Trilltechnician/hack-house
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
82a04f3e12
hack-house/coven/README.md
leetcrypt 82a04f3e12 feat(coven): SRP/Fernet crypto parity + multi-user coven foundation ⛧ 
Begin the coven evolution of cmd-chat (see docs/spec-collaborative-sandbox.md):
a Rust/ratatui client for the unchanged Python Sanic server, plus the
multi-user + zero-knowledge groundwork.

P0 — crypto parity (the spec's #1 risk), proven three ways:
- Hand-rolled SRP-6a (NG_2048, SHA-256, rfc5054 padding) matching pysrp
  byte-for-byte, incl. the fixed b"chat" SRP identity and minimal-vs-256B
  width quirks. Golden-vector unit test + offline selftest.
- Live handshake against the running server (H_AMK verified).
- Cross-language E2E: Python client decrypts a Rust-encrypted Fernet message.

P2 — multi-user coven (server):
- CMD_CHAT_MAX_USERS capacity cap (default 4, infra-for-more).
- Authoritative roster + user_joined broadcasts.
- Free the slot/username on ws disconnect (was held until 1h stale sweep).

Also: fix requirements.txt (was UTF-16, unparseable by pip).

coven/ : Rust crate (crypto.rs proven; main.rs spike CLI: selftest/handshake/srpm)
docs/  : full feature spec for the 6 requested features.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-05-30 11:47:25 -07:00

2.3 KiB
Raw Blame History

⛧ coven ⛧

encrypted collaborative covens with a summoned sandbox familiar

zero-knowledge server · end-to-end fernet · srp · ratatui

they want you dependent. we want you free.

coven is the evolution of cmd-chat: a multi-user, end-to-end-encrypted terminal session where a small circle (a coven) shares chat, files, and — when summoned — a disposable sandboxed Linux familiar they drive together, with real Linux permissions and a high priest who can delegate the keys.

The server never sees plaintext. Everything — messages, files, terminal output — is relayed as opaque ciphertext. Close the window, the coven dissolves.

status

This is the Rust client (ratatui) for the unchanged Python (Sanic) server. The wire protocol is JSON-over-WebSocket; SRP + HKDF→Fernet are byte-for-byte compatible with the Python srp / cryptography stack.

phase feature state
P0 Rust↔Python SRP / Fernet crypto parity proven (golden vectors + live + cross-lang E2E)
P2 multi-user coven (cap 4, infra for more) + authoritative roster server-side done
P1 ratatui coven UI (chat, roster, themes) 🚧 in progress
P3 sandbox familiar (multipass/docker) + shared PTY designed (see ../docs/spec-collaborative-sandbox.md)
P4 permissions (app RBAC + VM unix users / sudo) designed
P5 file + directory offerings into the shared coven designed

crypto parity — the load-bearing proof

$ coven selftest            # offline: Rust SRP ≡ Python srp golden vectors
$ coven handshake <ip> <port> <name> --password <pw> --no-tls
  ⛧ /srp/verify ok — server identity proven (H_AMK ✓)
  ⛧ round-trip ✓ decrypted: "the coven is summoned ⛧"

tools/gen_vectors.py regenerates the golden vectors from the live Python library (must match the server's _ctsrp backend with rfc5054_enable()).

note: the SRP identity is always the fixed room identity b"chat"; the display name is carried only in JSON, never in the SRP proof. The Python srp package's rfc5054_enable() toggles the active backend's flag — vectors must be generated with the same backend the server actually loads (_ctsrp).

license

MIT · malware bless · hack the planet