徐枫
|
b20bbde1f6
|
feat: rework CookieBridge to v2 architecture per CEO feedback
Architecture changes:
- Extension connects directly to server (no local proxy/daemon)
- Dual transport: WebSocket (real-time) + HTTP polling (fallback)
- Server stores encrypted cookie blobs (E2E encrypted, server-blind)
- Device registration with API token auth
- Pairing records stored server-side for cross-device cookie access
- Agent Skill API: AI agents get tokens to retrieve encrypted cookies
with domain-level access control
New modules:
- src/relay/store.ts — encrypted cookie blob storage (LWW, per-device limits)
- src/relay/tokens.ts — device registry, agent registry, pairing tracking
- Protocol spec v2 with new types (EncryptedCookieBlob, AgentToken, etc.)
38 tests passing (crypto, pairing, conflict, full integration with
HTTP polling, agent API, and WebSocket relay).
Co-Authored-By: Paperclip <noreply@paperclip.ing>
|
2026-03-17 15:26:24 +08:00 |
|
徐枫
|
afbaca1112
|
feat: implement CookieBridge M1 — core protocol & relay server
- Protocol spec: encrypted envelope format, device identity (Ed25519 + X25519),
LWW conflict resolution with Lamport clocks
- E2E encryption: XChaCha20-Poly1305 via sodium-native, X25519 key exchange
- WebSocket relay server: stateless message forwarding, device auth via
challenge-response, offline message queuing, ping/pong keepalive
- Device pairing: time-limited pairing codes, key exchange broker via HTTP
- Sync protocol: envelope builder/opener, conflict-resolving cookie store
- 31 tests passing (crypto, pairing, conflict resolution, full integration)
Co-Authored-By: Paperclip <noreply@paperclip.ing>
|
2026-03-17 14:56:01 +08:00 |
|