diff --git a/DESIGN.md b/DESIGN.md
index b247849..b018084 100644
--- a/DESIGN.md
+++ b/DESIGN.md
@@ -442,8 +442,20 @@ warzone.wasm      # browser client (via wasm-pack)
   - ENS domain resolution (@vitalik.eth → 0xd8dA... → Warzone identity)
   - Crates: k256, tiny-keccak, ethers-rs/alloy for ENS resolution
   - Session key delegation from hardware wallet (sign once per 30 days)
-- [ ] TUI client (ratatui)
-- [ ] Web client (WASM)
+- [x] TUI client (ratatui)
+- [x] Web client (WASM)
+- [x] WebSocket real-time push
+- [ ] Encrypted local message history & cloud backup
+  - Messages encrypted at rest using key derived from seed (HKDF, info="warzone-history")
+  - No extra password needed — if you have your seed, you can read your history
+  - Optional passphrase for additional protection (double encryption)
+  - Browser: encrypted blob in IndexedDB, export as file
+  - CLI: encrypted sled DB (already has seed-encrypted keystore)
+  - Cloud backup targets: S3-compatible, Google Drive, WebDAV
+  - Backup format: encrypted archive (ChaCha20-Poly1305), versioned, deduplicated
+  - Restore: import backup + provide seed → decrypt and merge history
+  - Sync: periodic incremental backup (new messages since last backup)
+  - Privacy: backup provider sees only encrypted blobs, no metadata
 
 ### Phase 3 — Federation & Key Transparency
 - [ ] DNS TXT record format specification (server discovery + user key transparency)