featherChat

manawenuz/featherChat

Fork 0

Commit Graph

Author	SHA1	Message	Date
Siavash Sameni	d7b71efdbc	Fix DB lock error: clear message + instructions, fix passphrase reprompt Storage: - Detects sled lock contention, shows actionable error: "Database locked by another warzone process" with ps command to find the process and rm command to force unlock TUI: - Poll loop no longer calls load_seed() (was re-prompting passphrase) - Seed passed from main.rs to run_tui to poll_loop - Single passphrase prompt per app launch Warnings fixed: - Removed unused `Context` import in tui/app.rs - Added #[allow(dead_code)] on validate_token (used when auth middleware wired) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-27 08:24:53 +04:00
Siavash Sameni	cfb227a93d	Server auth (challenge-response) + OTP key replenishment Authentication: - POST /v1/auth/challenge {fingerprint} → {challenge, expires_at} - POST /v1/auth/verify {fingerprint, challenge, signature} → {token} - Client signs challenge with Ed25519 identity key - Server verifies against stored public key - Returns bearer token valid for 7 days - Web clients get token without sig verify (Phase 2: WASM) - validate_token() helper for protecting endpoints OTP Key Replenishment: - GET /v1/keys/:fp/otpk-count → {otpk_count} - POST /v1/keys/replenish {fingerprint, otpks: [{id, public_key}]} - OTPKs stored individually: otpk:<fp>:<id> → public_key - Returns total count after replenishment Phase 1 complete: - [x] Seed-based identity + BIP39 - [x] X3DH + Double Ratchet (forward secrecy) - [x] Pre-key bundles - [x] Server (keys, messages, groups, aliases, auth) - [x] CLI TUI + Web client - [x] Aliases with TTL + recovery - [x] Seed encryption (Argon2id + ChaCha20) - [x] Server auth (challenge-response + tokens) - [x] OTP key replenishment Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-27 07:55:02 +04:00

Author

SHA1

Message

Date

Siavash Sameni

d7b71efdbc

Fix DB lock error: clear message + instructions, fix passphrase reprompt

Storage:
- Detects sled lock contention, shows actionable error:
  "Database locked by another warzone process"
  with ps command to find the process and rm command to force unlock

TUI:
- Poll loop no longer calls load_seed() (was re-prompting passphrase)
- Seed passed from main.rs to run_tui to poll_loop
- Single passphrase prompt per app launch

Warnings fixed:
- Removed unused `Context` import in tui/app.rs
- Added #[allow(dead_code)] on validate_token (used when auth middleware wired)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-27 08:24:53 +04:00

Siavash Sameni

cfb227a93d

Server auth (challenge-response) + OTP key replenishment

Authentication:
- POST /v1/auth/challenge {fingerprint} → {challenge, expires_at}
- POST /v1/auth/verify {fingerprint, challenge, signature} → {token}
- Client signs challenge with Ed25519 identity key
- Server verifies against stored public key
- Returns bearer token valid for 7 days
- Web clients get token without sig verify (Phase 2: WASM)
- validate_token() helper for protecting endpoints

OTP Key Replenishment:
- GET /v1/keys/:fp/otpk-count → {otpk_count}
- POST /v1/keys/replenish {fingerprint, otpks: [{id, public_key}]}
- OTPKs stored individually: otpk:<fp>:<id> → public_key
- Returns total count after replenishment

Phase 1 complete:
- [x] Seed-based identity + BIP39
- [x] X3DH + Double Ratchet (forward secrecy)
- [x] Pre-key bundles
- [x] Server (keys, messages, groups, aliases, auth)
- [x] CLI TUI + Web client
- [x] Aliases with TTL + recovery
- [x] Seed encryption (Argon2id + ChaCha20)
- [x] Server auth (challenge-response + tokens)
- [x] OTP key replenishment

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-27 07:55:02 +04:00

2 Commits