073203abae
Upstream RNS enforces two requirements in code that SPEC.md left implicit;
both caused silent message loss in a clean-room Go LXMF service against
upstream Python rns 1.2.4 / lxmf 0.9.7.
§6.4.2 LRRTT — initiator's link-activation packet
- HEADER_1, DATA, dest_type=LINK (0x03), ctx=0xfe; body is
`umsgpack.packb(rtt_seconds)` encrypted with the link's session keys.
- The responder transitions HANDSHAKE→ACTIVE only on LRRTT receipt
(Link.py:534-553), which is also what fires the link_established
callback. LXMF's set_resource_strategy(ACCEPT_APP) is installed
from that callback; without it, every RESOURCE_ADV the initiator
sends hits the silent ACCEPT_NONE branch at Link.py:1087.
§6.4.3 Header type for post-handshake DATA and Resource
- Link-addressed packets are routed via link_table, which forwards
header bytes verbatim (Transport.py:1587-1622). HEADER_2 with a
relay's transport_id therefore arrives at the destination intact
and is dropped by packet_filter (Transport.py:1283-1285) as
"for another transport instance".
- Mandates HEADER_1 with no transport_id for all post-handshake
link DATA / Resource / control packets regardless of hop count.
- Asymmetry with LINKREQUEST (which IS path_table-routed and so
HEADER_2-eligible) is spelled out.
Companion changes:
- §6.4 renamed to "Session keys and link activation"; existing
HKDF content moved into §6.4.1.
- §2.5 LRRTT context-byte entry points at §6.4.2.
- §12.5.2 (Link DATA forwarding) cross-references §6.4.3.
- §14 failure-modes table: two new entries for the silent-drop
chains documented above.
- flows/send-link-lxmf.md step 4 strengthened (LRRTT is mandatory,
not informational); step 6 corrected (Transport.outbound does NOT
apply HEADER_1→HEADER_2 for link DATA — that conversion is
path_table-keyed, link DATA is link_table-keyed).
- test-vectors/links.json extended with an LRRTT entry: pinned
rtt_seconds=0.05 + pinned 16-byte IV produces deterministic
wire bytes for the encrypted body.
- tools/regen_links.py drives the LRRTT generation with an
os.urandom patch for the Token IV.
- tools/verify_link_lrrtt.py (new) locks the wire claims:
HEADER_1, ctx=0xfe, dest=link_id, body decrypts under
derived_key to msgpack float64 matching rtt_seconds.
Citations all verified against installed RNS 1.2.4 / LXMF 0.9.7.
All 14 verifiers PASS.
|
||
|---|---|---|
| .. | ||
| _gen_toc.py | ||
| README.md | ||
| regen_announces.py | ||
| regen_identities.py | ||
| regen_links.py | ||
| regen_lxmf.py | ||
| requirements.txt | ||
| verify_announce_app_data.py | ||
| verify_announce_roundtrip.py | ||
| verify_destination_hash.py | ||
| verify_link_handshake.py | ||
| verify_link_lrrtt.py | ||
| verify_lxmf_opportunistic.py | ||
| verify_msgpack_quirk.py | ||
| verify_packet_header.py | ||
| verify_path_request.py | ||
| verify_proof_packet.py | ||
| verify_ratchet_dedup.py | ||
| verify_rnode_split.py | ||
| verify_stamps.py | ||
| verify_token_crypto.py | ||
Verifier scripts
Self-contained Python scripts that test claims in ../SPEC.md against the upstream RNS / LXMF Python stack.
Conventions
- Each script verifies one claim or one related cluster of claims.
- Exit code 0 on PASS, non-zero on FAIL.
- Print a one-line PASS/FAIL summary plus a unified diff or hex dump on mismatch.
- Reference the SPEC.md section the script verifies in a docstring at the top.
Required environment
pip install rns lxmf
The scripts read RNS.__version__ at startup and print it in their output so a future reader can tell which RNS version a verification ran against.
Status
Populated against RNS 1.2.4 / LXMF 0.9.7:
| Script | Verifies SPEC.md section | Status |
|---|---|---|
verify_destination_hash.py |
§1.1, §1.2, §1.3 — identity composition, dest_hash = SHA256(name_hash || identity_hash)[:16], on-disk private-key round-trip via to_file/from_file |
✅ |
verify_packet_header.py |
§2.1, §2.2, §2.3 — flag byte layout, HEADER_1/HEADER_2 form, originator HEADER_1→HEADER_2 conversion via upstream Transport.outbound |
✅ |
verify_token_crypto.py |
§3 — Token encrypt/decrypt, HKDF salt = identity_hash, HMAC-then-AES order, PKCS#7 padding | ✅ |
verify_announce_app_data.py |
§4.3 — LXMF announce app_data 2-element form, parser tolerance | ✅ |
verify_announce_roundtrip.py |
§4.1, §4.2, §4.5 — announce body layout, signature, dest_hash recompute, tamper rejection | ✅ |
verify_lxmf_opportunistic.py |
§5.1, §5.2, §5.5, §5.6 — full identity → encrypt → decrypt → parse round-trip | ✅ |
verify_proof_packet.py |
§6.5 — implicit (64B) and explicit (96B) proof body forms, validator length-dispatch | ✅ |
verify_link_handshake.py |
§6.1, §6.2, §6.3, §6.6 — LINKREQUEST/LRPROOF body order, link_id derivation, signalling | ✅ |
verify_link_lrrtt.py |
§6.4.2, §6.4.3 — LRRTT wire form, HEADER_1 header, dest_type=LINK, ctx=0xfe, link-form Token body, msgpack float64 plaintext | ✅ |
verify_path_request.py |
§1.2 well-known hashes, §7.1 LXMF path-preamble gating | ✅ |
verify_rnode_split.py |
§8.3 — RNode air-frame split-packet TX/RX state machines | ✅ |
verify_msgpack_quirk.py |
§9.3 — encoding name as bytes vs str affects upstream parsing | ✅ |
verify_stamps.py |
§5.7 — workblock determinism, PoW stamp search/validate, ticket shortcut | ✅ |
verify_ratchet_dedup.py |
§7.3 / §4.5 step 6.3 — confirms replay defence is keyed on random_blob, NOT on (dest_hash, ratchet_pub) |
✅ |
regen_identities.py |
regenerates test-vectors/identities.json |
✅ |
regen_announces.py |
regenerates test-vectors/announces.json (deterministic announce wire bytes, with and without ratchet) |
✅ |
regen_lxmf.py |
regenerates test-vectors/lxmf.json (deterministic opportunistic-LXMF plaintext + Token ciphertext) |
✅ |
regen_links.py |
regenerates test-vectors/links.json (deterministic LINKREQUEST + LRPROOF + derived session key) |
✅ |
See ../agent.md §5 and ../todo.md for the remaining priority order.