chore: rename project quicnprotochat -> quicproquo (binaries: qpq)

Rename the entire workspace:
- Crate packages: quicnprotochat-{core,proto,server,client,gui,p2p,mobile} -> quicproquo-*
- Binary names: quicnprotochat -> qpq, quicnprotochat-server -> qpq-server,
  quicnprotochat-gui -> qpq-gui
- Default files: *-state.bin -> qpq-state.bin, *-server.toml -> qpq-server.toml,
  *.db -> qpq.db
- Environment variable prefix: QUICNPROTOCHAT_* -> QPQ_*
- App identifier: chat.quicnproto.gui -> chat.quicproquo.gui
- Proto package: quicnprotochat.bench -> quicproquo.bench
- All documentation, Docker, CI, and script references updated

HKDF domain-separation strings and P2P ALPN remain unchanged for
backward compatibility with existing encrypted state and wire protocol.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

docs/MULTI-AGENT-WORK-PLAN.md

@@ -9,21 +9,21 @@ This document splits work for **Future Improvements §1 (Security and hardening)
 **Owns:** Server auth/OPAQUE, TLS config, core crypto (identity, keypackage, hybrid_kem), docs under `docs/src/cryptography/` and TLS/cert docs.
 
 ### A1. 1.2 CA-signed TLS / certificate lifecycle
-- **Files:** `docs/src/getting-started/` (new or existing), `crates/quicnprotochat-server/src/tls.rs` (optional env), `README.md`.
+- **Files:** `docs/src/getting-started/` (new or existing), `crates/quicproquo-server/src/tls.rs` (optional env), `README.md`.
 - **Tasks:**
   1. Add **Certificate lifecycle** doc: using CA-issued certs (e.g. Let's Encrypt), cert rotation, OCSP/CRL optional. Recommend pinning for single-server.
-  2. Optional: server config or env to prefer CA-signed cert path (e.g. `QUICNPROTOCHAT_USE_CA_CERT=1` and read from a different path). Low priority if docs suffice.
+  2. Optional: server config or env to prefer CA-signed cert path (e.g. `QPQ_USE_CA_CERT=1` and read from a different path). Low priority if docs suffice.
 - **Deliverable:** `docs/src/getting-started/certificate-lifecycle.md` (or section in running-the-server) + README link.
 
 ### A2. 1.4 Username enumeration (OPAQUE)
-- **Files:** `crates/quicnprotochat-server/src/node_service/auth_ops.rs`, `docs/SECURITY-AUDIT.md`.
+- **Files:** `crates/quicproquo-server/src/node_service/auth_ops.rs`, `docs/SECURITY-AUDIT.md`.
 - **Tasks:**
   1. Document the risk in SECURITY-AUDIT (already mentioned).
   2. Optional mitigation: ensure `get_user_record` is always called before `ServerLogin::start` (already true). If desired, add a constant-time delay or dummy work when user not found so response timing does not leak existence. Keep OPAQUE security unchanged.
 - **Deliverable:** Doc update; optional small code change in `handle_opaque_login_start`.
 
 ### A3. 1.1 M7 — Post-quantum MLS
-- **Files:** `crates/quicnprotochat-core/src/` (new or modified crypto provider), `crates/quicnprotochat-core/src/group.rs`, `crates/quicnprotochat-core/src/hybrid_kem.rs`, `crates/quicnprotochat-core/src/hybrid_crypto.rs`.
+- **Files:** `crates/quicproquo-core/src/` (new or modified crypto provider), `crates/quicproquo-core/src/group.rs`, `crates/quicproquo-core/src/hybrid_kem.rs`, `crates/quicproquo-core/src/hybrid_crypto.rs`.
 - **Tasks:**
   1. Implement a custom `OpenMlsCryptoProvider` (or adapter) that uses hybrid X25519 + ML-KEM-768 for MLS KEM (HPKE layer).
   2. Wire hybrid shared secret derivation (see milestones M7) into the provider.
@@ -42,7 +42,7 @@ This document splits work for **Future Improvements §1 (Security and hardening)
 **Owns:** Cap'n Proto schema (node.capnp delivery/channel methods), server storage (Store trait, FileBackedStore, SqlStore), `node_service/delivery.rs`, `node_service/key_ops.rs` (if createChannel lives there), client commands for channels.
 
 ### B1. 5.1 Private 1:1 channels (DM)
-- **Files:** `schemas/node.capnp`, `crates/quicnprotochat-server/src/storage.rs`, `crates/quicnprotochat-server/src/sql_store.rs`, `crates/quicnprotochat-server/src/node_service/delivery.rs`, new `crates/quicnprotochat-server/src/node_service/channel_ops.rs` (or add to delivery), migrations for channels table.
+- **Files:** `schemas/node.capnp`, `crates/quicproquo-server/src/storage.rs`, `crates/quicproquo-server/src/sql_store.rs`, `crates/quicproquo-server/src/node_service/delivery.rs`, new `crates/quicproquo-server/src/node_service/channel_ops.rs` (or add to delivery), migrations for channels table.
 - **Tasks:**
   1. **Schema:** Add `createChannel @N (auth :Auth, peerKey :Data) -> (channelId :Data);` to `node.capnp`. Rebuild proto.
   2. **Store trait:** Add `create_channel(&self, member_a: &[u8], member_b: &[u8]) -> Result<Vec<u8>, StorageError>`, `get_channel_members(&self, channel_id: &[u8]) -> Result<Option<(Vec<u8>, Vec<u8>)>, StorageError>`. Implement in FileBackedStore (in-memory map channel_id -> (a, b)) and SqlStore (channels table, unique on sorted (a,b)).
@@ -53,7 +53,7 @@ This document splits work for **Future Improvements §1 (Security and hardening)
 - **Ref:** [DM channels design](src/roadmap/dm-channels.md).
 
 ### B2. 5.2 MLS lifecycle (remove, update, proposals)
-- **Files:** `crates/quicnprotochat-core/src/group.rs`, client commands that use GroupMember.
+- **Files:** `crates/quicproquo-core/src/group.rs`, client commands that use GroupMember.
 - **Tasks:**
   1. Add `remove_member` (by index or identity) and `update_credential` / rekey using openmls APIs.
   2. Handle incoming MLS proposals (Remove, Update) in `receive_message` path and apply to group state.
@@ -62,7 +62,7 @@ This document splits work for **Future Improvements §1 (Security and hardening)
 - **Ref:** OpenMLS API for `MlsGroup::remove_member`, `MlsGroup::process_pending_proposals`, etc.
 
 ### B3. 5.3 Sealed Sender and 5.4 Traffic analysis
-- **Files:** Docs; optionally `crates/quicnprotochat-server`, `crates/quicnprotochat-client` for padding.
+- **Files:** Docs; optionally `crates/quicproquo-server`, `crates/quicproquo-client` for padding.
 - **Tasks:**
   1. Document current `sealed_sender` behaviour (enqueue without identity binding) and that full “sender in ciphertext” is a future protocol change.
   2. Optional: add optional payload padding (e.g. pad to next 256 bytes) or random delay in client send path for 5.4.
@@ -75,12 +75,12 @@ This document splits work for **Future Improvements §1 (Security and hardening)
 | Area | Agent A | Agent B |
 |------|---------|---------|
 | `schemas/node.capnp` | — | Add createChannel |
-| `crates/quicnprotochat-server/src/node_service/auth_ops.rs` | 1.4 username enum | — |
-| `crates/quicnprotochat-server/src/node_service/delivery.rs` | — | 5.1 channel authz |
-| `crates/quicnprotochat-server/src/storage.rs` | — | 5.1 Store channel methods |
-| `crates/quicnprotochat-server/src/sql_store.rs` | — | 5.1 channels table + impl |
-| `crates/quicnprotochat-server/src/tls.rs` | 1.2 optional | — |
-| `crates/quicnprotochat-core/` | 1.1 M7, 1.3 doc | 5.2 group.rs |
+| `crates/quicproquo-server/src/node_service/auth_ops.rs` | 1.4 username enum | — |
+| `crates/quicproquo-server/src/node_service/delivery.rs` | — | 5.1 channel authz |
+| `crates/quicproquo-server/src/storage.rs` | — | 5.1 Store channel methods |
+| `crates/quicproquo-server/src/sql_store.rs` | — | 5.1 channels table + impl |
+| `crates/quicproquo-server/src/tls.rs` | 1.2 optional | — |
+| `crates/quicproquo-core/` | 1.1 M7, 1.3 doc | 5.2 group.rs |
 | `docs/` | 1.2, 1.3, 1.4, 5.3/5.4 | — (or shared) |
 
 **Shared:** `docs/`, `README.md`. Prefer non-overlapping files (e.g. A adds `certificate-lifecycle.md`, B does not edit it).