Scaffold Rust workspace: warzone-protocol, server, client, mule

4 crates, all compile. 16/17 tests pass. warzone-protocol (core crypto): - Seed-based identity (Ed25519 + X25519 from 32-byte seed via HKDF) - BIP39 mnemonic encode/decode (24 words) - Fingerprint type (SHA-256 truncated, displayed as xxxx:xxxx:xxxx:xxxx) - ChaCha20-Poly1305 AEAD encrypt/decrypt with random nonce - HKDF-SHA256 key derivation - Pre-key bundle generation with Ed25519 signatures - X3DH key exchange (simplified, needs X25519 identity key in bundle) - Double Ratchet: full implementation with DH ratchet, chain ratchet, out-of-order message handling via skipped keys cache - Message format (WarzoneMessage envelope + RatchetHeader) - Session type with ratchet state - Storage trait definitions (PreKeyStore, SessionStore, MessageQueue) warzone-server (axum): - sled database (keys, messages, one-time pre-keys) - Routes: /v1/health, /v1/keys/register, /v1/keys/{fp}, /v1/messages/send, /v1/messages/poll/{fp}, /v1/messages/{id}/ack warzone-client (CLI): - `warzone init` — generate seed, show mnemonic, save to ~/.warzone/ - `warzone recover <words>` — restore from mnemonic - `warzone info` — show fingerprint and keys - Seed storage at ~/.warzone/identity.seed (600 perms) - Stubs for send, recv, chat commands warzone-mule: Phase 4 placeholder Known issue: X3DH test fails (initiate/respond use different DH ops due to missing X25519 identity key in bundle). Fix in next step. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 21:27:48 +04:00
parent 1e2a83402d
commit 651396fa13
5075 changed files with 36186 additions and 0 deletions
--- a/warzone/crates/warzone-server/Cargo.toml
+++ b/warzone/crates/warzone-server/Cargo.toml
@@ -0,0 +1,23 @@
+[package]
+name = "warzone-server"
+version.workspace = true
+edition.workspace = true
+
+[dependencies]
+warzone-protocol = { path = "../warzone-protocol" }
+tokio.workspace = true
+axum.workspace = true
+tower.workspace = true
+tower-http.workspace = true
+sled.workspace = true
+serde.workspace = true
+serde_json.workspace = true
+tracing.workspace = true
+tracing-subscriber.workspace = true
+clap.workspace = true
+thiserror.workspace = true
+anyhow.workspace = true
+uuid.workspace = true
+chrono.workspace = true
+hex.workspace = true
+base64.workspace = true
--- a/warzone/crates/warzone-server/src/config.rs
+++ b/warzone/crates/warzone-server/src/config.rs
@@ -0,0 +1,4 @@
+pub struct ServerConfig {
+    pub bind_addr: String,
+    pub data_dir: String,
+}
--- a/warzone/crates/warzone-server/src/db.rs
+++ b/warzone/crates/warzone-server/src/db.rs
@@ -0,0 +1,23 @@
+use anyhow::Result;
+
+pub struct Database {
+    pub keys: sled::Tree,
+    pub messages: sled::Tree,
+    pub otpks: sled::Tree,
+    _db: sled::Db,
+}
+
+impl Database {
+    pub fn open(data_dir: &str) -> Result<Self> {
+        let db = sled::open(data_dir)?;
+        let keys = db.open_tree("keys")?;
+        let messages = db.open_tree("messages")?;
+        let otpks = db.open_tree("otpks")?;
+        Ok(Database {
+            keys,
+            messages,
+            otpks,
+            _db: db,
+        })
+    }
+}
--- a/warzone/crates/warzone-server/src/errors.rs
+++ b/warzone/crates/warzone-server/src/errors.rs
@@ -0,0 +1,16 @@
+use axum::http::StatusCode;
+use axum::response::{IntoResponse, Response};
+
+pub struct AppError(pub anyhow::Error);
+
+impl IntoResponse for AppError {
+    fn into_response(self) -> Response {
+        (StatusCode::INTERNAL_SERVER_ERROR, self.0.to_string()).into_response()
+    }
+}
+
+impl<E: Into<anyhow::Error>> From<E> for AppError {
+    fn from(err: E) -> Self {
+        AppError(err.into())
+    }
+}
--- a/warzone/crates/warzone-server/src/lib.rs
+++ b/warzone/crates/warzone-server/src/lib.rs
@@ -0,0 +1,5 @@
+pub mod config;
+pub mod db;
+pub mod errors;
+pub mod routes;
+pub mod state;
--- a/warzone/crates/warzone-server/src/main.rs
+++ b/warzone/crates/warzone-server/src/main.rs
@@ -0,0 +1,39 @@
+use clap::Parser;
+
+mod config;
+mod db;
+mod errors;
+mod routes;
+mod state;
+
+#[derive(Parser)]
+#[command(name = "warzone-server", about = "Warzone messenger server")]
+struct Cli {
+    /// Address to bind to
+    #[arg(short, long, default_value = "0.0.0.0:7700")]
+    bind: String,
+
+    /// Database directory
+    #[arg(short, long, default_value = "./warzone-data")]
+    data_dir: String,
+}
+
+#[tokio::main]
+async fn main() -> anyhow::Result<()> {
+    tracing_subscriber::fmt::init();
+
+    let cli = Cli::parse();
+    tracing::info!("Warzone server starting on {}", cli.bind);
+
+    let state = state::AppState::new(&cli.data_dir)?;
+
+    let app = axum::Router::new()
+        .nest("/v1", routes::router())
+        .with_state(state);
+
+    let listener = tokio::net::TcpListener::bind(&cli.bind).await?;
+    tracing::info!("Listening on {}", cli.bind);
+    axum::serve(listener, app).await?;
+
+    Ok(())
+}
--- a/warzone/crates/warzone-server/src/routes/health.rs
+++ b/warzone/crates/warzone-server/src/routes/health.rs
@@ -0,0 +1,12 @@
+use axum::{routing::get, Json, Router};
+use serde_json::json;
+
+use crate::state::AppState;
+
+pub fn routes() -> Router<AppState> {
+    Router::new().route("/health", get(health))
+}
+
+async fn health() -> Json<serde_json::Value> {
+    Json(json!({ "status": "ok", "version": env!("CARGO_PKG_VERSION") }))
+}
--- a/warzone/crates/warzone-server/src/routes/keys.rs
+++ b/warzone/crates/warzone-server/src/routes/keys.rs
@@ -0,0 +1,46 @@
+use axum::{
+    extract::{Path, State},
+    routing::{get, post},
+    Json, Router,
+};
+use serde::{Deserialize, Serialize};
+
+use crate::state::AppState;
+
+pub fn routes() -> Router<AppState> {
+    Router::new()
+        .route("/keys/register", post(register_keys))
+        .route("/keys/{fingerprint}", get(get_bundle))
+}
+
+#[derive(Deserialize)]
+struct RegisterRequest {
+    fingerprint: String,
+    bundle: Vec<u8>, // bincode-serialized PreKeyBundle
+}
+
+#[derive(Serialize)]
+struct RegisterResponse {
+    ok: bool,
+}
+
+async fn register_keys(
+    State(state): State<AppState>,
+    Json(req): Json<RegisterRequest>,
+) -> Json<RegisterResponse> {
+    let _ = state.db.keys.insert(req.fingerprint.as_bytes(), req.bundle);
+    Json(RegisterResponse { ok: true })
+}
+
+async fn get_bundle(
+    State(state): State<AppState>,
+    Path(fingerprint): Path<String>,
+) -> Result<Json<serde_json::Value>, axum::http::StatusCode> {
+    match state.db.keys.get(fingerprint.as_bytes()) {
+        Ok(Some(data)) => Ok(Json(serde_json::json!({
+            "fingerprint": fingerprint,
+            "bundle": base64::Engine::encode(&base64::engine::general_purpose::STANDARD, &data),
+        }))),
+        _ => Err(axum::http::StatusCode::NOT_FOUND),
+    }
+}
--- a/warzone/crates/warzone-server/src/routes/messages.rs
+++ b/warzone/crates/warzone-server/src/routes/messages.rs
@@ -0,0 +1,61 @@
+use axum::{
+    extract::{Path, State},
+    routing::{delete, get, post},
+    Json, Router,
+};
+use serde::Deserialize;
+
+use crate::state::AppState;
+
+pub fn routes() -> Router<AppState> {
+    Router::new()
+        .route("/messages/send", post(send_message))
+        .route("/messages/poll/{fingerprint}", get(poll_messages))
+        .route("/messages/{id}/ack", delete(ack_message))
+}
+
+#[derive(Deserialize)]
+struct SendRequest {
+    to: String,
+    message: Vec<u8>, // bincode-serialized WarzoneMessage
+}
+
+async fn send_message(
+    State(state): State<AppState>,
+    Json(req): Json<SendRequest>,
+) -> Json<serde_json::Value> {
+    // Append to recipient's queue
+    let key = format!("queue:{}", req.to);
+    let _ = state.db.messages.insert(
+        format!("{}:{}", key, uuid::Uuid::new_v4()).as_bytes(),
+        req.message,
+    );
+    Json(serde_json::json!({ "ok": true }))
+}
+
+async fn poll_messages(
+    State(state): State<AppState>,
+    Path(fingerprint): Path<String>,
+) -> Json<Vec<String>> {
+    let prefix = format!("queue:{}", fingerprint);
+    let mut messages = Vec::new();
+    for item in state.db.messages.scan_prefix(prefix.as_bytes()) {
+        if let Ok((_, value)) = item {
+            messages.push(base64::Engine::encode(
+                &base64::engine::general_purpose::STANDARD,
+                &value,
+            ));
+        }
+    }
+    Json(messages)
+}
+
+async fn ack_message(
+    State(state): State<AppState>,
+    Path(id): Path<String>,
+) -> Json<serde_json::Value> {
+    // Scan for and remove the message with this ID
+    // In a real implementation, we'd have a proper index
+    let _ = state.db.messages.remove(id.as_bytes());
+    Json(serde_json::json!({ "ok": true }))
+}
--- a/warzone/crates/warzone-server/src/routes/mod.rs
+++ b/warzone/crates/warzone-server/src/routes/mod.rs
@@ -0,0 +1,14 @@
+mod health;
+mod keys;
+mod messages;
+
+use axum::Router;
+
+use crate::state::AppState;
+
+pub fn router() -> Router<AppState> {
+    Router::new()
+        .merge(health::routes())
+        .merge(keys::routes())
+        .merge(messages::routes())
+}
--- a/warzone/crates/warzone-server/src/state.rs
+++ b/warzone/crates/warzone-server/src/state.rs
@@ -0,0 +1,15 @@
+use std::sync::Arc;
+
+use crate::db::Database;
+
+#[derive(Clone)]
+pub struct AppState {
+    pub db: Arc<Database>,
+}
+
+impl AppState {
+    pub fn new(data_dir: &str) -> anyhow::Result<Self> {
+        let db = Database::open(data_dir)?;
+        Ok(AppState { db: Arc::new(db) })
+    }
+}