Remove Noise protocol references from wiki docs and tests
Delete 8 Noise-specific documentation pages (noise-xx.md,
transport-keys.md, adr-001/003/006, framing-codec.md) and update
~30 remaining wiki pages to reflect QUIC+TLS as the sole transport.
Remove obsolete Noise-based integration tests (auth_service.rs,
mls_group.rs). Code-side Noise removal was done in f334ed3.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -20,8 +20,8 @@ how the crates relate to one another.
|
||||
▼ ▼
|
||||
┌────────────────────────┐ ┌────────────────────────┐
|
||||
│ quicnprotochat-core │ │ quicnprotochat-server │
|
||||
│ (crypto, Noise, │ │ (QUIC listener, │
|
||||
│ MLS, hybrid KEM) │ │ NodeService RPC, │
|
||||
│ (crypto, MLS, │ │ (QUIC listener, │
|
||||
│ hybrid KEM) │ │ NodeService RPC, │
|
||||
│ │ │ storage) │
|
||||
└──────────┬─────────────┘ └─────────┬──────────────┘
|
||||
│ │
|
||||
@@ -42,27 +42,23 @@ serialisation. The server and client crates both depend on core and proto.
|
||||
|
||||
## quicnprotochat-core
|
||||
|
||||
**Role:** Pure cryptographic logic and transport primitives. No network I/O
|
||||
(except for the Noise handshake helpers that take an existing `TcpStream`). No
|
||||
async runtime dependency beyond what Noise transport needs.
|
||||
**Role:** Pure cryptographic logic. No network I/O. No async runtime
|
||||
dependency.
|
||||
|
||||
### Modules
|
||||
|
||||
| Module | Public API | Description |
|
||||
|---------------|-----------------------------------------------------------------------------|-------------|
|
||||
| `keypair` | `NoiseKeypair` | Static X25519 keypair for Noise_XX. `StaticSecret` is `ZeroizeOnDrop`. `private_bytes()` returns `Zeroizing<[u8; 32]>`. |
|
||||
| `identity` | `IdentityKeypair` | Ed25519 signing keypair for MLS credentials. Seed stored as `Zeroizing<[u8; 32]>`. Implements `openmls_traits::Signer`. |
|
||||
| `noise` | `handshake_initiator`, `handshake_responder`, `NoiseTransport` | Noise_XX_25519_ChaChaPoly_BLAKE2s handshake over TCP. `NoiseTransport` provides `send_frame`/`recv_frame`, envelope helpers, and `into_capnp_io()` bridge. |
|
||||
| `codec` | `LengthPrefixedCodec`, `NOISE_MAX_MSG` | Tokio `Encoder<Bytes>` + `Decoder`. 4-byte LE length prefix. Max frame 65,535 bytes. |
|
||||
| `group` | `GroupMember` | MLS group state machine wrapping `openmls::MlsGroup`. Lifecycle: `new` -> `generate_key_package` -> `create_group` / `join_group` -> `send_message` / `receive_message`. |
|
||||
| `keypackage` | `generate_key_package` | Standalone KeyPackage generation (returns TLS-encoded bytes + SHA-256 fingerprint). |
|
||||
| `keystore` | `DiskKeyStore`, `StoreCrypto` | `OpenMlsKeyStore` implementation backed by an in-memory `HashMap` with optional bincode flush to disk. `StoreCrypto` couples `RustCrypto` + `DiskKeyStore` into an `OpenMlsCryptoProvider`. |
|
||||
| `hybrid_kem` | `HybridKeypair`, `HybridPublicKey`, `hybrid_encrypt`, `hybrid_decrypt` | X25519 + ML-KEM-768 hybrid KEM. HKDF-SHA256 key derivation, ChaCha20-Poly1305 AEAD. Versioned envelope wire format. |
|
||||
| `error` | `CoreError`, `CodecError`, `MAX_PLAINTEXT_LEN` | Unified error types. `CoreError` covers Noise, Codec, Cap'n Proto, MLS, and hybrid KEM failures. |
|
||||
| `error` | `CoreError`, `MAX_PLAINTEXT_LEN` | Unified error types. `CoreError` covers Cap'n Proto, MLS, and hybrid KEM failures. |
|
||||
|
||||
### What this crate does NOT do
|
||||
|
||||
- No network I/O beyond the Noise helpers (which take a pre-connected `TcpStream`).
|
||||
- No network I/O.
|
||||
- No QUIC or TLS -- that is the server and client crates' concern.
|
||||
- No async runtime setup (it uses Tokio types internally but does not spawn or
|
||||
manage a runtime).
|
||||
@@ -70,10 +66,10 @@ async runtime dependency beyond what Noise transport needs.
|
||||
|
||||
### Key dependencies
|
||||
|
||||
`snow`, `x25519-dalek`, `ed25519-dalek`, `openmls`, `openmls_rust_crypto`,
|
||||
`openmls_traits`, `tls_codec`, `ml-kem`, `chacha20poly1305`, `hkdf`, `sha2`,
|
||||
`zeroize`, `capnp`, `quicnprotochat-proto`, `tokio`, `tokio-util`, `futures`,
|
||||
`bytes`, `serde`, `bincode`, `serde_json`, `thiserror`.
|
||||
`ed25519-dalek`, `openmls`, `openmls_rust_crypto`,
|
||||
`openmls_traits`, `tls_codec`, `ml-kem`, `x25519-dalek`, `chacha20poly1305`,
|
||||
`hkdf`, `sha2`, `zeroize`, `capnp`, `quicnprotochat-proto`, `tokio`,
|
||||
`serde`, `bincode`, `serde_json`, `thiserror`.
|
||||
|
||||
---
|
||||
|
||||
@@ -87,7 +83,7 @@ for the wire format.
|
||||
|
||||
| Item | Description |
|
||||
|---------------------------|-------------|
|
||||
| `schemas/envelope.capnp` | `Envelope` struct and `MsgType` enum -- top-level wire message for Noise-channel traffic. |
|
||||
| `schemas/envelope.capnp` | `Envelope` struct and `MsgType` enum -- top-level wire message. |
|
||||
| `schemas/auth.capnp` | `AuthenticationService` interface -- `uploadKeyPackage`, `fetchKeyPackage`. |
|
||||
| `schemas/delivery.capnp` | `DeliveryService` interface -- `enqueue`, `fetch`. |
|
||||
| `schemas/node.capnp` | `NodeService` interface (unified AS+DS) -- all RPC methods plus `Auth` struct. |
|
||||
@@ -148,7 +144,6 @@ is handled by `spawn_local`.
|
||||
- No direct crypto operations (it delegates to `quicnprotochat-core` types
|
||||
for fingerprinting and storage only).
|
||||
- No MLS processing -- all payloads are opaque byte strings.
|
||||
- No Noise transport (QUIC/TLS only).
|
||||
|
||||
### Key dependencies
|
||||
|
||||
@@ -192,7 +187,6 @@ group state to disk.
|
||||
### What this crate does NOT do
|
||||
|
||||
- No server-side logic.
|
||||
- No Noise transport (QUIC/TLS only for server communication).
|
||||
- No direct crypto beyond calling `GroupMember` and verifying SHA-256
|
||||
fingerprints.
|
||||
|
||||
|
||||
Reference in New Issue
Block a user