Skip to content

rfc: agent support for PRC pattern without duplex connection#1829

Open
epoberezkin wants to merge 1 commit into
masterfrom
ep/rpc
Open

rfc: agent support for PRC pattern without duplex connection#1829
epoberezkin wants to merge 1 commit into
masterfrom
ep/rpc

Conversation

@epoberezkin

Copy link
Copy Markdown
Member

No description provided.

@epoberezkin epoberezkin requested a review from spaced4ndy as a code owner July 11, 2026 16:39

@simplex-chat-agent simplex-chat-agent Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

RFC + implementation plan for one-off requests to service addresses (PRC pattern without a duplex connection). Two new markdown files; no code changes.

I read both files in full and cross-checked the design against the existing code:

  • Address type: plan's CCTService/'S' matches the ContactConnType pattern in Protocol.hs (ctTypeChar/ctTypeP, 1744-1759) and the contactType ABNF in agent-protocol.md:414.
  • UserContactData extension: the appended serviceKeys :: Maybe ServiceKeyBundle and the optional smpP + takeByteString parse are consistent with the current tail-ignoring forward-compat convention (Protocol.hs:1974-1982). Both "field absent" (older data) and "present as 0" collapse to Nothing correctly.
  • Hybrid PubHeader: additive '2' variant, preserves the existing 0/1 Maybe-key encoding (Protocol.hs:1096-1104).
  • Sizes: sntrup761 pk 1158 / ct 1039 and userDataPaddedLength = 13784 (Crypto/ShortLink.hs:45) match the RFC.
  • SSND encoding, agent envelope tags (Q/P), signed-reply hash chain, and hybrid secret derivation are internally consistent between the RFC ABNF and the plan's Haskell.

The security objectives (unlinkability, PQ encryption bounded by key rotation, reply authenticity via root-key signature + hash chain, replay protection via agent dedup) are coherent and the tradeoffs (tail-truncation detected only by deadline; dedup bounded by a fixed window) are stated honestly.

No substantive correctness, security, concurrency, or architecture defects found. Names are explicitly provisional, so I did not raise naming nits. Nothing blocks merge of the design docs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants