docs: update ClaudeReport (R24-d/c) and Engineering_Reference_Manual (keybox phrase envelope)
This commit is contained in:
parent
683e4ed8d0
commit
4773570745
File diff suppressed because one or more lines are too long
|
|
@ -1192,6 +1192,12 @@ OOB code = `truncate6(SHA-256(pubkey ‖ nonce))`.
|
||||||
couple key; the code is a fingerprint of the exact pubkey in the request doc (defeats a server/MITM pubkey swap +
|
couple key; the code is a fingerprint of the exact pubkey in the request doc (defeats a server/MITM pubkey swap +
|
||||||
account-takeover). Never reduce it to a tap-to-approve. Consume (delete) the request after unwrap so no wrapped
|
account-takeover). Never reduce it to a tap-to-approve. Consume (delete) the request after unwrap so no wrapped
|
||||||
key lingers.
|
key lingers.
|
||||||
|
- **Keybox payload carries the phrase too (R24-c).** The ECIES plaintext is now an envelope `ckx:v1:{json}` with
|
||||||
|
`{keyset, phrase?}` — `wrapCoupleKey(..., recoveryPhrase)` includes the sender's phrase; `unwrapCoupleKey`
|
||||||
|
returns `TransferredKey(keyset, recoveryPhrase?)`; `storeTransferredKeyset(coupleId, handle, phrase?)` persists
|
||||||
|
the phrase so a partner-restored device can reveal it. **Backward-compatible:** a plaintext WITHOUT the
|
||||||
|
`ckx:v1:` prefix is a legacy keyset-only keybox → decodes to `(keyset, null)`. Don't remove the legacy branch.
|
||||||
|
The phrase rides inside the same OOB-code-gated ECIES ciphertext as the key — never log it (same rule as the key).
|
||||||
- **Restore requires the couple key first** (phrase or partner keybox) — content decrypt is couple-key. Fail soft
|
- **Restore requires the couple key first** (phrase or partner keybox) — content decrypt is couple-key. Fail soft
|
||||||
everywhere (missing key → skip backup / "restore unavailable", never crash; never log keys/plaintext/phrase).
|
everywhere (missing key → skip backup / "restore unavailable", never crash; never log keys/plaintext/phrase).
|
||||||
- **Re-request must delete before create (R24-b, Bug A).** `createRestoreRequest` does `.set()`; over an existing
|
- **Re-request must delete before create (R24-b, Bug A).** `createRestoreRequest` does `.set()`; over an existing
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue