docs: protocol audit 2026-05-25, update architecture + Obsidian vault

Audit:
- docs/AUDIT-2026-05-25.md: full protocol audit covering 8 findings
  (4 critical, 2 high, 5 medium, 4 low) with code references and fix
  effort estimates
- vault/Audit/Tasks.md: Obsidian Tasks plugin file tracking all audit
  items with priorities, due dates, and per-step checklists

Architecture docs updated for Wire format v2 and Wave 5/6 features:
- ARCHITECTURE.md: adds wzp-video to dependency graph and project
  structure; wire format updated to v2 (16B header, 5B MiniHeader);
  relay concurrency section corrected (DashMap+RwLock is current, not
  a future optimization); test count 571→702; Android note
- PROGRESS.md: Wave 5 and Wave 6 sections appended; test count 372→702;
  current status and open blockers as of 2026-05-25
- ROAD-TO-VIDEO.md: implementation status table inserted (/🟡/🔴/🔲
  per phase); 6-step critical path to first video call
- WZP-SPEC.md: MediaHeader updated to v2 (16B byte-aligned); MiniHeader
  updated to 5B with seq_delta; codec IDs 9-12 added (H.264/H.265/AV1);
  version negotiation section added

Obsidian vault (vault/):
- 114 files across Architecture/, PRDs/, Reports/, Android/,
  Reference/, Audit/ with YAML frontmatter
- 00 - Home.md index note with wiki links
- .obsidian/app.json config

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Siavash Sameni
2026-05-25 06:00:17 +04:00
parent 12b0d9738f
commit ed8a7ae5aa
120 changed files with 22781 additions and 65 deletions

View File

@@ -0,0 +1,89 @@
---
tags: [report, wzp]
type: report
status: Pending Review
---
# T2.4 — Relay conformance: Tier A (bitrate ceiling)
**Status:** Pending Review
**Agent:** Kimi Code CLI
**Started:** 2026-05-11T17:20Z
**Completed:** 2026-05-11T17:35Z
**Commit:** 846c98e
**PRD:** ../PRD-relay-conformance.md
## What I changed
- `crates/wzp-relay/src/conformance.rs` (new) — Conformance meter + violation enum:
- `Violation` enum: `BitrateExceeded`, `PacketRateExceeded`, `TimestampDrift`.
- `ConformanceMeter` with 1-second sliding window tracking `bytes_in_window`.
- `ceiling_bps(codec)``nominal * 3 * 115 / 100` with floor of 2 kbps.
- `observe()` returns `Err(Violation::BitrateExceeded)` when window bytes exceed `ceiling_bps / 8`.
- `crates/wzp-relay/src/lib.rs` — Added `pub mod conformance;`.
- `crates/wzp-relay/src/metrics.rs` — Added `conformance_violations: IntCounterVec` (label: `violation_type`).
- `crates/wzp-relay/src/room.rs` — Wired `ConformanceMeter` into both forwarding loops:
- `run_participant_plain` and `run_participant_trunked` each create a per-participant meter.
- On violation: logs `tracing::warn!` + bumps Prometheus counter.
- **Observe-only** — packets are never dropped.
- `crates/wzp-client/src/featherchat.rs` — Added missing `TransportFeedback` match arm (back-fill from T2.1).
## Why these choices
Using a plain struct with `&mut self` (no atomics/mutex) is correct because each participant runs in exactly one async recv task. The meter is never shared across threads.
The `* 3` factor accounts for FEC 2.0 (200% overhead = 3× total bitrate). The `* 115 / 100` adds a 15% safety margin. The 2 kbps floor prevents `ComfortNoise` (0 bps nominal) from having a zero ceiling.
## Deviations from the task spec
- Task example shows `parking_lot::Mutex<Instant>`. We don't have `parking_lot` in the relay crate, and it's unnecessary for a single-threaded async loop. Used plain `Instant` field instead.
## Verification output
```bash
$ cargo test -p wzp-relay conformance
running 4 tests
test conformance::tests::bitrate_exceeded_for_opus24k ... ok
test conformance::tests::ceiling_bps_floor ... ok
test conformance::tests::small_packets_stay_within_ceiling ... ok
test conformance::tests::window_resets_after_one_second ... ok
test result: ok. 4 passed; 0 failed; 0 ignored; 0 measured; 76 filtered out; finished in 0.00s
```
```bash
$ cargo test -p wzp-relay
running 86 tests
...(all 86 pass)...
test result: ok. 86 passed; 0 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.01s
```
## Test summary
- Tests added: 4
- `bitrate_exceeded_for_opus24k` — 1 MB/s payload declared as Opus24k correctly returns `BitrateExceeded`
- `small_packets_stay_within_ceiling` — 100 small packets stay under limit
- `window_resets_after_one_second` — window rollover works
- `ceiling_bps_floor` — ComfortNoise gets 2 kbps floor
- Tests modified: 0
- `wzp-relay` test count: 86 (was 82 before T2.4)
- `cargo clippy -p wzp-relay --lib`: pass (no new warnings)
- `cargo fmt --all -- --check`: pass
## Risks / follow-ups
- Tier B (packet-rate) and Tier C (timestamp drift) are reserved for T2.5.
- Currently observe-only. Future tasks may add drop/throttle behavior.
## Reviewer checklist (filled in by reviewer)
- [ ] Code matches PRD intent
- [ ] Verification output is real
- [ ] No backward-incompat surprises
- [ ] Tests cover the new behavior
- [ ] Approved