3e0889e5dc
TUI:
- Split 1,756-line app.rs monolith into 7 modules (types, draw, commands, input, file_transfer, network, mod)
- Message timestamps [HH:MM], scrolling (PageUp/Down/arrows), connection status dot, unread badge
- /help command, terminal bell on incoming DM, /devices + /kick commands
- 44 unit tests (types, input, draw with TestBackend)
Server — WZP Call Infrastructure (FC-2/3/5/6/7/10):
- Call state management (CallState, CallStatus, active_calls, calls + missed_calls sled trees)
- WS call signal awareness (Offer/Answer/Hangup update state, missed call on offline)
- Group call endpoint (POST /groups/:name/call with SHA-256 room ID, fan-out)
- Presence API (GET /presence/:fp, POST /presence/batch)
- Missed call flush on WS reconnect
- WZP relay config + CORS
Server — Security (FC-P1):
- Auth enforcement middleware (AuthFingerprint extractor on 13 write handlers)
- Session auto-recovery (delete corrupted ratchet, show [session reset])
- WS connection cap (5/fingerprint) + global concurrency limit (200)
- Device management (GET /devices, POST /devices/:id/kick, POST /devices/revoke-all)
Server — Federation:
- Two-server federation via JSON config (--federation flag)
- Periodic presence sync (every 5s, full-state, self-healing)
- Message forwarding via HTTP POST with SHA-256(secret||body) auth
- Graceful degradation (peer down = queue locally)
- deliver_or_queue() replaces push-or-queue in ws.rs + messages.rs
Client — Group Messaging:
- SenderKeyDistribution storage + GroupSenderKey decryption in TUI
- sender_keys sled tree in LocalDb
WASM:
- All 8 WireMessage variants handled (no more "unsupported")
- decrypt_group_message() + create_sender_key_from_distribution() exports
- CallSignal parsing with signal_type mapping
Docs:
- ARCHITECTURE.md rewritten with Mermaid diagrams
- README.md created
- TASK_PLAN.md with FC-P{phase}-T{task} naming
- PROGRESS.md updated to v0.0.21
WZP submodule updated to 6f4e8eb (IAX2 trunking, adaptive quality, metrics, all S-tasks done)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
4.6 KiB
4.6 KiB
Warzone Messenger (featherChat)
End-to-end encrypted messenger with Signal protocol cryptography, voice/video call integration, and server federation.
Features
- E2E Encrypted DMs — X3DH key exchange + Double Ratchet (forward secrecy)
- Group Messaging — Sender Key protocol (O(1) encryption, fan-out delivery)
- File Transfer — Chunked (64KB), SHA-256 verified, ratchet-encrypted
- Voice/Video Calls — WarzonePhone integration (QUIC SFU relay, ChaCha20-Poly1305 media)
- Federation — Two-server relay with HMAC-authenticated presence sync
- TUI Client — Full-featured terminal UI (ratatui, timestamps, scrolling, receipts)
- Web Client — Identical crypto via WASM (wasm-bindgen)
- Ethereum Identity — Same seed derives messaging keypair + Ethereum address (secp256k1)
- BIP39 Seed — 24-word mnemonic for identity backup/recovery
Architecture
Clients (CLI / TUI / Web)
|
| E2E encrypted (ChaCha20-Poly1305)
|
warzone-server (axum + sled)
|
| Federation (HTTP + HMAC)
|
warzone-server (peer)
|
| Call signaling
|
WarzonePhone Relay (QUIC SFU)
See docs/ARCHITECTURE.md for full architecture with Mermaid diagrams.
Quick Start
Build
cd warzone
cargo build --release
Generate Identity
./target/release/warzone-client init
# Outputs: 24-word BIP39 mnemonic + fingerprint
Start Server
./target/release/warzone-server --bind 0.0.0.0:7700
Start TUI
./target/release/warzone-client tui --server http://localhost:7700
Federation (Two Servers)
Create alpha.json:
{
"server_id": "alpha",
"shared_secret": "your-shared-secret",
"peer": { "id": "bravo", "url": "http://server-b:7700" },
"presence_interval_secs": 5
}
# Server A
warzone-server --bind 0.0.0.0:7700 --federation alpha.json
# Server B
warzone-server --bind 0.0.0.0:7700 --federation bravo.json
Messages automatically route across servers.
TUI Commands
| Command | Description |
|---|---|
/peer <fp> or /p @alias |
Set DM peer |
/g <name> |
Switch to group (auto-join) |
/call <fp> |
Initiate call |
/file <path> |
Send file (max 10MB) |
/contacts |
List contacts with message counts |
/history |
Show conversation history |
/devices |
List active device sessions |
/kick <id> |
Revoke a device session |
/help |
Full command list |
Crates
| Crate | Purpose |
|---|---|
warzone-protocol |
Crypto & message types (X3DH, Double Ratchet, Sender Keys) |
warzone-server |
HTTP/WS server with sled DB, federation, call state |
warzone-client |
CLI + TUI client |
warzone-wasm |
WASM bridge for web client |
warzone-mule |
Physical message delivery (planned) |
Cryptographic Stack
| Primitive | Purpose |
|---|---|
| Ed25519 | Identity signing |
| X25519 | Diffie-Hellman key exchange |
| ChaCha20-Poly1305 | AEAD encryption |
| HKDF-SHA256 | Key derivation |
| Argon2id | Seed encryption at rest |
| secp256k1 | Ethereum-compatible identity |
Security
- Auth enforcement on all write routes (bearer token middleware)
- Session auto-recovery on ratchet corruption
- Per-fingerprint WS connection cap (5 devices)
- Global request concurrency limit (200)
- Device management (list, kick, revoke-all panic button)
- Federation auth: SHA-256(secret || body) on every inter-server request
See docs/SECURITY.md for the full threat model.
Test Suite
72 tests across protocol + client crates (all passing):
- 28 protocol tests (X3DH, Double Ratchet, Sender Keys, crypto, identity)
- 44 TUI tests (rendering, keyboard input, scrolling, state management)
cargo test --workspace
WarzonePhone Integration
All 9 WZP-side integration tasks are complete:
- Shared identity (HKDF alignment, 15 cross-project tests)
- Relay auth (featherChat bearer token validation)
- Signaling bridge (CallSignal through E2E encrypted WS)
- Room access control (hashed room names, ACL)
- Mandatory crypto handshake on all paths
Documentation
| Document | Content |
|---|---|
| ARCHITECTURE.md | Full system architecture with Mermaid diagrams |
| TASK_PLAN.md | Phase-by-phase task plan (FC-P1 through P6) |
| PROGRESS.md | Version history and feature timeline |
| PROTOCOL.md | Wire protocol specification |
| SECURITY.md | Threat model and security analysis |
| FUTURE_TASKS.md | Backlog with questions-before-starting |
License
MIT