feat: v2 Phase 1 — foundation, proto schemas, RPC framework, SDK skeleton

New workspace structure with 9 crates. Adds: - proto/qpq/v1/*.proto: 11 protobuf schemas covering all 33 RPC methods - quicproquo-proto: dual codegen (capnp legacy + prost v2) - quicproquo-rpc: QUIC RPC framework (framing, server, client, middleware) - quicproquo-sdk: client SDK (QpqClient, events, conversation store) - quicproquo-server/domain/: protocol-agnostic domain types and services - justfile: build commands Wire format: [method_id:u16][req_id:u32][len:u32][protobuf] per QUIC stream. All 151 existing tests pass. Backward compatible with v1 capnp code.
2026-03-04 12:02:07 +01:00
parent 394199b19b
commit a5864127d1
37 changed files with 3115 additions and 2778 deletions
--- a/crates/quicproquo-sdk/src/conversation.rs
+++ b/crates/quicproquo-sdk/src/conversation.rs
@@ -0,0 +1,481 @@
+//! Conversation management — create DMs, groups, send and receive messages.
+//!
+//! This is the SDK-side conversation store (migrated from v1 client).
+
+use std::path::Path;
+
+use anyhow::Context;
+use rusqlite::{params, Connection, OptionalExtension};
+use zeroize::Zeroizing;
+
+// ── Types ────────────────────────────────────────────────────────────────────
+
+/// 16-byte conversation identifier.
+#[derive(Clone, Debug, PartialEq, Eq, Hash)]
+pub struct ConversationId(pub [u8; 16]);
+
+impl ConversationId {
+    pub fn from_slice(s: &[u8]) -> Option<Self> {
+        if s.len() == 16 {
+            let mut buf = [0u8; 16];
+            buf.copy_from_slice(s);
+            Some(Self(buf))
+        } else {
+            None
+        }
+    }
+
+    /// Derive a conversation ID from a group name via SHA-256 truncation.
+    pub fn from_group_name(name: &str) -> Self {
+        use sha2::{Digest, Sha256};
+        let hash = Sha256::digest(name.as_bytes());
+        let mut buf = [0u8; 16];
+        buf.copy_from_slice(&hash[..16]);
+        Self(buf)
+    }
+
+    pub fn hex(&self) -> String {
+        hex::encode(self.0)
+    }
+}
+
+/// The kind of conversation.
+#[derive(Clone, Debug, PartialEq, Eq)]
+pub enum ConversationKind {
+    /// 1:1 DM channel with a specific peer.
+    Dm {
+        peer_key: Vec<u8>,
+        peer_username: Option<String>,
+    },
+    /// Named group with N members.
+    Group { name: String },
+}
+
+/// A conversation with its metadata and MLS state.
+#[derive(Clone, Debug)]
+pub struct Conversation {
+    pub id: ConversationId,
+    pub kind: ConversationKind,
+    pub display_name: String,
+    /// Serialized MLS group (bincode).
+    pub mls_group_blob: Option<Vec<u8>>,
+    /// Serialized keystore (bincode HashMap).
+    pub keystore_blob: Option<Vec<u8>>,
+    /// Member identity keys.
+    pub member_keys: Vec<Vec<u8>>,
+    pub unread_count: u32,
+    pub last_activity_ms: u64,
+    pub created_at_ms: u64,
+    /// Whether this conversation uses hybrid (X25519 + ML-KEM-768) MLS keys.
+    pub is_hybrid: bool,
+    /// Highest server-side delivery sequence number seen.
+    pub last_seen_seq: u64,
+}
+
+/// A stored message.
+#[derive(Clone, Debug)]
+pub struct StoredMessage {
+    pub conversation_id: ConversationId,
+    pub message_id: Option<[u8; 16]>,
+    pub sender_key: Vec<u8>,
+    pub sender_name: Option<String>,
+    pub body: String,
+    pub msg_type: String,
+    pub ref_msg_id: Option<[u8; 16]>,
+    pub timestamp_ms: u64,
+    pub is_outgoing: bool,
+}
+
+/// An entry in the offline outbox queue.
+#[derive(Clone, Debug)]
+pub struct OutboxEntry {
+    pub id: i64,
+    pub conversation_id: ConversationId,
+    pub recipient_key: Vec<u8>,
+    pub payload: Vec<u8>,
+    pub retry_count: u32,
+}
+
+// ── ConversationStore ────────────────────────────────────────────────────────
+
+/// SQLCipher-backed conversation and message store.
+pub struct ConversationStore {
+    conn: Connection,
+}
+
+impl ConversationStore {
+    /// Open or create the conversation database.
+    pub fn open(db_path: &Path, password: Option<&str>) -> anyhow::Result<Self> {
+        if let Some(parent) = db_path.parent() {
+            std::fs::create_dir_all(parent).ok();
+        }
+
+        let conn = Connection::open(db_path).context("open conversation db")?;
+
+        if let Some(pw) = password {
+            let key = derive_db_key(pw, db_path)?;
+            let hex_key = Zeroizing::new(hex::encode(&*key));
+            conn.pragma_update(None, "key", format!("x'{}'", &*hex_key))
+                .context("set SQLCipher key")?;
+        }
+
+        conn.execute_batch("PRAGMA journal_mode=WAL; PRAGMA foreign_keys=ON;")
+            .context("set pragmas")?;
+        Self::migrate(&conn)?;
+        Ok(Self { conn })
+    }
+
+    fn migrate(conn: &Connection) -> anyhow::Result<()> {
+        conn.execute_batch(
+            "CREATE TABLE IF NOT EXISTS conversations (
+                id              BLOB PRIMARY KEY,
+                kind            TEXT NOT NULL,
+                display_name    TEXT NOT NULL,
+                peer_key        BLOB,
+                peer_username   TEXT,
+                group_name      TEXT,
+                mls_group_blob  BLOB,
+                keystore_blob   BLOB,
+                member_keys     BLOB,
+                unread_count    INTEGER NOT NULL DEFAULT 0,
+                last_activity_ms INTEGER NOT NULL DEFAULT 0,
+                created_at_ms   INTEGER NOT NULL DEFAULT 0,
+                is_hybrid       INTEGER NOT NULL DEFAULT 0,
+                last_seen_seq   INTEGER NOT NULL DEFAULT 0
+            );
+
+            CREATE TABLE IF NOT EXISTS messages (
+                id              INTEGER PRIMARY KEY AUTOINCREMENT,
+                conversation_id BLOB NOT NULL REFERENCES conversations(id),
+                message_id      BLOB,
+                sender_key      BLOB NOT NULL,
+                sender_name     TEXT,
+                body            TEXT NOT NULL,
+                msg_type        TEXT NOT NULL,
+                ref_msg_id      BLOB,
+                timestamp_ms    INTEGER NOT NULL,
+                is_outgoing     INTEGER NOT NULL DEFAULT 0
+            );
+
+            CREATE INDEX IF NOT EXISTS idx_messages_conv
+                ON messages(conversation_id, timestamp_ms);
+
+            CREATE TABLE IF NOT EXISTS outbox (
+                id              INTEGER PRIMARY KEY AUTOINCREMENT,
+                conversation_id BLOB NOT NULL,
+                recipient_key   BLOB NOT NULL,
+                payload         BLOB NOT NULL,
+                created_at_ms   INTEGER NOT NULL,
+                retry_count     INTEGER NOT NULL DEFAULT 0,
+                status          TEXT NOT NULL DEFAULT 'pending'
+            );
+            CREATE INDEX IF NOT EXISTS idx_outbox_status
+                ON outbox(status, created_at_ms);",
+        )
+        .context("migrate conversation db")
+    }
+
+    /// Save or upsert a conversation.
+    pub fn save_conversation(&self, conv: &Conversation) -> anyhow::Result<()> {
+        let (kind_str, peer_key, peer_username, group_name) = match &conv.kind {
+            ConversationKind::Dm { peer_key, peer_username } => {
+                ("dm", Some(peer_key.as_slice()), peer_username.as_deref(), None)
+            }
+            ConversationKind::Group { name } => ("group", None, None, Some(name.as_str())),
+        };
+        let member_keys_blob =
+            bincode::serialize(&conv.member_keys).context("serialize member_keys")?;
+
+        self.conn.execute(
+            "INSERT INTO conversations
+                (id, kind, display_name, peer_key, peer_username, group_name,
+                 mls_group_blob, keystore_blob, member_keys, unread_count,
+                 last_activity_ms, created_at_ms, is_hybrid, last_seen_seq)
+             VALUES (?1, ?2, ?3, ?4, ?5, ?6, ?7, ?8, ?9, ?10, ?11, ?12, ?13, ?14)
+             ON CONFLICT(id) DO UPDATE SET
+                display_name = excluded.display_name,
+                mls_group_blob = excluded.mls_group_blob,
+                keystore_blob = excluded.keystore_blob,
+                member_keys = excluded.member_keys,
+                unread_count = excluded.unread_count,
+                last_activity_ms = excluded.last_activity_ms,
+                is_hybrid = excluded.is_hybrid,
+                last_seen_seq = excluded.last_seen_seq",
+            params![
+                conv.id.0.as_slice(),
+                kind_str,
+                conv.display_name,
+                peer_key,
+                peer_username,
+                group_name,
+                conv.mls_group_blob,
+                conv.keystore_blob,
+                member_keys_blob,
+                conv.unread_count,
+                conv.last_activity_ms,
+                conv.created_at_ms,
+                conv.is_hybrid as i32,
+                conv.last_seen_seq as i64,
+            ],
+        )?;
+        Ok(())
+    }
+
+    /// Load a conversation by ID.
+    pub fn load_conversation(&self, id: &ConversationId) -> anyhow::Result<Option<Conversation>> {
+        self.conn
+            .query_row(
+                "SELECT kind, display_name, peer_key, peer_username, group_name,
+                        mls_group_blob, keystore_blob, member_keys, unread_count,
+                        last_activity_ms, created_at_ms, is_hybrid, last_seen_seq
+                 FROM conversations WHERE id = ?1",
+                params![id.0.as_slice()],
+                |row| row_to_conversation(id, row),
+            )
+            .optional()
+            .context("load conversation")
+    }
+
+    /// List all conversations, most recent first.
+    pub fn list_conversations(&self) -> anyhow::Result<Vec<Conversation>> {
+        let mut stmt = self.conn.prepare(
+            "SELECT id, kind, display_name, peer_key, peer_username, group_name,
+                    mls_group_blob, keystore_blob, member_keys, unread_count,
+                    last_activity_ms, created_at_ms, is_hybrid, last_seen_seq
+             FROM conversations ORDER BY last_activity_ms DESC",
+        )?;
+        let rows = stmt.query_map([], |row| {
+            let id_blob: Vec<u8> = row.get(0)?;
+            let id = ConversationId::from_slice(&id_blob).unwrap_or(ConversationId([0; 16]));
+            row_to_conversation_full(&id, row)
+        })?;
+        let mut convs = Vec::new();
+        for row in rows {
+            convs.push(row?);
+        }
+        Ok(convs)
+    }
+
+    /// Find a DM by peer identity key.
+    pub fn find_dm_by_peer(&self, peer_key: &[u8]) -> anyhow::Result<Option<Conversation>> {
+        let id_blob: Option<Vec<u8>> = self
+            .conn
+            .query_row(
+                "SELECT id FROM conversations WHERE kind = 'dm' AND peer_key = ?1",
+                params![peer_key],
+                |row| row.get(0),
+            )
+            .optional()?;
+        match id_blob {
+            Some(blob) => {
+                let id = ConversationId::from_slice(&blob)
+                    .context("invalid conversation id")?;
+                self.load_conversation(&id)
+            }
+            None => Ok(None),
+        }
+    }
+
+    /// Save a message.
+    pub fn save_message(&self, msg: &StoredMessage) -> anyhow::Result<()> {
+        self.conn.execute(
+            "INSERT INTO messages
+                (conversation_id, message_id, sender_key, sender_name, body,
+                 msg_type, ref_msg_id, timestamp_ms, is_outgoing)
+             VALUES (?1, ?2, ?3, ?4, ?5, ?6, ?7, ?8, ?9)",
+            params![
+                msg.conversation_id.0.as_slice(),
+                msg.message_id.as_ref().map(|id| id.as_slice()),
+                msg.sender_key,
+                msg.sender_name,
+                msg.body,
+                msg.msg_type,
+                msg.ref_msg_id.as_ref().map(|id| id.as_slice()),
+                msg.timestamp_ms,
+                msg.is_outgoing as i32,
+            ],
+        )?;
+        Ok(())
+    }
+
+    /// Load recent messages (newest first, then reversed to chronological).
+    pub fn load_recent_messages(
+        &self,
+        conv_id: &ConversationId,
+        limit: usize,
+    ) -> anyhow::Result<Vec<StoredMessage>> {
+        let mut stmt = self.conn.prepare(
+            "SELECT message_id, sender_key, sender_name, body, msg_type,
+                    ref_msg_id, timestamp_ms, is_outgoing
+             FROM messages WHERE conversation_id = ?1
+             ORDER BY timestamp_ms DESC LIMIT ?2",
+        )?;
+        let rows = stmt.query_map(
+            params![conv_id.0.as_slice(), limit.min(u32::MAX as usize) as u32],
+            |row| row_to_message(conv_id, row),
+        )?;
+        let mut msgs: Vec<StoredMessage> = rows.collect::<Result<_, _>>()?;
+        msgs.reverse();
+        Ok(msgs)
+    }
+}
+
+// ── Helpers ──────────────────────────────────────────────────────────────────
+
+fn derive_db_key(password: &str, db_path: &Path) -> anyhow::Result<Zeroizing<[u8; 32]>> {
+    use argon2::{Algorithm, Argon2, Params, Version};
+
+    let salt_path = db_path.with_extension("db-salt");
+    let salt = if salt_path.exists() {
+        std::fs::read(&salt_path).context("read db salt")?
+    } else {
+        let mut salt = vec![0u8; 16];
+        rand::RngCore::fill_bytes(&mut rand::rngs::OsRng, &mut salt);
+        std::fs::write(&salt_path, &salt).context("write db salt")?;
+        #[cfg(unix)]
+        {
+            use std::os::unix::fs::PermissionsExt;
+            std::fs::set_permissions(&salt_path, std::fs::Permissions::from_mode(0o600)).ok();
+        }
+        salt
+    };
+
+    let params = Params::new(19 * 1024, 2, 1, Some(32))
+        .map_err(|e| anyhow::anyhow!("argon2 params: {e}"))?;
+    let argon2 = Argon2::new(Algorithm::Argon2id, Version::default(), params);
+    let mut key = Zeroizing::new([0u8; 32]);
+    argon2
+        .hash_password_into(password.as_bytes(), &salt, &mut *key)
+        .map_err(|e| anyhow::anyhow!("db key derivation: {e}"))?;
+    Ok(key)
+}
+
+fn row_to_conversation(
+    id: &ConversationId,
+    row: &rusqlite::Row<'_>,
+) -> rusqlite::Result<Conversation> {
+    let kind_str: String = row.get(0)?;
+    let display_name: String = row.get(1)?;
+    let peer_key: Option<Vec<u8>> = row.get(2)?;
+    let peer_username: Option<String> = row.get(3)?;
+    let group_name: Option<String> = row.get(4)?;
+    let mls_group_blob: Option<Vec<u8>> = row.get(5)?;
+    let keystore_blob: Option<Vec<u8>> = row.get(6)?;
+    let member_keys_blob: Option<Vec<u8>> = row.get(7)?;
+    let unread_count: u32 = row.get(8)?;
+    let last_activity_ms: u64 = row.get(9)?;
+    let created_at_ms: u64 = row.get(10)?;
+    let is_hybrid_int: i32 = row.get(11)?;
+    let last_seen_seq: i64 = row.get(12)?;
+
+    let kind = if kind_str == "dm" {
+        ConversationKind::Dm {
+            peer_key: peer_key.unwrap_or_default(),
+            peer_username,
+        }
+    } else {
+        ConversationKind::Group {
+            name: group_name.unwrap_or_default(),
+        }
+    };
+    let member_keys: Vec<Vec<u8>> = member_keys_blob
+        .and_then(|b| bincode::deserialize(&b).ok())
+        .unwrap_or_default();
+
+    Ok(Conversation {
+        id: id.clone(),
+        kind,
+        display_name,
+        mls_group_blob,
+        keystore_blob,
+        member_keys,
+        unread_count,
+        last_activity_ms,
+        created_at_ms,
+        is_hybrid: is_hybrid_int != 0,
+        last_seen_seq: last_seen_seq as u64,
+    })
+}
+
+fn row_to_conversation_full(
+    id: &ConversationId,
+    row: &rusqlite::Row<'_>,
+) -> rusqlite::Result<Conversation> {
+    let kind_str: String = row.get(1)?;
+    let display_name: String = row.get(2)?;
+    let peer_key: Option<Vec<u8>> = row.get(3)?;
+    let peer_username: Option<String> = row.get(4)?;
+    let group_name: Option<String> = row.get(5)?;
+    let mls_group_blob: Option<Vec<u8>> = row.get(6)?;
+    let keystore_blob: Option<Vec<u8>> = row.get(7)?;
+    let member_keys_blob: Option<Vec<u8>> = row.get(8)?;
+    let unread_count: u32 = row.get(9)?;
+    let last_activity_ms: u64 = row.get(10)?;
+    let created_at_ms: u64 = row.get(11)?;
+    let is_hybrid_int: i32 = row.get(12)?;
+    let last_seen_seq: i64 = row.get(13)?;
+
+    let kind = if kind_str == "dm" {
+        ConversationKind::Dm {
+            peer_key: peer_key.unwrap_or_default(),
+            peer_username,
+        }
+    } else {
+        ConversationKind::Group {
+            name: group_name.unwrap_or_default(),
+        }
+    };
+    let member_keys: Vec<Vec<u8>> = member_keys_blob
+        .and_then(|b| bincode::deserialize(&b).ok())
+        .unwrap_or_default();
+
+    Ok(Conversation {
+        id: id.clone(),
+        kind,
+        display_name,
+        mls_group_blob,
+        keystore_blob,
+        member_keys,
+        unread_count,
+        last_activity_ms,
+        created_at_ms,
+        is_hybrid: is_hybrid_int != 0,
+        last_seen_seq: last_seen_seq as u64,
+    })
+}
+
+fn to_16(v: &[u8]) -> Option<[u8; 16]> {
+    if v.len() == 16 {
+        let mut buf = [0u8; 16];
+        buf.copy_from_slice(v);
+        Some(buf)
+    } else {
+        None
+    }
+}
+
+fn row_to_message(
+    conv_id: &ConversationId,
+    row: &rusqlite::Row<'_>,
+) -> rusqlite::Result<StoredMessage> {
+    let message_id: Option<Vec<u8>> = row.get(0)?;
+    let sender_key: Vec<u8> = row.get(1)?;
+    let sender_name: Option<String> = row.get(2)?;
+    let body: String = row.get(3)?;
+    let msg_type: String = row.get(4)?;
+    let ref_msg_id: Option<Vec<u8>> = row.get(5)?;
+    let timestamp_ms: u64 = row.get(6)?;
+    let is_outgoing: i32 = row.get(7)?;
+
+    Ok(StoredMessage {
+        conversation_id: conv_id.clone(),
+        message_id: message_id.as_deref().and_then(to_16),
+        sender_key,
+        sender_name,
+        body,
+        msg_type,
+        ref_msg_id: ref_msg_id.as_deref().and_then(to_16),
+        timestamp_ms,
+        is_outgoing: is_outgoing != 0,
+    })
+}