c/quicproquo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: implement account recovery with encrypted backup bundles

Browse Source 
Add recovery code generation (8 codes per setup), Argon2id key derivation,
ChaCha20-Poly1305 encrypted bundles, and server-side zero-knowledge storage.
Each code independently recovers the account. Includes core crypto module,
protobuf service (method IDs 750-752), server domain + handlers, SDK methods,
SQL migration, and CLI commands (/recovery setup, /recovery restore).
This commit is contained in:
Christian Nennemann
2026-03-04 20:12:20 +01:00
parent 5b6d8209f0
commit 12b19b6931
14 changed files with 1120 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
crates/quicproquo-server/migrations/011_recovery_bundles.sql Normal file
View File

@@ -0,0 +1,7 @@
-- Recovery bundle storage: encrypted bundles keyed by token_hash.
CREATE TABLE IF NOT EXISTS recovery_bundles (
token_hash BLOB PRIMARY KEY,
bundle BLOB NOT NULL,
ttl_secs INTEGER NOT NULL DEFAULT 0,
created_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now'))
);