v0.0.21: TUI overhaul, WZP call infrastructure, security hardening, federation

TUI: - Split 1,756-line app.rs monolith into 7 modules (types, draw, commands, input, file_transfer, network, mod) - Message timestamps [HH:MM], scrolling (PageUp/Down/arrows), connection status dot, unread badge - /help command, terminal bell on incoming DM, /devices + /kick commands - 44 unit tests (types, input, draw with TestBackend) Server — WZP Call Infrastructure (FC-2/3/5/6/7/10): - Call state management (CallState, CallStatus, active_calls, calls + missed_calls sled trees) - WS call signal awareness (Offer/Answer/Hangup update state, missed call on offline) - Group call endpoint (POST /groups/:name/call with SHA-256 room ID, fan-out) - Presence API (GET /presence/:fp, POST /presence/batch) - Missed call flush on WS reconnect - WZP relay config + CORS Server — Security (FC-P1): - Auth enforcement middleware (AuthFingerprint extractor on 13 write handlers) - Session auto-recovery (delete corrupted ratchet, show [session reset]) - WS connection cap (5/fingerprint) + global concurrency limit (200) - Device management (GET /devices, POST /devices/:id/kick, POST /devices/revoke-all) Server — Federation: - Two-server federation via JSON config (--federation flag) - Periodic presence sync (every 5s, full-state, self-healing) - Message forwarding via HTTP POST with SHA-256(secret||body) auth - Graceful degradation (peer down = queue locally) - deliver_or_queue() replaces push-or-queue in ws.rs + messages.rs Client — Group Messaging: - SenderKeyDistribution storage + GroupSenderKey decryption in TUI - sender_keys sled tree in LocalDb WASM: - All 8 WireMessage variants handled (no more "unsupported") - decrypt_group_message() + create_sender_key_from_distribution() exports - CallSignal parsing with signal_type mapping Docs: - ARCHITECTURE.md rewritten with Mermaid diagrams - README.md created - TASK_PLAN.md with FC-P{phase}-T{task} naming - PROGRESS.md updated to v0.0.21 WZP submodule updated to 6f4e8eb (IAX2 trunking, adaptive quality, metrics, all S-tasks done) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-28 16:45:58 +04:00
parent 4a4fa9fab4
commit 3e0889e5dc
36 changed files with 5237 additions and 2232 deletions
--- a/warzone/crates/warzone-client/src/storage.rs
+++ b/warzone/crates/warzone-client/src/storage.rs
@@ -10,6 +10,7 @@ pub struct LocalDb {
    pre_keys: sled::Tree,
    contacts: sled::Tree,
    history: sled::Tree,
+    sender_keys: sled::Tree,
    _db: sled::Db,
 }

@@ -39,11 +40,13 @@ impl LocalDb {
        let pre_keys = db.open_tree("pre_keys")?;
        let contacts = db.open_tree("contacts")?;
        let history = db.open_tree("history")?;
+        let sender_keys = db.open_tree("sender_keys")?;
        Ok(LocalDb {
            sessions,
            pre_keys,
            contacts,
            history,
+            sender_keys,
            _db: db,
        })
    }
@@ -57,6 +60,14 @@ impl LocalDb {
        Ok(())
    }

+    /// Delete a ratchet session for a peer (used for session recovery).
+    pub fn delete_session(&self, peer: &Fingerprint) -> Result<()> {
+        let key = peer.to_hex();
+        self.sessions.remove(key.as_bytes())?;
+        self.sessions.flush()?;
+        Ok(())
+    }
+
    /// Load a ratchet session for a peer.
    pub fn load_session(&self, peer: &Fingerprint) -> Result<Option<RatchetState>> {
        let key = peer.to_hex();
@@ -115,6 +126,39 @@ impl LocalDb {
        }
    }

+    // ── Sender Keys ──
+
+    /// Save a sender key for a (sender, group) pair.
+    pub fn save_sender_key(
+        &self,
+        sender_fp: &str,
+        group_name: &str,
+        key: &warzone_protocol::sender_keys::SenderKey,
+    ) -> Result<()> {
+        let db_key = format!("sk:{}:{}", sender_fp, group_name);
+        let data = bincode::serialize(key).context("failed to serialize sender key")?;
+        self.sender_keys.insert(db_key.as_bytes(), data)?;
+        self.sender_keys.flush()?;
+        Ok(())
+    }
+
+    /// Load a sender key for a (sender, group) pair.
+    pub fn load_sender_key(
+        &self,
+        sender_fp: &str,
+        group_name: &str,
+    ) -> Result<Option<warzone_protocol::sender_keys::SenderKey>> {
+        let db_key = format!("sk:{}:{}", sender_fp, group_name);
+        match self.sender_keys.get(db_key.as_bytes())? {
+            Some(data) => {
+                let key = bincode::deserialize(&data)
+                    .context("failed to deserialize sender key")?;
+                Ok(Some(key))
+            }
+            None => Ok(None),
+        }
+    }
+
    // ── Contacts ──

    /// Add or update a contact. Called on send/receive.