From 97402f6e60d83a20e90a7c7992e10452a941dc4d Mon Sep 17 00:00:00 2001 From: Siavash Sameni Date: Sat, 28 Mar 2026 08:56:26 +0400 Subject: [PATCH] docs: integration task tracker from featherChat commit 65f6390 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Maps all WZP-S-* (our side) and WZP-FC-* (featherChat side) tasks with status tracking and priority order. Key findings: - WZP-S-1 (HKDF alignment): DONE — both use None salt, info strings match - WZP-S-9: 6 hardcoded assumptions documented for fixing - Priority: identity test → CLI seed → CallSignal variant → auth → handshake Co-Authored-By: Claude Opus 4.6 (1M context) --- docs/INTEGRATION_TASKS.md | 97 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 97 insertions(+) create mode 100644 docs/INTEGRATION_TASKS.md diff --git a/docs/INTEGRATION_TASKS.md b/docs/INTEGRATION_TASKS.md new file mode 100644 index 0000000..fe0d4a8 --- /dev/null +++ b/docs/INTEGRATION_TASKS.md @@ -0,0 +1,97 @@ +# WZP Integration Tasks + +Based on featherChat commit 65f6390 — FUTURE_TASKS.md with WZP integration items. + +## Status Key +- DONE = implemented and tested +- PARTIAL = code exists but not wired into live path +- TODO = not started + +--- + +## WZP-Side Tasks (our responsibility) + +### WZP-S-1. HKDF Salt/Info String Alignment — DONE +- HKDF info strings aligned: `warzone-ed25519` / `warzone-x25519` +- Salt: both use `None` (featherChat converts `b""` → `None`). No mismatch. +- Commit: `ac3b997` + +### WZP-S-2. Accept featherChat Bearer Token on Relay — TODO (HIGH) +- Add `--auth-url` flag to wzp-relay (e.g., `--auth-url https://chat.example.com/v1/auth/validate`) +- On new QUIC connection: expect first signaling message to contain a bearer token +- Relay calls featherChat's `/v1/auth/validate` to verify +- Reject connection if token invalid +- Files: `wzp-relay/src/main.rs`, new `wzp-relay/src/auth.rs` + +### WZP-S-3. Signaling Bridge Mode — TODO (HIGH) +- Client should be able to send/receive `SignalMessage` through featherChat's WebSocket +- New `WireMessage::CallSignal` variant wraps opaque JSON `SignalMessage` +- Client connects to featherChat WS, sends CallOffer, receives CallAnswer +- Then uses the relay address from the answer to connect QUIC for media +- Files: new `wzp-client/src/featherchat.rs` + +### WZP-S-4. Room Access Control — TODO (MEDIUM) +- Relay should verify room membership before allowing join +- Room name should be opaque hash (not human-readable group name) +- `room_id = SHA-256("featherchat-group:" + group_name)[:16]` +- Files: `wzp-relay/src/room.rs` + +### WZP-S-5. Wire Crypto Handshake into Live Path — PARTIAL +- `handshake.rs` exists in both client and relay +- Not used in CLI live mode, file mode, or web bridge +- Need to make handshake mandatory before media flows +- Files: `wzp-client/src/cli.rs`, `wzp-web/src/main.rs` + +### WZP-S-6. Web Bridge + featherChat Web Client — TODO (MEDIUM) +- featherChat has a WASM web client (warzone-wasm crate) +- Web bridge should accept featherChat session tokens +- Share authentication with featherChat web login +- Files: `wzp-web/src/main.rs` + +### WZP-S-7. Publish wzp-proto for featherChat — TODO (LOW) +- featherChat needs `wzp_proto::SignalMessage` type for `CallSignal` variant +- Option A: publish wzp-proto to private registry +- Option B: featherChat uses JSON schema, WZP serializes to JSON +- Option C: git submodule / path dependency + +### WZP-S-8. CLI Seed Input — TODO (LOW) +- Add `--seed ` or `--mnemonic ` flag to wzp-client +- Derive identity from seed, use for handshake +- Files: `wzp-client/src/cli.rs` + +### WZP-S-9. Fix Hardcoded Assumptions — TODO +1. No auth on relay — fix via WZP-S-2 +2. Room names from SNI visible to network — fix via WZP-S-4 (use hashed names) +3. No signaling before media — fix via WZP-S-5 +4. Self-signed TLS — acceptable for relay-to-relay; need real certs for web +5. No codec negotiation in web bridge — fix: add profile exchange in WS +6. No connection to featherChat key registry — fix via WZP-S-2/S-3 + +--- + +## featherChat-Side Tasks (their responsibility, we support) + +### WZP-FC-1. Add CallSignal WireMessage variant — 2-4h +### WZP-FC-2. Call state management + sled tree — 1-2d +### WZP-FC-3. WS handler for call signaling — 0.5d +### WZP-FC-4. Auth token validation endpoint — 2-4h +### WZP-FC-5. Group-to-room mapping — 1d +### WZP-FC-6. Presence/online status API — 0.5-2d +### WZP-FC-7. Missed call notifications — 0.5d +### WZP-FC-8. Cross-project identity verification test — 2-4h (CRITICAL) +### WZP-FC-9. HKDF salt investigation — VERIFIED: no mismatch +### WZP-FC-10. Web bridge shared auth — 1-2d + +--- + +## Integration Priority Order + +1. **WZP-FC-8 + WZP-S-1** — Cross-project identity test (DONE on WZP side) +2. **WZP-S-8** — CLI seed input (enables identity testing) +3. **WZP-FC-1** — CallSignal WireMessage (featherChat side) +4. **WZP-S-3** — Signaling bridge in client +5. **WZP-FC-4 + WZP-S-2** — Auth tokens (both sides) +6. **WZP-S-5** — Wire handshake into live path +7. **WZP-FC-5 + WZP-S-4** — Group-to-room mapping + access control +8. **WZP-FC-2/3** — Call state management +9. **WZP-S-6 + WZP-FC-10** — Web integration