c/quicproquo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5a6d9ae7f4baa052f1ab829ea374dc55f93c78c7
quicproquo/docs/SPRINT-PLAN-NEXT.md
Christian Nennemann 5a6d9ae7f4 docs: next sprint planning — 12 feature candidates for selection 
Sprint plan for cycles 12-19. Pick 8 of 12 features:
A) Federation wiring, B) Contacts/blocking, C) Voice/video signaling,
D) Encrypted backup, E) Group roles, F) KT audit client, G) Message
search, H) Server clustering, I) Protocol compliance, J) User profiles,
K) Notification framework, L) Mobile app shell.
2026-03-04 02:02:01 +01:00

7.0 KiB
Raw Blame History

Next Sprint Planning — quicproquo

Pick 8 of the 12 features below for the next sprint cycle. Created: 2026-03-04 | Status: PENDING SELECTION

Completed Sprints (this cycle)

# Sprint Commit Summary
4 Rich Messaging 81d5e2e Read receipts, typing, reactions, edit/delete
5 File Transfer 3350d76 Chunked blob upload/download, /send-file
6 Disappearing + Groups fd21ea6 TTL messages, /group-info, deleteAccount
7 Go SDK 65ff262 QUIC + Cap'n Proto, 24 RPC methods, 14 API functions
8 TypeScript SDK 28ceaaf 175KB WASM crypto, WebSocket transport, browser demo
9 Mesh Networking 1b61b7e MeshIdentity, store-and-forward, broadcast channels
10 Privacy Hardening 9244e80 --redact-logs, traffic padding, /privacy suite, /verify-fs
11 Multi-Device 9244e80 Device registry (3 RPCs), /devices, max 5 per identity

Current Codebase Stats

  • 27 Cap'n Proto RPCs (@0@26) on NodeService
  • 10 AppMessage types (0x010x09 + file ref)
  • ~40 REPL commands
  • Tests: 72 core + 35 server + 28 P2P + 14 E2E = 149
  • SDKs: Rust (native), Go, TypeScript/WASM, C FFI, Python ctypes
  • Crates: core, proto, server, client, p2p, bot, gen, kt, plugin-api, gui, mobile, ffi

Feature Candidates (pick 8)

A. Federation Wiring

Effort: Medium | Area: Server Wire the existing outbound federation relay into the actual delivery flow. When a message targets user@remote.domain, the server routes via FederationClient::relay_enqueue() instead of local store. Add /federate <domain> admin command to configure peers. Test with two server instances. Currently all federation code exists but is marked #[allow(dead_code)].

B. Contact Management & Blocking

Effort: Medium | Area: Client + Server Contact list with add/remove/block/unblock. Server-side: addContact @27, removeContact @28, blockUser @29, listContacts @30 RPCs + contacts table. Client: /contacts, /block <user>, /unblock <user>. Blocked users can't enqueue messages to you (server enforces). Import/export contacts as JSON.

C. Voice/Video Call Signaling

Effort: High | Area: Core + Client WebRTC signaling over MLS for E2E encrypted calls. Add CallOffer, CallAnswer, CallIce, CallHangup AppMessage types (0x0A0x0D). Client REPL: /call <user>, /answer, /hangup. The actual media (audio/video) uses WebRTC peer-to-peer; qpq only handles the encrypted signaling. Include SDP offer/answer exchange and ICE candidate relay.

D. Encrypted Backup & Restore

Effort: Medium | Area: Client + Core Export all local state (message history, keys, group state) as an encrypted archive. Key derivation from user password via Argon2id. Format: encrypted SQLite dump + identity seed + MLS group states. /backup <path> and /restore <path> commands. Verify integrity on restore. Critical for device migration and disaster recovery.

E. Group Permissions & Roles

Effort: Medium | Area: Server + Client Admin/moderator/member roles within MLS groups. Server-side role storage per channel. Admins can: remove members, rename group, set TTL policy. Moderators can: mute members. Members can: send messages. /role <user> admin|mod|member, /mute <user> <duration>. Enforced at both server (RPC level) and client (MLS proposal validation).

F. Key Transparency Audit Client

Effort: Medium | Area: Client + KT crate Client-side verification of the KT Merkle log. The KT crate (quicproquo-kt) already has the Merkle tree and audit log. Add: /kt audit <username> to verify a user's key history is consistent, /kt monitor to continuously watch for key changes, /kt proof <username> to fetch and verify inclusion proofs. Alert on unexpected key changes (TOFU violation).

G. Message Search

Effort: Low-Medium | Area: Client Full-text search over local encrypted message history. Add FTS5 virtual table to the conversation SQLite DB. /search <query> returns matching messages with context, timestamps, and conversation names. /search <query> in:<conversation> for scoped search. Highlight matching terms. Index on message insert.

H. Server Clustering & HA

Effort: High | Area: Server + Infra Run multiple qpq-server instances behind a shared state layer. Options: shared PostgreSQL backend (replace SQLite for clustered mode), or Raft consensus for delivery queue. Add --cluster-peers flag, health-based leader election, delivery queue synchronization. Docker Compose with 3-node cluster. This is the path to production-scale deployment.

I. Protocol Compliance Testing

Effort: Medium | Area: Testing Comprehensive MLS RFC 9420 compliance test suite. Verify: TreeKEM operations, epoch advancement, proposal/commit sequences, welcome message handling, group context extensions, PSK injection, external joins. Cross-test with other MLS implementations (OpenMLS test vectors). Add to CI. Target: 50+ protocol-level tests covering edge cases.

J. User Profiles & Status

Effort: Low | Area: Server + Client Profile pictures (stored as blobs), display names, status messages ("Available", "Away", custom text), about/bio text. updateProfile @27 and fetchProfile @28 RPCs. Profile data is signed by the identity key for authenticity. /profile set-name <name>, /profile set-status <text>, /profile set-avatar <path>, /profile <username> to view. Cache profiles locally.

K. Notification Framework

Effort: Medium | Area: Server + Client Per-conversation notification settings: all, mentions-only, muted. Server-side WebPush integration for browser clients (using the TS SDK). Add updateNotificationSettings @27 RPC. Client: /mute <conversation>, /unmute, /notify mentions-only. Push notification payload: encrypted sender + conversation hint (no message content). APNs/FCM gateway as a separate microservice.

L. Mobile App Shell

Effort: High | Area: Mobile + FFI React Native app using the C FFI bindings (quicproquo-ffi). Screens: login, conversation list, chat view, settings. Bridge FFI functions to React Native via NativeModules. Use the existing qpq_connect, qpq_login, qpq_send, qpq_receive C API. iOS + Android targets. Alternatively: Flutter with dart:ffi. Includes push notification registration.

Selection Guide

For a privacy-focused messenger, prioritize: A (federation), B (contacts/blocking), D (backup), F (KT audit)

For production readiness, prioritize: A (federation), H (clustering), I (compliance tests), K (notifications)

For user experience, prioritize: B (contacts), C (calls), G (search), J (profiles)

For mobile launch, prioritize: D (backup), J (profiles), K (notifications), L (mobile app)

Selected Features (fill in after choosing)

Replace this section with your 8 picks, then we'll plan sprint assignments.

Sprint Feature Notes
12
13
14
15
16
17
18
19
Reference in New Issue View Git Blame Copy Permalink