# Technology Suggestions for quicnprotochat

## Transport & Networking

- **LibP2P or iroh (from n0)** — Decentralized peer discovery, NAT traversal (hole-punching), and relay fallback. Move beyond client-server to a mesh/hybrid topology where peers can communicate directly when possible.
- **WebTransport (HTTP/3)** — Expose QUIC transport to browsers, enabling a web client without WebSocket degradation.
- **Tor / I2P integration** — Onion-routed transport layer for metadata resistance. MLS protects content, but connection metadata still leaks to the server.

## Storage & Persistence

- **SQLCipher or libsql (Turso)** — Encrypted-at-rest SQLite for durable group state, key stores, and message history.
- **CRDT-based sync (Automerge / Yrs)** — Conflict-free replicated data types for multi-device state synchronization without a central authority.
- **Object storage (S3-compatible)** — For encrypted file/media attachments with server-side ignorance of content.

## Cryptography & Privacy

- **ML-KEM + ML-DSA hybrid** — Hybrid X25519+ML-KEM-768 KEM for MLS init keys. One of the first post-quantum MLS implementations.
- **Private Information Retrieval (PIR)** — Let clients fetch messages/key packages without revealing which recipient they are (SealPIR / SimplePIR).
- **Sealed Sender (Signal-style)** — Encrypt sender identity inside the MLS ciphertext so the server can't see who sent a message to whom.
- **Key Transparency (RFC draft)** — Verifiable log of public keys to detect server-side key substitution attacks.

## Identity & Authentication

- **DID (Decentralized Identifiers)** — Self-sovereign `did:key` or `did:web` identifiers. Portable across servers.
- **OPAQUE (aPAKE)** — Password-authenticated key exchange where the server never sees the password.
- **WebAuthn / Passkeys** — Hardware-backed authentication for device binding (YubiKey, Touch ID, etc.).
- **Verifiable Credentials (W3C VC)** — Prove attributes (org membership, role) without revealing full identity.

## Application Layer

- **Matrix-style federation** — Let multiple quicnprotochat servers federate for cross-server communication.
- **WASM plugin system** — Sandboxed WASM plugins for bots, bridges, custom message types.
- **Double-ratchet DM layer** — Signal-style double ratchet (X3DH + Axolotl) for efficient 1:1 conversations.

## Observability & Operations

- **OpenTelemetry (tracing + metrics)** — OTLP export for distributed tracing, latency histograms, and dashboards.
- **Prometheus + Grafana** — Metrics on message throughput, MLS epoch advancement rate, queue depths.
- **Testcontainers-rs** — Docker stack in Rust integration tests for true end-to-end CI.

## Developer Experience

- **Tauri or Dioxus** — Native cross-platform GUI client in Rust, sharing core crate.
- **uniffi or diplomat** — FFI bindings from Rust core to Swift/Kotlin for mobile clients.
- **Nix flakes** — Reproducible dev environment bundling capnp, Rust toolchain, and test infra.

---

## Top 5 Priority Implementations

| Priority | Technology | Why |
|----------|-----------|-----|
| 1 | **Post-quantum hybrid KEM** | `ml-kem` already vendored — finishing this makes the project cutting-edge |
| 2 | **SQLCipher persistence** | Unlocks M6, multi-device, and offline usage |
| 3 | **OPAQUE auth** | Zero-knowledge passwords, massive security uplift for auth layer |
| 4 | **iroh / LibP2P** | NAT traversal + optional P2P mesh makes this deployable without central infra |
| 5 | **Sealed Sender + PIR** | Metadata resistance is the frontier — content encryption is table stakes now |