Add E2E encryption for inbox/outbox messaging#162
Open
koenvanderveen wants to merge 10 commits intomainfrom
Open
Add E2E encryption for inbox/outbox messaging#162koenvanderveen wants to merge 10 commits intomainfrom
koenvanderveen wants to merge 10 commits intomainfrom
Conversation
Implements optional end-to-end encryption using syft-crypto-python. Encryption happens in ConnectionRouter (transport stays unaware). Key exchange occurs during peer approval via dedicated GDrive folders. Backward compatible — unencrypted messages still work via try_decrypt fallback. 🤖 Generated with [Claude Code](https://claude.com/claude-code)
|
Check out this pull request on See visual diffs & provide feedback on Jupyter Notebooks. Powered by ReviewNB |
- Extract 4 raw-bytes transport methods into connection interface, removing GDrive-specific logic from ConnectionRouter - Make KeyManager a Pydantic BaseModel with proper typing - Add GdriveEncryptionBundlesFolder class for folder naming consistency - Add encryption bundle patterns to orphaned file cleanup - Cache encryption bundles folder ID and clear in reset_caches - Rename VersionManager -> PeerManager across entire codebase
…thods Renamed: send_raw_bytes_to_inbox → send_raw_bytes_to_inbox_ds, download_next_raw_from_inbox → download_next_raw_proposed_message_from_datasite_owner_inbox, write_raw_bytes_to_outbox → write_raw_bytes_to_outbox_do. Removed unused: transport_name(), download_events_message_by_id_from_outbox(), is_message_file(), GDRIVE_TRANSPORT_NAME constant.
…ection Rename role-specific methods to use consistent owner_/watcher_ prefixes instead of mixed _do/_ds/_as_do/_as_ds suffixes. Also properly wire PeerStore through ConnectionRouter.from_configs and fix encryption tests.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
syft-crypto-python(Rust-based crypto)ConnectionRouter— GDrive transport stays unaware of encryptiontry_decryptgracefully handles unencrypted messagesKeyManagerclass manages key generation, persistence, and peer bundle storageTest plan
🤖 Generated with Claude Code