-/// - meeting_id - The [`&str`] represents ID of the meeting
-async fn get_message(
-    url: &reqwest::Url,
-    signer: Arc<Mutex<Signer>>,
-    meeting_id: &str,
-) -> Result<String> {
-    let signer = signer.lock().await;
-    let http_client = reqwest::ClientBuilder::new()
-        .build()
-        .map_err(|err| ApiError::new(ErrorType::Other, err.to_string()))?;
-    let meeting_url = url
-        .join("meeting")
-        .map_err(|err| ApiError::new(ErrorType::Other, err.to_string()))?;
-    let meeting_id_json = serde_json::to_value(meeting_id)
-        .map_err(|err| ApiError::new(ErrorType::Other, err.to_string()))?;
-    let signer_json = serde_json::to_value(signer.account().clone())
-        .map_err(|err| ApiError::new(ErrorType::Other, err.to_string()))?;
-    loop {
-        let fetch_msg = http_client
-            .get(meeting_url.clone())
-            .query(&[("id", &meeting_id_json), ("participant", &signer_json)])
-            .send()
-            .await
-            .and_then(|it| it.error_for_status())
-            .map_err(|err| ApiError::new(ErrorType::Other, err.to_string()))?
-            .text()
-            .await
-            .map_err(|err| ApiError::new(ErrorType::Other, err.to_string()));
-
-        if fetch_msg.is_ok() {
-            return fetch_msg;
-        }
-    }
-}
-
-fn new_secret() -> Result<SecretKey> {
-    use rand_chacha::ChaChaRng;
-    let mut chacha = ChaChaRng::from_entropy();
-    let mut bytes = [0_u8; 32];
-    chacha.fill_bytes(&mut bytes);
-    SecretKey::try_from_bytes(&bytes)
-        .map_err(|err| ApiError::new(ErrorType::Other, err.to_string()))
-}
-
-fn encrypt(
-    exchange_key: &[u8],
-    secret: &[u8],
-    participant_id: String,
-) -> Result<(Vec<u8>, String)> {
-    aes(exchange_key)
-        .and_then(|it: Aes256Gcm| {
-            it.encrypt(AesNonce::from_slice(b"unique nonce"), secret)
-                .map_err(|err| ApiError::new(ErrorType::Other, err.to_string()))
-        })
-        .map(|encrypted_msg| (encrypted_msg, participant_id))
-}
-
-fn decrypt(exchange_key: &[u8], secret: &[u8]) -> Result<Vec<u8>> {
-    aes(exchange_key).and_then(|it: Aes256Gcm| {
-        it.decrypt(AesNonce::from_slice(b"unique nonce"), secret)
-            .map_err(|err| ApiError::new(ErrorType::Other, err.to_string()))
-    })
-}
-
-fn aes(exchange_key: &[u8]) -> Result<Aes256Gcm> {
-    Blake2bVar::new(32)
-        .map(|mut kdf| {
-            kdf.update(exchange_key);
-            kdf.finalize_boxed()
-        })
-        .map_err(|err| ApiError::new(ErrorType::Other, err.to_string()))
-        .and_then(|it| {
-            Aes256Gcm::new_from_slice(&it)
-                .map_err(|err| ApiError::new(ErrorType::Other, err.to_string()))
-        })
-}
-
-#[cfg(test)]
-mod tests {}

web-client/tests/integration.rs

@@ -8,11 +8,16 @@ use url::Url;
 use wasm_bindgen::JsValue;
 use wasm_bindgen_futures::JsFuture;
 use wasm_bindgen_test::*;
-
-use web_client::{KeyProvisioner, ProvisionerConfig};
+use web_client::{KeyProvisioner, Meeting, ProvisionerConfig};
 
 wasm_bindgen_test_configure!(run_in_browser);
 
+const ALICE_BYTES: [u8; 32] = [1; 32];
+const BOB_BYTES: [u8; 32] = [2; 32];
+const KARL_BYTES: [u8; 32] = [3; 32];
+const MIKE_BYTES: [u8; 32] = [4; 32];
+const CONTRACT_BYTES: [u8; 32] = [5; 32];
+
 #[derive(Serialize, Deserialize)]
 struct ValidatorKey {
     account_id: AccountId,
@@ -20,12 +25,6 @@ struct ValidatorKey {
     secret_key: String,
 }
 
-const ALICE_BYTES: [u8; 32] = [1; 32];
-const BOB_BYTES: [u8; 32] = [2; 32];
-const KARL_BYTES: [u8; 32] = [3; 32];
-const MIKE_BYTES: [u8; 32] = [4; 32];
-const CONTRACT_BYTES: [u8; 32] = [5; 32];
-
 async fn create_account(
     client: &NearClient,
     validator: &Signer,
@@ -50,7 +49,6 @@ async fn create_account(
             .await
             .unwrap(),
     )
-    .map_err(|err| anyhow::anyhow!(err))
     .unwrap();
 
     Signer::from_secret(sk, id, nonce)
@@ -80,19 +78,16 @@ async fn drop_created_account(
     }
 }
 
-async fn validator_key() -> anyhow::Result<ValidatorKey> {
-    Ok(
-        reqwest::get("http://sandbox-artifact:3032/validator_key.json")
-            .await?
-            .json::<ValidatorKey>()
-            .await?,
-    )
+async fn validator_key() -> ValidatorKey {
+    reqwest::get("http://sandbox-artifact:3032/validator_key.json")
+        .await
+        .unwrap()
+        .json::<ValidatorKey>()
+        .await
+        .unwrap()
 }
 
-async fn validator_account(
-    client: &NearClient,
-    validator_key: ValidatorKey,
-) -> anyhow::Result<Signer> {
+async fn validator_account(client: &NearClient, validator_key: ValidatorKey) -> Signer {
     let key_nonce = Result::from(
         client
             .view_access_key(
@@ -100,32 +95,27 @@ async fn validator_account(
                 &validator_key.public_key,
                 Finality::Final,
             )
-            .await?,
+            .await
+            .unwrap(),
     )
-    .map_err(|err| anyhow::anyhow!(err))?;
+    .unwrap();
 
-    let signer = Signer::from_secret_str(
+    Signer::from_secret_str(
         &validator_key.secret_key,
         validator_key.account_id.clone(),
         key_nonce,
-    )?;
-
-    Ok(signer)
-}
-
-async fn meeting_room_contract() -> anyhow::Result<Vec<u8>> {
-    Ok(
-        reqwest::get("http://contract-artifact:3033/meeting_room.wasm")
-            .await?
-            .bytes()
-            .await?
-            .to_vec(),
     )
+    .unwrap()
 }
 
-#[wasm_bindgen_test]
-async fn pass() {
-    console_log!("Test Passed");
+async fn meeting_room_contract() -> Vec<u8> {
+    reqwest::get("http://contract-artifact:3033/meet.wasm")
+        .await
+        .unwrap()
+        .bytes()
+        .await
+        .unwrap()
+        .to_vec()
 }
 
 #[wasm_bindgen_test]
@@ -133,10 +123,10 @@ async fn key_exchange() {
     let rpc_url = Url::parse("http://sandbox:3030").unwrap();
     let client = NearClient::new(rpc_url).unwrap();
 
-    let validator_key = validator_key().await.unwrap();
-    let validator = validator_account(&client, validator_key).await.unwrap();
+    let validator_key = validator_key().await;
+    let validator = validator_account(&client, validator_key).await;
 
-    // delete accounts if any to be sure there are no dublicates
+    // delete accounts if any to be sure there are no duplicates
     drop_created_account(
         &client,
         validator.account(),
@@ -165,7 +155,7 @@ async fn key_exchange() {
         create_account(&client, &validator, &CONTRACT_BYTES, "contract.test.near").await;
 
     // Contract byte code
-    let contract_wasm = meeting_room_contract().await.unwrap();
+    let contract_wasm = meeting_room_contract().await;
     let contract_id = contract_sg.account().clone();
 
     client
@@ -205,75 +195,66 @@ async fn key_exchange() {
 
     let set = js_sys::Set::new(&arr);
 
-    // Init meeting
-    let meeting_id = JsFuture::from(provisioner.init(set, 3000))
-        .await
-        .unwrap()
-        .as_string()
-        .unwrap();
+    let Meeting { meet_id, .. } = serde_wasm_bindgen::from_value::<Meeting>(
+        JsFuture::from(provisioner.init_meeting(set, 3000))
+            .await
+            .unwrap(),
+    )
+    .unwrap();
 
     // Then each user push own key to blockchain
-    let keypair_str = bob_sg.secret_key().string();
     let provisioner_bob = KeyProvisioner::new(
-        keypair_str,
+        bob_sg.secret_key().string(),
         bob_sg.nonce(),
         bob_sg.account().to_string(),
         config.clone(),
     )
     .unwrap();
 
-    let _ = JsFuture::from(provisioner_bob.push_to_near(meeting_id.clone(), 3000))
-        .await
-        .unwrap();
-
-    let keypair_str = karl_sg.secret_key().string();
     let provisioner_karl = KeyProvisioner::new(
-        keypair_str,
+        karl_sg.secret_key().string(),
         karl_sg.nonce(),
         karl_sg.account().to_string(),
         config.clone(),
     )
     .unwrap();
 
-    let _ = JsFuture::from(provisioner_karl.push_to_near(meeting_id.clone(), 3000))
-        .await
-        .unwrap();
-
-    let keypair_str = mike_sg.secret_key().string();
     let provisioner_mike = KeyProvisioner::new(
-        keypair_str,
+        mike_sg.secret_key().string(),
         mike_sg.nonce(),
         mike_sg.account().to_string(),
         config.clone(),
     )
     .unwrap();
 
-    let _ = JsFuture::from(provisioner_mike.push_to_near(meeting_id.clone(), 3000))
-        .await
-        .unwrap();
+    let _ = JsFuture::from(provisioner.send_keys(meet_id.to_string(), 300)).await;
+    gloo_timers::future::sleep(std::time::Duration::from_millis(400)).await;
+    let _ = JsFuture::from(provisioner_bob.get_key(meet_id.to_string(), 200)).await;
+    let _ = JsFuture::from(provisioner_karl.get_key(meet_id.to_string(), 200)).await;
+    let _ = JsFuture::from(provisioner_mike.get_key(meet_id.to_string(), 200)).await;
 
     // Send encrypted keys to participants
     // timeout in millis
-    let alice_key = JsFuture::from(provisioner.send_keys(meeting_id.clone(), 200))
+    let alice_key = JsFuture::from(provisioner.send_keys(meet_id.to_string(), 4000))
         .await
         .unwrap()
         .as_string()
         .unwrap();
 
     // Fetch encrypted keys
-    let bob_key = JsFuture::from(provisioner_bob.get_key(meeting_id.clone(), 200))
+    let bob_key = JsFuture::from(provisioner_bob.get_key(meet_id.to_string(), 1000))
         .await
         .unwrap()
         .as_string()
         .unwrap();
 
-    let karl_key = JsFuture::from(provisioner_karl.get_key(meeting_id.clone(), 200))
+    let karl_key = JsFuture::from(provisioner_karl.get_key(meet_id.to_string(), 1000))
         .await
         .unwrap()
         .as_string()
         .unwrap();
 
-    let mike_key = JsFuture::from(provisioner_mike.get_key(meeting_id.clone(), 200))
+    let mike_key = JsFuture::from(provisioner_mike.get_key(meet_id.to_string(), 1000))
         .await
         .unwrap()
         .as_string()
@@ -302,6 +283,3 @@ async fn key_exchange() {
     )
     .await;
 }
-
-#[wasm_bindgen_test]
-async fn sandbox() {}