Christian Nennemann
394199b19b
Full codebase review by 4 independent agents (security, architecture,
code quality, correctness) identified ~80 findings. This commit fixes 40
of them across all workspace crates.
Critical fixes:
- Federation service: validate origin against mTLS cert CN/SAN (C1)
- WS bridge: add DM channel auth, size limits, rate limiting (C2)
- hpke_seal: panic on error instead of silent empty ciphertext (C3)
- hpke_setup_sender_and_export: error on parse fail, no PQ downgrade (C7)
Security fixes:
- Zeroize: seed_bytes() returns Zeroizing<[u8;32]>, private_to_bytes()
returns Zeroizing<Vec<u8>>, ClientAuth.access_token, SessionState.password,
conversation hex_key all wrapped in Zeroizing
- Keystore: 0o600 file permissions on Unix
- MeshIdentity: 0o600 file permissions on Unix
- Timing floors: resolveIdentity + WS bridge resolve_user get 5ms floor
- Mobile: TLS verification gated behind insecure-dev feature flag
- Proto: from_bytes default limit tightened from 64 MiB to 8 MiB
Correctness fixes:
- fetch_wait: register waiter before fetch to close TOCTOU window
- MeshEnvelope: exclude hop_count from signature (forwarding no longer
invalidates sender signature)
- BroadcastChannel: encrypt returns Result instead of panicking
- transcript: rename verify_transcript_chain → validate_transcript_structure
- group.rs: extract shared process_incoming() for receive_message variants
- auth_ops: remove spurious RegistrationRequest deserialization
- MeshStore.seen: bounded to 100K with FIFO eviction
Quality fixes:
- FFI error classification: typed downcast instead of string matching
- Plugin HookVTable: SAFETY documentation for unsafe Send+Sync
- clippy::unwrap_used: warn → deny workspace-wide
- Various .unwrap_or("") → proper error returns
Review report: docs/REVIEW-2026-03-04.md
152 tests passing (72 core + 35 server + 14 E2E + 1 doctest + 30 P2P)
@quicproquo/client
TypeScript SDK for quicproquo -- an E2E encrypted group messenger built on MLS (RFC 9420), hybrid post-quantum key exchange (X25519 + ML-KEM-768), and sealed sender envelopes.
Features
- WASM-powered crypto -- Ed25519 signatures, hybrid KEM, sealed sender,
message padding, safety numbers -- all compiled from the Rust
quicproquo-corecrate viawasm-pack. - High-level client API --
QpqClientwraps transport + crypto into a type-safe interface for resolving users, creating channels, and exchanging messages. - Offline mode -- All crypto operations work without a server connection.
Use
QpqClient.offline()for key generation, signing, encryption, etc. - Transport abstraction -- Pluggable
Transportinterface with a built-inWebSocketTransportfor browser environments.
Quick start
import { QpqClient } from "@quicproquo/client";
// Crypto-only (no server needed)
const client = await QpqClient.offline();
const alice = client.generateIdentity();
const bob = client.generateIdentity();
const safetyNumber = client.computeSafetyNumber(alice.publicKey, bob.publicKey);
console.log("Safety number:", safetyNumber);
// Sign and verify
const msg = new TextEncoder().encode("hello");
const sig = client.sign(alice.seed, msg);
console.log("Valid:", client.verify(alice.publicKey, msg, sig));
Server connection
The native qpq server speaks Cap'n Proto RPC over QUIC/TCP with Noise_XX. Browsers cannot open raw TCP sockets, so a WebSocket bridge proxy is required for full server connectivity:
const client = await QpqClient.connect({ addr: "wss://bridge.example.com" });
const peerKey = await client.resolveUser("bob");
const channel = await client.createChannel(peerKey);
Building
npm install
npm run build # compiles to dist/
Project structure
src/
index.ts -- public API exports
client.ts -- QpqClient class (high-level API)
transport.ts -- Transport interface + WebSocket implementation
crypto.ts -- WASM crypto wrapper
types.ts -- TypeScript type definitions
pkg/ -- WASM output (built by wasm-pack)
demo/ -- Browser demo page