chore: rename project quicnprotochat -> quicproquo (binaries: qpq)
Rename the entire workspace:
- Crate packages: quicnprotochat-{core,proto,server,client,gui,p2p,mobile} -> quicproquo-*
- Binary names: quicnprotochat -> qpq, quicnprotochat-server -> qpq-server,
quicnprotochat-gui -> qpq-gui
- Default files: *-state.bin -> qpq-state.bin, *-server.toml -> qpq-server.toml,
*.db -> qpq.db
- Environment variable prefix: QUICNPROTOCHAT_* -> QPQ_*
- App identifier: chat.quicnproto.gui -> chat.quicproquo.gui
- Proto package: quicnprotochat.bench -> quicproquo.bench
- All documentation, Docker, CI, and script references updated
HKDF domain-separation strings and P2P ALPN remain unchanged for
backward compatibility with existing encrypted state and wire protocol.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -1,6 +1,6 @@
|
||||
# Key Lifecycle and Zeroization
|
||||
|
||||
quicnprotochat uses multiple key types with different lifetimes, creation
|
||||
quicproquo uses multiple key types with different lifetimes, creation
|
||||
patterns, and destruction guarantees. This page provides a comprehensive
|
||||
lifecycle diagram for every key type in the system, from generation through
|
||||
zeroization.
|
||||
@@ -25,7 +25,7 @@ Hybrid KEM Keys Per peer (future) Public portion X25519+ML-KEM-768
|
||||
|
||||
## Ed25519 Identity Key
|
||||
|
||||
**Source:** `crates/quicnprotochat-core/src/identity.rs`
|
||||
**Source:** `crates/quicproquo-core/src/identity.rs`
|
||||
|
||||
The Ed25519 identity key is the most long-lived secret in the system. It
|
||||
represents the client's cryptographic identity across all sessions and groups.
|
||||
@@ -92,8 +92,8 @@ zeroization.
|
||||
|
||||
## HPKE Init Keys
|
||||
|
||||
**Source:** `crates/quicnprotochat-core/src/keystore.rs` and
|
||||
`crates/quicnprotochat-core/src/group.rs`
|
||||
**Source:** `crates/quicproquo-core/src/keystore.rs` and
|
||||
`crates/quicproquo-core/src/group.rs`
|
||||
|
||||
HPKE init keys are generated by the openmls backend as part of MLS KeyPackage
|
||||
creation. They are single-use: each init key is consumed exactly once when
|
||||
@@ -167,7 +167,7 @@ processing a Welcome message.
|
||||
**Managed by:** `openmls` (internal to the `MlsGroup` state machine)
|
||||
|
||||
MLS epoch keys are derived internally by the openmls ratchet tree. They are not
|
||||
directly accessible in quicnprotochat code but are critical to understanding the
|
||||
directly accessible in quicproquo code but are critical to understanding the
|
||||
system's security properties.
|
||||
|
||||
### Lifecycle
|
||||
@@ -216,12 +216,12 @@ system's security properties.
|
||||
- **Deletion:** Old epoch keys are deleted after the Commit is processed. This
|
||||
deletion is what provides [forward secrecy](forward-secrecy.md) at the MLS
|
||||
layer.
|
||||
- **No direct access:** quicnprotochat code interacts with epoch keys only
|
||||
- **No direct access:** quicproquo code interacts with epoch keys only
|
||||
indirectly through `send_message()` and `receive_message()`.
|
||||
|
||||
## Hybrid KEM Keys (Future -- M5+)
|
||||
|
||||
**Source:** `crates/quicnprotochat-core/src/hybrid_kem.rs`
|
||||
**Source:** `crates/quicproquo-core/src/hybrid_kem.rs`
|
||||
|
||||
The hybrid KEM keypair combines X25519 (classical) with ML-KEM-768
|
||||
(post-quantum) for content encryption that resists both classical and quantum
|
||||
|
||||
Reference in New Issue
Block a user