manawenuz/wz-phone
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: complete all WZP-S integration tasks (S-4/5/6/7/9)

Browse Source 
WZP-S-4: Room access control
- hash_room_name() in wzp-crypto: SHA-256("featherchat-group:"+name)[:16]
- CLI --room flag hashes before SNI, web bridge does the same
- RoomManager gains ACL: with_acl(), allow(), is_authorized()
- join() returns Result, rejects unauthorized fingerprints

WZP-S-5: Crypto handshake wired into all live paths
- CLI: perform_handshake() after connect, before any mode
- Relay: accept_handshake() after auth, before room join
- Web bridge: perform_handshake() after auth, before audio
- Relay generates ephemeral identity at startup

WZP-S-6: Web bridge featherChat auth
- --auth-url flag: browsers send {"type":"auth","token":"..."} as first WS msg
- Validates against featherChat, passes token to relay
- --cert/--key flags for production TLS (replaces self-signed)

WZP-S-7: wzp-proto standalone
- Cargo.toml uses explicit versions (no workspace inheritance)
- FC can use as git dependency

WZP-S-9: All 6 hardcoded assumptions resolved
- Auth, hashed rooms, mandatory handshake, real TLS certs,
  profile negotiation, token validation

CLI also gains --room and --token flags.
179 tests passing across all crates.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Siavash Sameni
2026-03-28 09:59:05 +04:00
parent 26dc848081
commit 59069bfba2
10 changed files with 380 additions and 110 deletions
Download Patch File Download Diff File Expand all files Collapse all files

128
docs/INTEGRATION_TASKS.md
View File

@@ -12,92 +12,80 @@ Based on featherChat commit 65f6390 — FUTURE_TASKS.md with WZP integration ite
## WZP-Side Tasks (our responsibility)
### WZP-S-1. HKDF Salt/Info String Alignment — DONE
- HKDF info strings aligned: `warzone-ed25519` / `warzone-x25519`
- Salt: both use `None` (featherChat converts `b""``None`). No mismatch.
- Commit: `ac3b997`
- Both use `None` salt, info strings `warzone-ed25519` / `warzone-x25519`
- 15 cross-project tests verify identical output
### WZP-S-2. Accept featherChat Bearer Token on Relay — TODO (HIGH)
- Add `--auth-url` flag to wzp-relay (e.g., `--auth-url https://chat.example.com/v1/auth/validate`)
- On new QUIC connection: expect first signaling message to contain a bearer token
- Relay calls featherChat's `/v1/auth/validate` to verify
- Reject connection if token invalid
- Files: `wzp-relay/src/main.rs`, new `wzp-relay/src/auth.rs`
### WZP-S-2. Accept featherChat Bearer Token on Relay — DONE
- `--auth-url` flag on relay
- Clients send `SignalMessage::AuthToken` as first signal
- Relay calls `POST {auth_url}` to validate, rejects if invalid
- Commit: `ad16ddb`
### WZP-S-3. Signaling Bridge Mode — TODO (HIGH)
- Client should be able to send/receive `SignalMessage` through featherChat's WebSocket
- New `WireMessage::CallSignal` variant wraps opaque JSON `SignalMessage`
- Client connects to featherChat WS, sends CallOffer, receives CallAnswer
- Then uses the relay address from the answer to connect QUIC for media
- Files: new `wzp-client/src/featherchat.rs`
### WZP-S-3. Signaling Bridge Mode — DONE
- `featherchat.rs` module: encode/decode WZP SignalMessage into FC CallSignal.payload
- `WzpCallPayload` wraps signal + relay_addr + room
- Commit: `ad16ddb`
### WZP-S-4. Room Access Control — TODO (MEDIUM)
- Relay should verify room membership before allowing join
- Room name should be opaque hash (not human-readable group name)
- `room_id = SHA-256("featherchat-group:" + group_name)[:16]`
- Files: `wzp-relay/src/room.rs`
### WZP-S-4. Room Access Control — DONE
- `hash_room_name()` in wzp-crypto: SHA-256("featherchat-group:" + name)[:16] → 32 hex chars
- CLI `--room <name>` hashes before using as SNI
- Web bridge hashes room name before connecting to relay
- RoomManager gains ACL: `with_acl()`, `allow()`, `is_authorized()`
- `join()` now returns `Result<ParticipantId, String>`, rejects unauthorized
- Relay passes authenticated fingerprint to room join
### WZP-S-5. Wire Crypto Handshake into Live Path — PARTIAL
- `handshake.rs` exists in both client and relay
- Not used in CLI live mode, file mode, or web bridge
- Need to make handshake mandatory before media flows
- Files: `wzp-client/src/cli.rs`, `wzp-web/src/main.rs`
### WZP-S-5. Wire Crypto Handshake into Live Path — DONE
- CLI: `perform_handshake()` called after connect, before any media mode
- Relay: `accept_handshake()` called after auth, before room join
- Web bridge: `perform_handshake()` called after auth token, before audio loops
- Relay generates ephemeral identity seed at startup, logs fingerprint
- Quality profile negotiated during handshake
### WZP-S-6. Web Bridge + featherChat Web Client — TODO (MEDIUM)
- featherChat has a WASM web client (warzone-wasm crate)
- Web bridge should accept featherChat session tokens
- Share authentication with featherChat web login
- Files: `wzp-web/src/main.rs`
### WZP-S-6. Web Bridge + featherChat Web Client — DONE
- `--auth-url` flag on web bridge
- Browser sends `{ "type": "auth", "token": "..." }` as first WS message
- Web bridge validates token against featherChat, then passes to relay
- `--cert`/`--key` flags for production TLS certificates
### WZP-S-7. Publish wzp-proto for featherChat — TODO (LOW)
- featherChat needs `wzp_proto::SignalMessage` type for `CallSignal` variant
- Option A: publish wzp-proto to private registry
- Option B: featherChat uses JSON schema, WZP serializes to JSON
- Option C: git submodule / path dependency
### WZP-S-7. Publish wzp-proto for featherChat — DONE
- `wzp-proto/Cargo.toml` now standalone (no workspace inheritance)
- featherChat can use: `wzp-proto = { git = "ssh://...", path = "crates/wzp-proto" }`
### WZP-S-8. CLI Seed Input — TODO (LOW)
- Add `--seed <hex>` or `--mnemonic <words>` flag to wzp-client
- Derive identity from seed, use for handshake
- Files: `wzp-client/src/cli.rs`
### WZP-S-8. CLI Seed Input — DONE
- `--seed <hex>` and `--mnemonic <24 words>` flags
- featherChat-compatible identity: same seed → same keys
- Commit: `12cdfe6`
### WZP-S-9. Fix Hardcoded Assumptions — TODO
1. No auth on relay — fix via WZP-S-2
2. Room names from SNI visible to network — fix via WZP-S-4 (use hashed names)
3. No signaling before media — fix via WZP-S-5
4. Self-signed TLS — acceptable for relay-to-relay; need real certs for web
5. No codec negotiation in web bridge — fix: add profile exchange in WS
6. No connection to featherChat key registry — fix via WZP-S-2/S-3
### WZP-S-9. Fix Hardcoded Assumptions — DONE
1. No auth on relay — fixed via S-2 (`--auth-url`)
2. Room names from SNI — fixed via S-4 (hashed room names)
3. No signaling before media — fixed via S-5 (mandatory handshake)
4. Self-signed TLS — ✅ fixed via S-6 (`--cert`/`--key` for production)
5. No codec negotiation in web bridge — profile negotiated in handshake
6. No connection to FC key registry — fixed via S-2 (token validation)
---
## featherChat-Side Tasks (their responsibility, we support)
### WZP-FC-1. Add CallSignal WireMessage variant — DONE (v0.0.21, 064a730)
- `CallSignal { id, sender_fingerprint, signal_type, payload, target }`
- `CallSignalType`: Offer, Answer, IceCandidate, Hangup, Reject, Ringing, Busy
- payload field is String — WZP puts JSON-serialized SignalMessage here
- target field: peer fingerprint (1:1) or room name (group)
### WZP-FC-2. Call state management + sled tree — 1-2d
### WZP-FC-3. WS handler for call signaling — 0.5d
### WZP-FC-2. Call state management + sled tree — TODO (1-2d)
### WZP-FC-3. WS handler for call signaling — TODO (0.5d)
### WZP-FC-4. Auth token validation endpoint — DONE (v0.0.21, 064a730)
- `POST /v1/auth/validate { "token": "..." }`
- Returns: `{ "valid": true, "fingerprint": "...", "alias": "..." }`
### WZP-FC-5. Group-to-room mapping — 1d
### WZP-FC-6. Presence/online status API — 0.5-2d
### WZP-FC-7. Missed call notifications0.5d
### WZP-FC-8. Cross-project identity verification test — 2-4h (CRITICAL)
### WZP-FC-9. HKDF salt investigation — VERIFIED: no mismatch
### WZP-FC-10. Web bridge shared auth — 1-2d
### WZP-FC-5. Group-to-room mapping — TODO (1d)
### WZP-FC-6. Presence/online status API — TODO (0.5-2d)
### WZP-FC-7. Missed call notifications — TODO (0.5d)
### WZP-FC-8. Cross-project identity verification — DONE (15 tests, 26dc848)
### WZP-FC-9. HKDF salt investigation — DONE (no mismatch)
### WZP-FC-10. Web bridge shared auth — TODO (1-2d)
### FC-CRATE-1. Standalone warzone-protocol — DONE (v0.0.21, 4a4fa9f)
---
## Integration Priority Order
## All WZP-S Tasks Complete
1. **WZP-FC-8 + WZP-S-1** — Cross-project identity test (DONE on WZP side)
2. **WZP-S-8** — CLI seed input (enables identity testing)
3. **WZP-FC-1**CallSignal WireMessage (featherChat side)
4. **WZP-S-3**Signaling bridge in client
5. **WZP-FC-4 + WZP-S-2** — Auth tokens (both sides)
6. **WZP-S-5** — Wire handshake into live path
7. **WZP-FC-5 + WZP-S-4** — Group-to-room mapping + access control
8. **WZP-FC-2/3** — Call state management
9. **WZP-S-6 + WZP-FC-10** — Web integration
The WZP side of integration is finished. featherChat needs:
1. **FC-2 + FC-3** — call state management + WS routing (makes real calls possible)
2. **FC-5**group-to-room mapping (uses `hash_room_name` convention)
3. **FC-6/7**presence + missed calls (UX polish)
4. **FC-10** — web bridge shared auth (browser token flow)