Files
wz-phone/vault/Reference/Featherchat.md
Siavash Sameni ed8a7ae5aa docs: protocol audit 2026-05-25, update architecture + Obsidian vault
Audit:
- docs/AUDIT-2026-05-25.md: full protocol audit covering 8 findings
  (4 critical, 2 high, 5 medium, 4 low) with code references and fix
  effort estimates
- vault/Audit/Tasks.md: Obsidian Tasks plugin file tracking all audit
  items with priorities, due dates, and per-step checklists

Architecture docs updated for Wire format v2 and Wave 5/6 features:
- ARCHITECTURE.md: adds wzp-video to dependency graph and project
  structure; wire format updated to v2 (16B header, 5B MiniHeader);
  relay concurrency section corrected (DashMap+RwLock is current, not
  a future optimization); test count 571→702; Android note
- PROGRESS.md: Wave 5 and Wave 6 sections appended; test count 372→702;
  current status and open blockers as of 2026-05-25
- ROAD-TO-VIDEO.md: implementation status table inserted (/🟡/🔴/🔲
  per phase); 6-step critical path to first video call
- WZP-SPEC.md: MediaHeader updated to v2 (16B byte-aligned); MiniHeader
  updated to 5B with seq_delta; codec IDs 9-12 added (H.264/H.265/AV1);
  version negotiation section added

Obsidian vault (vault/):
- 114 files across Architecture/, PRDs/, Reports/, Android/,
  Reference/, Audit/ with YAML frontmatter
- 00 - Home.md index note with wiki links
- .obsidian/app.json config

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-25 06:00:17 +04:00

2.6 KiB

tags, type
tags type
reference
wzp
reference

FeatherChat: Voice/Video Calling Integration with Warzone Messenger

Overview

Voice/video calling system designed to integrate with the existing E2E encrypted Warzone messenger. Reuses the same identity, addressing, and key exchange infrastructure.

Identity Model (reuse, not duplicate)

  • Identity: 32-byte seed derives both keypairs via HKDF:
    • Ed25519 (signing)
    • X25519 (encryption)
  • Fingerprint: SHA-256(Ed25519 public key)[:16], displayed as xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
  • Backup: BIP39 mnemonic (24 words) for seed recovery
  • Storage: Seed encrypted at rest with Argon2id + ChaCha20-Poly1305
  • Future: Ethereum address as fingerprint (secp256k1 derived from same BIP39 seed)

Addressing (reuse)

Method Format Resolution
Local alias @manwe Server resolves to fingerprint
Federated @manwe.b1.example.com DNS TXT record → fingerprint + server endpoint
ENS @manwe.eth Ethereum address → fingerprint (Phase 2-3)
Raw fingerprint xxxx:xxxx:... Direct lookup (always works as fallback)

Key Exchange (can extend)

  • X3DH for session establishment:
    • Ed25519 identity key
    • X25519 ephemeral key
    • Signed pre-keys
  • Double Ratchet for forward secrecy on data channels
  • Pre-key bundles stored on server, fetched by callers

Server Infrastructure

  • Stack: Rust (axum), sled DB, WebSocket for real-time
  • Trust model: Server is untrusted relay — never sees plaintext
  • Groups: Named, auto-created, per-member encryption
  • Federation: Via DNS TXT records (Phase 3)

Calling System Requirements

  1. Signaling: Reuse existing WebSocket connection and identity
  2. Key derivation: SRTP/DTLS keys derived from existing X3DH shared secret (or new ephemeral exchange per call)
  3. Call initiation: WireMessage::CallOffer, CallAnswer, CallIceCandidate variants
  4. NAT traversal: STUN/TURN server integration
  5. Group calls: SFU (Selective Forwarding Unit) vs mesh topology for up to 50 users
  6. Codecs: Opus for audio, VP8/VP9/AV1 for video
  7. E2E media encryption: Insertable streams API (WebRTC) or custom SRTP
  8. Unified addressing: A user calls @manwe the same way they message @manwe

Degradation Strategy

Calls should degrade gracefully under unreliable/warzone network conditions:

Video (full) → Video (low res) → Audio (high quality) → Audio (low bitrate)
  • Support opportunistic cooperation
  • Fall back to TURN/TCP through the existing WebSocket when UDP is blocked