Sologretto/itsgoin
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

feat(fof-layer2): wire types — WrapSlot, FoFCommentGating, CommentPermission::FriendsOfFriends

Browse source 
Adds the on-wire shapes for FoF Mode 2 comment-gating per
docs/fof-spec/layer-2-mode2-fof-comments.md:

- WrapSlot: per-V_x slot with 2B prefilter_tag + 48B read_ciphertext
  + 48B sign_ciphertext (sealed CEK + sealed priv_x_seed). 98 bytes
  total per slot. Receiver trial-decrypts via prefilter match.

- FoFCommentGating: author-published gating block embedded in
  Post.fof_gating. Carries slot_binder_nonce (32B random; replaces
  spec's circular "post_id in HKDF info"), pub_post_set (1:1 with
  wrap_slots, includes dummy pubkeys), wrap_slots, and revocation_list
  (initially empty; revocation diffs accumulate on the BlobHeader copy).

- RevocationEntry: author-signed entry triggering retroactive comment
  delete + pub_post_set removal on every file-holder that receives it.

- CommentPermission gains FriendsOfFriends variant. Existing match arm
  in connection.rs handle-incoming-diff path is extended with a
  "drop pending CDN four-check verification" stub (full verify in a
  later slice).

- InlineComment extended with three optional fields:
    pub_x_index: index into parent post's pub_post_set
    group_sig: 64B ed25519 sig under priv_x
    encrypted_payload: ChaCha20-Poly1305 ciphertext under CEK_comments
  All #[serde(default)] for back-compat. Old comments deserialize
  cleanly with None.

- Post gains optional fof_gating field for the author-signed snapshot
  at publish time. PostId = BLAKE3(Post) covers it, so any tampering
  is detectable. Mutations (revocation, access-grant) arrive later as
  diffs against the local BlobHeader copy.

All 21 existing Post construction sites + 4 existing InlineComment
sites updated via perl -0pe sweeps to pass None for the new fields.
Full test suite: 134/134 pass (4 new slot crypto + 130 existing).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Scott Reimers 2026-05-14 13:39:46 -04:00
parent 74fec3b1fb
commit 0f5147a31c
11 changed files with 148 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
crates/core/src/group_key_distribution.rs
View file

@ -61,6 +61,7 @@ pub fn build_distribution_post(
content: ciphertext_b64,
attachments: vec![],
timestamp_ms,
fof_gating: None,
};
let post_id = compute_post_id(&post);
let visibility = PostVisibility::Encrypted { recipients: wrapped_keys };
@ -241,6 +242,7 @@ mod tests {
content: ciphertext,
attachments: vec![],
timestamp_ms: 200,
fof_gating: None,
};
let forged_vis = PostVisibility::Encrypted { recipients: wrapped };