Add channel-aware delivery and update roadmap

design/TECHNOLOGY_SUGGESTIONS.md

@@ -0,0 +1,57 @@
+# Technology Suggestions for quicnprotochat
+
+## Transport & Networking
+
+- **LibP2P or iroh (from n0)** — Decentralized peer discovery, NAT traversal (hole-punching), and relay fallback. Move beyond client-server to a mesh/hybrid topology where peers can communicate directly when possible.
+- **WebTransport (HTTP/3)** — Expose QUIC transport to browsers, enabling a web client without WebSocket degradation.
+- **Tor / I2P integration** — Onion-routed transport layer for metadata resistance. MLS protects content, but connection metadata still leaks to the server.
+
+## Storage & Persistence
+
+- **SQLCipher or libsql (Turso)** — Encrypted-at-rest SQLite for durable group state, key stores, and message history.
+- **CRDT-based sync (Automerge / Yrs)** — Conflict-free replicated data types for multi-device state synchronization without a central authority.
+- **Object storage (S3-compatible)** — For encrypted file/media attachments with server-side ignorance of content.
+
+## Cryptography & Privacy
+
+- **ML-KEM + ML-DSA hybrid** — Hybrid X25519+ML-KEM-768 KEM for MLS init keys. One of the first post-quantum MLS implementations.
+- **Private Information Retrieval (PIR)** — Let clients fetch messages/key packages without revealing which recipient they are (SealPIR / SimplePIR).
+- **Sealed Sender (Signal-style)** — Encrypt sender identity inside the MLS ciphertext so the server can't see who sent a message to whom.
+- **Key Transparency (RFC draft)** — Verifiable log of public keys to detect server-side key substitution attacks.
+
+## Identity & Authentication
+
+- **DID (Decentralized Identifiers)** — Self-sovereign `did:key` or `did:web` identifiers. Portable across servers.
+- **OPAQUE (aPAKE)** — Password-authenticated key exchange where the server never sees the password.
+- **WebAuthn / Passkeys** — Hardware-backed authentication for device binding (YubiKey, Touch ID, etc.).
+- **Verifiable Credentials (W3C VC)** — Prove attributes (org membership, role) without revealing full identity.
+
+## Application Layer
+
+- **Matrix-style federation** — Let multiple quicnprotochat servers federate for cross-server communication.
+- **WASM plugin system** — Sandboxed WASM plugins for bots, bridges, custom message types.
+- **Double-ratchet DM layer** — Signal-style double ratchet (X3DH + Axolotl) for efficient 1:1 conversations.
+
+## Observability & Operations
+
+- **OpenTelemetry (tracing + metrics)** — OTLP export for distributed tracing, latency histograms, and dashboards.
+- **Prometheus + Grafana** — Metrics on message throughput, MLS epoch advancement rate, queue depths.
+- **Testcontainers-rs** — Docker stack in Rust integration tests for true end-to-end CI.
+
+## Developer Experience
+
+- **Tauri or Dioxus** — Native cross-platform GUI client in Rust, sharing core crate.
+- **uniffi or diplomat** — FFI bindings from Rust core to Swift/Kotlin for mobile clients.
+- **Nix flakes** — Reproducible dev environment bundling capnp, Rust toolchain, and test infra.
+
+---
+
+## Top 5 Priority Implementations
+
+| Priority | Technology | Why |
+|----------|-----------|-----|
+| 1 | **Post-quantum hybrid KEM** | `ml-kem` already vendored — finishing this makes the project cutting-edge |
+| 2 | **SQLCipher persistence** | Unlocks M6, multi-device, and offline usage |
+| 3 | **OPAQUE auth** | Zero-knowledge passwords, massive security uplift for auth layer |
+| 4 | **iroh / LibP2P** | NAT traversal + optional P2P mesh makes this deployable without central infra |
+| 5 | **Sealed Sender + PIR** | Metadata resistance is the frontier — content encryption is table stakes now |