c/quicproquo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3c6eebdb0085b07bb6ebede30e0830eec7914c88
quicproquo/schemas/node.capnp
Christian Nennemann 9244e80ec7 feat: Sprint 10+11 — privacy hardening and multi-device support 
Privacy Hardening (Sprint 10):
- Server --redact-logs flag: SHA-256 hashed identity prefixes in audit
  logs, payload_len omitted when enabled
- Client /privacy command suite: redact-keys on|off, auto-clear with
  duration parsing, padding on|off for traffic analysis resistance
- Forward secrecy: /verify-fs checks MLS epoch advancement,
  /rotate-all-keys rotates MLS leaf + hybrid KEM keypair
- Dummy message type (0x09): constant-rate traffic padding every 30s,
  silently discarded by recipients, serialize_dummy() + parse support
- delete_messages_before() for auto-clear in ConversationStore

Multi-Device Support (Sprint 11):
- Device registry: registerDevice @24, listDevices @25, revokeDevice @26
  RPCs with Device struct (deviceId, deviceName, registeredAt)
- Server storage: devices table (migration 008), max 5 per identity,
  E029_DEVICE_LIMIT and E030_DEVICE_NOT_FOUND error codes
- Device cleanup integrated into deleteAccount transaction
- Client REPL: /devices, /register-device <name>, /revoke-device <id>

72 core + 35 server tests pass.
2026-03-04 01:55:23 +01:00

155 lines
8.5 KiB
Cap'n Proto
Raw Blame History

# node.capnp — Unified quicproquo node RPC interface.
#
# Combines Authentication and Delivery operations into a single service.
#
# ID generated with: capnp id
@0xd5ca5648a9cc1c28;
interface NodeService {
# Upload a single-use KeyPackage for later retrieval by peers.
# identityKey : Ed25519 public key bytes (32 bytes)
# package : TLS-encoded openmls KeyPackage
# auth : Auth context (version=1, non-empty accessToken required).
uploadKeyPackage @0 (identityKey :Data, package :Data, auth :Auth) -> (fingerprint :Data);
# Fetch and atomically remove one KeyPackage for a given identity key.
# Returns empty Data if none are stored.
fetchKeyPackage @1 (identityKey :Data, auth :Auth) -> (package :Data);
# Enqueue an opaque payload for delivery to a recipient.
# channelId : Optional channel identifier (empty for default). A 16-byte UUID
# is recommended for 1:1 channels.
# version : Schema/wire version. Must be 1.
# Returns the monotonically increasing per-inbox sequence number assigned to this message,
# plus a cryptographic delivery proof (96 bytes: 32-byte SHA-256 preimage || 64-byte Ed25519
# signature). Old clients that do not read deliveryProof are unaffected (Cap'n Proto optional).
enqueue @2 (recipientKey :Data, payload :Data, channelId :Data, version :UInt16, auth :Auth, ttlSecs :UInt32) -> (seq :UInt64, deliveryProof :Data);
# Fetch and drain all queued payloads for the recipient.
# limit: max number of messages to return (0 = fetch all).
# Returns envelopes with per-inbox sequence numbers for ordered MLS processing.
fetch @3 (recipientKey :Data, channelId :Data, version :UInt16, auth :Auth, limit :UInt32) -> (payloads :List(Envelope));
# Long-poll: wait up to timeoutMs for new payloads, then drain queue.
# limit: max number of messages to return (0 = fetch all).
# Returns envelopes with per-inbox sequence numbers for ordered MLS processing.
fetchWait @4 (recipientKey :Data, channelId :Data, version :UInt16, timeoutMs :UInt64, auth :Auth, limit :UInt32) -> (payloads :List(Envelope));
# Health probe for readiness/liveness.
health @5 () -> (status :Text);
# Upload the hybrid (X25519 + ML-KEM-768) public key for sealed envelope encryption.
uploadHybridKey @6 (identityKey :Data, hybridPublicKey :Data, auth :Auth) -> ();
# Fetch a peer's hybrid public key (for post-quantum envelope encryption).
fetchHybridKey @7 (identityKey :Data, auth :Auth) -> (hybridPublicKey :Data);
# ── OPAQUE password-authenticated registration ──────────────────────────
# Start OPAQUE registration: client sends blinded password element.
opaqueRegisterStart @8 (username :Text, request :Data) -> (response :Data);
# Finish OPAQUE registration: client uploads sealed credential envelope.
opaqueRegisterFinish @9 (username :Text, upload :Data, identityKey :Data) -> (success :Bool);
# ── OPAQUE password-authenticated login ─────────────────────────────────
# Start OPAQUE login: client sends credential request.
opaqueLoginStart @10 (username :Text, request :Data) -> (response :Data);
# Finish OPAQUE login: client sends credential finalization, receives session token.
opaqueLoginFinish @11 (username :Text, finalization :Data, identityKey :Data) -> (sessionToken :Data);
# ── P2P endpoint discovery ────────────────────────────────────────────────
# Publish this node's iroh endpoint address for P2P connectivity.
# nodeAddr is the serialized iroh NodeAddr (JSON or custom encoding).
publishEndpoint @12 (identityKey :Data, nodeAddr :Data, auth :Auth) -> ();
# Resolve a peer's iroh endpoint for direct P2P connection.
resolveEndpoint @13 (identityKey :Data, auth :Auth) -> (nodeAddr :Data);
# Peek at queued payloads without removing them (non-destructive read).
# Returns envelopes sorted by seq. Use `ack` to remove processed messages.
peek @14 (recipientKey :Data, channelId :Data, version :UInt16, auth :Auth, limit :UInt32) -> (payloads :List(Envelope));
# Acknowledge (remove) all messages up to and including the given sequence number.
ack @15 (recipientKey :Data, channelId :Data, version :UInt16, seqUpTo :UInt64, auth :Auth) -> ();
# Fetch multiple peers' hybrid public keys in a single round-trip.
fetchHybridKeys @16 (identityKeys :List(Data), auth :Auth) -> (keys :List(Data));
# Enqueue the same payload to multiple recipients in a single round-trip.
batchEnqueue @17 (recipientKeys :List(Data), payload :Data, channelId :Data, version :UInt16, auth :Auth, ttlSecs :UInt32) -> (seqs :List(UInt64));
# Create a 1:1 channel between the caller and the given peer. Returns a 16-byte channelId (UUID).
# Both members can enqueue/fetch for this channel; recipientKey must be the other member.
# wasNew is true iff this call created the channel; false if it already existed.
# The caller who receives wasNew=true is the MLS group initiator and must send the Welcome.
# The caller who receives wasNew=false must wait for the peer's Welcome via the background poller.
createChannel @18 (peerKey :Data, auth :Auth) -> (channelId :Data, wasNew :Bool);
# Resolve a username to its Ed25519 identity key (32 bytes).
# Returns empty Data if the username is not registered.
# inclusionProof : bincode-serialised InclusionProof from quicproquo-kt, proving the
# (username, identityKey) binding is in the server's append-only Merkle log.
# Empty when the log entry is not yet available (e.g. legacy server or new registration
# that has not been committed to the log). Clients should verify when non-empty.
resolveUser @19 (username :Text, auth :Auth) -> (identityKey :Data, inclusionProof :Data);
# Reverse lookup: resolve an Ed25519 identity key to the registered username.
# Returns empty Text if the identity key is not associated with any user.
resolveIdentity @20 (identityKey :Data, auth :Auth) -> (username :Text);
# Upload a blob chunk. The server reassembles chunks and verifies SHA-256 on completion.
# blobHash : expected SHA-256 hash (32 bytes) of the complete blob.
# chunk : raw bytes for this segment.
# offset : byte offset within the blob where this chunk starts.
# totalSize : total size of the complete blob in bytes.
# mimeType : MIME type of the blob (e.g. "image/png").
# Returns blobId = blobHash once the blob is fully uploaded and verified.
uploadBlob @21 (auth :Auth, blobHash :Data, chunk :Data, offset :UInt64, totalSize :UInt64, mimeType :Text) -> (blobId :Data);
# Download a blob chunk. Returns up to `length` bytes starting at `offset`.
# blobId : the blob identifier (SHA-256 hash returned by uploadBlob).
# offset : byte offset within the blob to start reading from.
# length : maximum number of bytes to return (capped at 256 KB).
# Returns the requested chunk, the total blob size, and its MIME type.
downloadBlob @22 (auth :Auth, blobId :Data, offset :UInt64, length :UInt32) -> (chunk :Data, totalSize :UInt64, mimeType :Text);
# Permanently delete the authenticated user's account and all associated data.
# Requires an identity-bound session (OPAQUE login). Removes user record,
# identity keys, key packages, hybrid keys, queued messages, and channel memberships.
# A tombstone entry is added to the KT log for auditability.
# All active sessions for the identity are invalidated.
deleteAccount @23 (auth :Auth) -> (success :Bool);
# Register a device for the authenticated identity. Max 5 devices per identity.
registerDevice @24 (auth :Auth, deviceId :Data, deviceName :Text) -> (success :Bool);
# List all registered devices for the authenticated identity.
listDevices @25 (auth :Auth) -> (devices :List(Device));
# Revoke (remove) a registered device.
revokeDevice @26 (auth :Auth, deviceId :Data) -> (success :Bool);
}
struct Auth {
version @0 :UInt16; # 1 = token-based auth (required)
accessToken @1 :Data; # opaque bearer token issued at login
deviceId @2 :Data; # optional UUID bytes for auditing/rate limiting
}
struct Device {
deviceId @0 :Data;
deviceName @1 :Text;
registeredAt @2 :UInt64;
}
# A delivery envelope pairing a per-inbox sequence number with an opaque payload.
# Clients sort by `seq` before processing to guarantee MLS commit ordering.
struct Envelope {
seq @0 :UInt64; # monotonically increasing per-inbox counter (assigned by server)
data @1 :Data; # opaque payload (hybrid-encrypted MLS message)
}
Reference in New Issue View Git Blame Copy Permalink