Rename project to quicnprotochat

2026-02-21 23:37:40 +01:00
parent c9d295c510
commit 3bf3ab23e2
32 changed files with 3370 additions and 1132 deletions
--- a/master-prompt.md
+++ b/master-prompt.md
@@ -1,8 +1,8 @@
-# noiseml — Master Project Prompt
+# quicnprotochat — Master Project Prompt

 ## Project Identity

-You are building **noiseml**, a production-grade end-to-end encrypted group messenger in Rust. It uses the MLS protocol (RFC 9420) for group key agreement, ML-KEM-768 (NIST FIPS 203) hybrid post-quantum key exchange, the Noise Protocol Framework (Noise_XX pattern) over raw TCP as the transport layer, and Cap'n Proto for wire serialisation and RPC. There is no TLS, no HTTP, no WebSocket, no MessagePack.
+You are building **quicnprotochat**, a production-grade end-to-end encrypted group messenger in Rust. It uses the MLS protocol (RFC 9420) for group key agreement, ML-KEM-768 (NIST FIPS 203) hybrid post-quantum key exchange, the Noise Protocol Framework (Noise_XX pattern) over raw TCP as the transport layer, and Cap'n Proto for wire serialisation and RPC. There is no TLS, no HTTP, no WebSocket, no MessagePack.

 This is not a prototype. Every milestone produces production-ready, tested, deployable code.

@@ -35,13 +35,13 @@ This is not a prototype. Every milestone produces production-ready, tested, depl
 ### Workspace Layout

 ```
-noiseml/
+quicnprotochat/
 ├── Cargo.toml                  # workspace root
 ├── crates/
-│   ├── noiseml-core/           # crypto primitives, MLS wrapper, Noise framing codec
-│   ├── noiseml-proto/          # Cap'n Proto schemas + generated types, no crypto, no I/O
-│   ├── noiseml-server/         # Delivery Service (DS) + Authentication Service (AS)
-│   └── noiseml-client/         # CLI client
+│   ├── quicnprotochat-core/           # crypto primitives, MLS wrapper, Noise framing codec
+│   ├── quicnprotochat-proto/          # Cap'n Proto schemas + generated types, no crypto, no I/O
+│   ├── quicnprotochat-server/         # Delivery Service (DS) + Authentication Service (AS)
+│   └── quicnprotochat-client/         # CLI client
 ├── schemas/                    # .capnp schema files (canonical source of truth)
 │   ├── envelope.capnp
 │   ├── auth.capnp
@@ -55,31 +55,31 @@ noiseml/

 ### Crate Responsibilities

-**noiseml-core**
+**quicnprotochat-core**
 - Noise_XX handshake initiator and responder (via `snow`)
 - Length-prefixed Cap'n Proto frame codec (Tokio `Encoder`/`Decoder` traits)
 - MLS group state machine wrapper around `openmls`
 - Hybrid PQ ciphersuite (X25519 + ML-KEM-768)
 - Key generation and zeroize-on-drop key types

-**noiseml-proto**
+**quicnprotochat-proto**
 - Cap'n Proto `.capnp` schemas in `schemas/` (workspace root, shared)
 - `build.rs` invokes `capnpc` to generate Rust types into `src/generated/`
 - Re-exports generated types with ergonomic builder/reader helpers
 - Canonical serialisation helpers for signing (uses `capnp::message::Builder::canonicalize()`)
 - No crypto, no I/O, no async

-**noiseml-server**
+**quicnprotochat-server**
 - Authentication Service: KeyPackage store (DashMap → SQLite at M6)
 - Delivery Service: Cap'n Proto RPC interface, fan-out router, per-group append-only message log
 - Tokio TCP listener, Noise handshake per connection, then Cap'n Proto RPC over the encrypted channel
 - Structured logging (tracing)

-**noiseml-client**
+**quicnprotochat-client**
 - Tokio TCP connection to server
 - Noise handshake, then Cap'n Proto RPC client stub
 - CLI interface (clap)
- Drives noiseml-core for all crypto operations
+- Drives quicnprotochat-core for all crypto operations
 - Displays received messages to stdout

 ### Transport Stack
@@ -174,11 +174,11 @@ Hybrid KEM construction:
 ```
 SharedSecret = HKDF-SHA256(
  ikm  = X25519_ss || ML-KEM-768_ss,
-  info = "noiseml-hybrid-v1",
+  info = "quicnprotochat-hybrid-v1",
  len  = 32
 )
 ```
-Follows the combiner approach from draft-ietf-tls-hybrid-design. Implemented as a custom `openmls` `OpenMlsCryptoProvider` trait implementation in `noiseml-core`.
+Follows the combiner approach from draft-ietf-tls-hybrid-design. Implemented as a custom `openmls` `OpenMlsCryptoProvider` trait implementation in `quicnprotochat-core`.

 ---

@@ -189,10 +189,10 @@ Follows the combiner approach from draft-ietf-tls-hybrid-design. Implemented as

 Deliverables:
 - `schemas/envelope.capnp`: `Envelope` + `MsgType` (Ping/Pong only needed at this stage)
- `noiseml-proto`: `build.rs` with `capnpc`, generated type re-exports, canonical helper
- `noiseml-core`: static X25519 keypair generation, Noise_XX initiator + responder, length-prefixed Cap'n Proto frame codec
- `noiseml-server`: TCP listener, Noise handshake, Ping→Pong handler, one tokio task per connection
- `noiseml-client`: connects, Noise handshake, sends Ping, receives Pong, exits 0
+- `quicnprotochat-proto`: `build.rs` with `capnpc`, generated type re-exports, canonical helper
+- `quicnprotochat-core`: static X25519 keypair generation, Noise_XX initiator + responder, length-prefixed Cap'n Proto frame codec
+- `quicnprotochat-server`: TCP listener, Noise handshake, Ping→Pong handler, one tokio task per connection
+- `quicnprotochat-client`: connects, Noise handshake, sends Ping, receives Pong, exits 0
 - Integration test: server and client in same test binary using `tokio::spawn`
 - `docker-compose.yml` running the server

@@ -201,10 +201,10 @@ Deliverables:

 Deliverables:
 - `schemas/auth.capnp`: `AuthenticationService` interface
- `noiseml-proto`: generated RPC stubs + client/server bootstrap helpers
- `noiseml-core`: MLS KeyPackage generation (openmls)
- `noiseml-server`: AS RPC server implementation with DashMap store
- `noiseml-client`: `register` and `fetch-key` CLI subcommands
+- `quicnprotochat-proto`: generated RPC stubs + client/server bootstrap helpers
+- `quicnprotochat-core`: MLS KeyPackage generation (openmls)
+- `quicnprotochat-server`: AS RPC server implementation with DashMap store
+- `quicnprotochat-client`: `register` and `fetch-key` CLI subcommands
 - Test: Alice uploads KeyPackage, Bob fetches it, fingerprints match

 ### M3 — MLS Group Create + Welcome
@@ -212,25 +212,25 @@ Deliverables:

 Deliverables:
 - `schemas/delivery.capnp`: `DeliveryService` + `MessageStream` interfaces
- `noiseml-core`: group create, add member, process Welcome
- `noiseml-server`: DS RPC server, Welcome routing by identity
- `noiseml-client`: `create-group` and `join` CLI subcommands
+- `quicnprotochat-core`: group create, add member, process Welcome
+- `quicnprotochat-server`: DS RPC server, Welcome routing by identity
+- `quicnprotochat-client`: `create-group` and `join` CLI subcommands
 - Test: two clients reach identical epoch 1 group state, verified by comparing group context hashes

 ### M4 — Encrypted Group Messaging
 **Goal:** Alice and Bob exchange MLS Application messages through the DS.

 Deliverables:
- `noiseml-core`: send/receive application message, epoch rotation on Commit
- `noiseml-server`: DS fan-out via `MessageStream` capability stream, per-group ordered log (in-memory)
- `noiseml-client`: `send` subcommand, live receive loop via `MessageStream.next()`
+- `quicnprotochat-core`: send/receive application message, epoch rotation on Commit
+- `quicnprotochat-server`: DS fan-out via `MessageStream` capability stream, per-group ordered log (in-memory)
+- `quicnprotochat-client`: `send` subcommand, live receive loop via `MessageStream.next()`
 - Test: round-trip message integrity, forward secrecy verified by confirming distinct key material across epochs

 ### M5 — Hybrid PQ Ciphersuite
 **Goal:** Replace MLS crypto backend with X25519 + ML-KEM-768 hybrid.

 Deliverables:
- `noiseml-core`: custom `OpenMlsCryptoProvider` with hybrid KEM
+- `quicnprotochat-core`: custom `OpenMlsCryptoProvider` with hybrid KEM
 - All M3/M4 tests pass unchanged with new ciphersuite
 - Criterion benchmarks: key generation, encap/decap, group-add latency (10/100/1000 members)

@@ -238,7 +238,7 @@ Deliverables:
 **Goal:** Server survives restart. Full containerised deployment.

 Deliverables:
- `noiseml-server`: SQLite via `sqlx` for AS key store and DS message log, `migrations/` directory
+- `quicnprotochat-server`: SQLite via `sqlx` for AS key store and DS message log, `migrations/` directory
 - `docker/Dockerfile`: multi-stage build (rust:bookworm builder → debian:bookworm-slim runtime)
 - `docker-compose.yml`: server + SQLite volume, healthcheck
 - Client reconnect with session resume (re-handshake + rejoin group epoch from DS log)
@@ -266,7 +266,7 @@ capnp               = "0.19"
 capnp-rpc           = "0.19"

 # Build-time only
-capnpc              = "0.19"   # build-dependency in noiseml-proto
+capnpc              = "0.19"   # build-dependency in quicnprotochat-proto

 # Async / networking
 tokio               = { version = "1", features = ["full"] }
@@ -310,7 +310,7 @@ The MLS content layer is PQ-protected from M5. The Noise transport (X25519) rema

 ## How to Use This Prompt

-Paste this document at the start of any session working on noiseml. Then state which milestone you are working on and what specific task you need. The assistant will:
+Paste this document at the start of any session working on quicnprotochat. Then state which milestone you are working on and what specific task you need. The assistant will:

 1. Confirm the current milestone and task.
 2. State any design decisions being made (ADR format if significant).
@@ -325,5 +325,5 @@ When asking for code, always specify:

 ---

-*noiseml — MLS + Post-Quantum + Noise/TCP + Cap'n Proto messenger in Rust*
+*quicnprotochat — MLS + Post-Quantum + Noise/TCP + Cap'n Proto messenger in Rust*
 *Architecture version: 1.1 | Last updated: 2026-02-19*