bolt8

Encrypted and authenticated transport, per BOLT #8 (docs.ppad.tech/bolt8).
git clone git://git.ppad.tech/bolt8.git
Log | Files | Refs | README | LICENSE

ARCH1.md (930B)

      1 # ARCH1: Packet framing for decrypt
      2 
      3 ## Goal
      4 Define how the API should handle stream framing and trailing bytes when
      5 receiving BOLT8 packets.
      6 
      7 ## Context
      8 BOLT8 frames are sent on a stream as:
      9 - encrypted length (2 bytes) + MAC (16 bytes) == 18 bytes total
     10 - encrypted body (len bytes) + MAC (16 bytes)
     11 
     12 A receiver typically reads 18 bytes, decrypts length, then reads the
     13 next len+16 bytes. If a read returns more than one frame, the caller
     14 must retain the remainder for the next decrypt.
     15 
     16 ## Decision points
     17 - Keep strict packet API (reject trailing bytes), or
     18 - Provide a framing helper that returns (plaintext, remainder, session),
     19   leaving existing decrypt unchanged.
     20 
     21 ## Constraints
     22 - Preserve BOLT8 wire semantics.
     23 - Avoid partial functions.
     24 - Keep changes minimal and compatible where possible.
     25 
     26 ## Expected outcome
     27 A clear API contract for decrypt framing in downstream callers, with
     28 explicit behavior on trailing bytes.