Audit: - docs/AUDIT-2026-05-25.md: full protocol audit covering 8 findings (4 critical, 2 high, 5 medium, 4 low) with code references and fix effort estimates - vault/Audit/Tasks.md: Obsidian Tasks plugin file tracking all audit items with priorities, due dates, and per-step checklists Architecture docs updated for Wire format v2 and Wave 5/6 features: - ARCHITECTURE.md: adds wzp-video to dependency graph and project structure; wire format updated to v2 (16B header, 5B MiniHeader); relay concurrency section corrected (DashMap+RwLock is current, not a future optimization); test count 571→702; Android note - PROGRESS.md: Wave 5 and Wave 6 sections appended; test count 372→702; current status and open blockers as of 2026-05-25 - ROAD-TO-VIDEO.md: implementation status table inserted (✅/🟡/🔴/🔲 per phase); 6-step critical path to first video call - WZP-SPEC.md: MediaHeader updated to v2 (16B byte-aligned); MiniHeader updated to 5B with seq_delta; codec IDs 9-12 added (H.264/H.265/AV1); version negotiation section added Obsidian vault (vault/): - 114 files across Architecture/, PRDs/, Reports/, Android/, Reference/, Audit/ with YAML frontmatter - 00 - Home.md index note with wiki links - .obsidian/app.json config Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
79 lines
3.2 KiB
Markdown
79 lines
3.2 KiB
Markdown
---
|
||
tags: [report, wzp]
|
||
type: report
|
||
status: Pending Review
|
||
---
|
||
|
||
# T2.5 — Tier B (packet-rate) + Tier C (timestamp drift)
|
||
|
||
**Status:** Pending Review
|
||
**Agent:** Kimi Code CLI
|
||
**Started:** 2026-05-11T17:35Z
|
||
**Completed:** 2026-05-11T17:45Z
|
||
**Commit:** 846c98e
|
||
**PRD:** ../PRD-relay-conformance.md
|
||
|
||
## What I changed
|
||
|
||
- `crates/wzp-relay/src/conformance.rs` — Extended `ConformanceMeter`:
|
||
- Added `max_pps(codec: CodecId) -> u32`: `1000 / frame_duration_ms * 3`.
|
||
- Tier B check in `observe()`: `packets_in_window > max_pps * 1.5` → `PacketRateExceeded`.
|
||
- Added rolling 200-packet `VecDeque<(seq, timestamp)>` for drift tracking.
|
||
- Tier C check: computes `Δtimestamp / Δseq` over the window; if outside `frame_duration_ms × [0.5, 2.0]`, returns `TimestampDrift`.
|
||
- Handles `u32` wraparound via `wrapping_sub`.
|
||
|
||
## Why these choices
|
||
|
||
The `* 3` factor on packet rate mirrors the FEC overhead used in Tier A's bitrate ceiling. The 1.5× multiplier on `max_pps` provides headroom for burstiness.
|
||
|
||
For timestamp drift, a 200-packet window (~4-8 seconds of audio) gives a stable average while still reacting within a reasonable timeframe. The `[0.5, 2.0]` bounds catch both timestamp acceleration (cheating/fast-forward) and deceleration (stalling/replay).
|
||
|
||
## Deviations from the task spec
|
||
|
||
None.
|
||
|
||
## Verification output
|
||
|
||
```bash
|
||
$ cargo test -p wzp-relay conformance
|
||
running 10 tests
|
||
test conformance::tests::bitrate_exceeded_for_opus24k ... ok
|
||
test conformance::tests::ceiling_bps_floor ... ok
|
||
test conformance::tests::packet_rate_exceeded ... ok
|
||
test conformance::tests::packet_rate_within_limit ... ok
|
||
test conformance::tests::small_packets_stay_within_ceiling ... ok
|
||
test conformance::tests::timestamp_drift_detected_when_too_fast ... ok
|
||
test conformance::tests::timestamp_drift_detected_when_too_slow ... ok
|
||
test conformance::tests::timestamp_drift_not_checked_before_two_packets ... ok
|
||
test conformance::tests::timestamp_normal_no_drift ... ok
|
||
test conformance::tests::window_resets_after_one_second ... ok
|
||
|
||
test result: ok. 10 passed; 0 failed; 0 ignored; 0 measured; 76 filtered out; finished in 0.00s
|
||
```
|
||
|
||
## Test summary
|
||
|
||
- Tests added: 6
|
||
- `packet_rate_exceeded` — 226 packets at Opus24k threshold trips `PacketRateExceeded`
|
||
- `packet_rate_within_limit` — 112 packets at Opus6k threshold stays within limit
|
||
- `timestamp_drift_detected_when_too_fast` — 5ms/packet (below 10ms min) triggers drift
|
||
- `timestamp_drift_detected_when_too_slow` — 50ms/packet (above 40ms max) triggers drift
|
||
- `timestamp_normal_no_drift` — 200 packets at exactly 20ms/packet all pass
|
||
- `timestamp_drift_not_checked_before_two_packets` — single packet never triggers
|
||
- Tests modified: 0
|
||
- `wzp-relay` test count: 86 (unchanged from T2.4; conformance tests expanded from 4 to 10)
|
||
- `cargo clippy -p wzp-relay --lib`: pass
|
||
- `cargo fmt --all -- --check`: pass
|
||
|
||
## Risks / follow-ups
|
||
|
||
- Timestamp drift uses `u32` wrapping arithmetic. In practice, timestamps wrap after ~49 days of session uptime — the 200-packet window makes wraparound extremely unlikely, but the code handles it correctly.
|
||
|
||
## Reviewer checklist (filled in by reviewer)
|
||
|
||
- [ ] Code matches PRD intent
|
||
- [ ] Verification output is real
|
||
- [ ] No backward-incompat surprises
|
||
- [ ] Tests cover the new behavior
|
||
- [ ] Approved
|