Commit Graph

142 Commits

Author SHA1 Message Date
shum d5bfa2e9d8 chat: bump simplexmq pin + document cross-table simplex_name discriminator
Pin bump 5ee014dd -> c9c2d19 picks up the 8 simplexmq commits since the
last bump (parseBare lowercase fix, forwarded-param cleanup, ServerTests
+ agent end-to-end tests, TldRegistries removal, SNRC ABI decoder,
NameRecord/NameOwner module extraction).

Adds a brief comment on clearConflictingContactProfileSimplexName_
explaining why the audit's flagged cross-table collision (between
contact_profiles.simplex_name and group_profiles.simplex_name) is
structurally impossible: SimplexNameInfo's strEncode prefixes contact
names with '@' and group names with '#', so the stored bytes never
overlap between the two tables.

Query-plan regen deferred (the test is non-deterministic in CI / dev
sandbox — see prior 6c990696c).
2026-06-06 09:17:55 +00:00
shum ebe90f7169 chat: APIVerifySimplexName command + CEvtSimplexNameUnverified warning
Addresses the TOFU vulnerability where peer-claimed simplex_name was
accepted unverified. Adds:

- contacts.simplex_name_verified_at + groups.simplex_name_verified_at
  (M20260606_simplex_name_verified)
- APIVerifySimplexName ChatRef command: RSLV-resolves the claimed name
  and compares the resolved link to the peer's stored connection link;
  on match writes verified_at and emits CEvtSimplexNameVerified;
  on mismatch emits CEvtSimplexNameVerifyFailed
- CEvtSimplexNameUnverified passive warning emitted on incoming XInfo /
  XGrpInfo when a name claim arrives without a current verification
- updateContactProfileWithConflict / updateGroupProfileWithConflict
  clear simplex_name_verified_at whenever the peer's claim transitions
  (any value change including Nothing<->Just): the prior verification
  was bound to the prior claim.

UI can surface the unverified indicator next to a contact / group's
name, and prompt the user to invoke the verify command. This shifts
the security model from "TOFU + last-writer-wins" to "TOFU + on-demand
RSLV verification".
2026-06-06 08:33:25 +00:00
shum b1d18100f4 chat: document connections.simplex_name as transient carrier
Audit flagged the column as "INSERTed but never UPDATEd". This is by
design per the prior plan's connect-via-plan flow: the column is a
transient carrier between connection-creation and contact-creation.
After the Contact row is created via XInfo handling, contacts.simplex_name
is the source of truth and the connections value is a historical snapshot.
Documents the intent so future readers don't reflag it.
2026-06-05 16:40:20 +00:00
shum 27489f8919 chat: fix review findings on simplex_name persistence
- updateUserProfile no longer writes contact_profiles.simplex_name on
  the user's own row (the column is reserved for peer claims; the user's
  broadcastable name lives on contacts.simplex_name via uct.simplex_name).
- updateMemberContactProfile_'/Reset_' now write simplex_name; new
  updateMemberProfileWithConflict / updateContactMemberProfileWithConflict
  variants run conflict-clear and return the displaced name, with
  processMemberProfileUpdate emitting CEvtSimplexNameConflict.
- createContact_ runs conflict-clear before INSERT to avoid UNIQUE
  constraint violations on first-write peer collisions, returning the
  displaced name; createPreparedContact / createDirectContact thread it
  through to APIPrepareContact and saveConnInfo XInfo for event emission.
- groups conflict-clear takes ProfileId directly (avoids the NOT IN (NULL)
  silent-noop edge case when groups.group_profile_id is ON DELETE SET NULL).
- Moves clearConflictingContactProfileSimplexName_ to Shared.hs so
  createContact_ can call it without inducing a circular import.
2026-06-04 17:52:51 +00:00
shum cd0de96599 chat: persist peer-claimed simplexName from incoming profiles
Write paths:
- updateContactProfile_' / updateGroupProfile_ now set the new
  contact_profiles.simplex_name / group_profiles.simplex_name columns
  from Profile.simplexName / GroupProfile.simplexName respectively.
- createContact_ INSERT writes Profile.simplexName to the new
  contact_profiles column (separate from the existing simplexName arg,
  which still writes contacts.simplex_name — the user's locally-known
  label).

Read paths (closing Task 2's deferred sites):
- toContact splits simplex_name reads: Contact.simplexName from
  contacts.simplex_name (existing); LocalProfile.simplexName from
  contact_profiles.simplex_name (new column).
- toGroupInfo similarly splits: GroupInfo.simplexName from
  groups.simplex_name; groupProfile.simplexName from
  group_profiles.simplex_name.
- ProfileRow / rowToLocalProfile, toContactRequest, getUserContactProfiles,
  toGroupProfile, getProfileById, groupMemberQuery, getGroupAndMember_,
  saveRcvChatItem-related quotes — all extended to read p.simplex_name
  and decode it into LocalProfile.simplexName / GroupProfile.simplexName.

Conflict handling (Decision B):
- clearConflictingContactProfileSimplexName_ / *Group* helpers do an
  atomic UPDATE-with-RETURNING that NULLs simplex_name on any other
  row in the same user that would collide on the partial UNIQUE index,
  returning the displaced row's display_name.
- updateContactProfileWithConflict / updateGroupProfileWithConflict
  bundle clear+update in one transaction.
- processContactProfileUpdate / xGrpInfo invoke the *WithConflict
  variants and emit CEvtSimplexNameConflict when a displacement
  happened (with the claiming and displaced display names).

Adds ChatEvent CEvtSimplexNameConflict and SimplexNameConflictEntity
(SNCEContact / SNCEGroup) with JSON instances and View.hs rendering.
2026-06-04 17:16:07 +00:00
shum d083feaeb2 chat: clarify groups.simplex_name stopgap comment
Drop the asymmetric toContact comment (the mirror is now obvious post-Task-1)
and rewrite the toGroupInfo stopgap comment to reflect the actual semantics:
groups.simplex_name is per-user locally-known, mirrored into groupProfile as a
stopgap until group_profiles.simplex_name lands.
2026-06-04 16:19:21 +00:00
shum 167dbde559 chat: load LocalProfile.simplexName from simplex_name column
Populate the embedded LocalProfile.simplexName field for the user's own
profile and for peer Contact / GroupInfo from the existing simplex_name
columns on contacts and groups. Previously every DB read set this field
to Nothing (Task 1 placeholder), so downstream consumers that work off
LocalProfile / GroupProfile (e.g., userProfileDirect / userProfileInGroup
that build outgoing XInfo / XGrpInfo via fromLocalProfile) saw Nothing
unconditionally.

Scope is limited to the rows where the simplex_name column actually
exists: contacts (per-user) and groups (per-user). Sites that only read
contact_profiles / group_profiles (toContactRequest, toContactProfile,
toGroupProfile, rowToLocalProfile) remain Nothing; Task 3 adds the
profile-table columns and wires them up.
2026-06-04 16:06:54 +00:00
shum 212c9d43fb chat: simplexName field on Profile, GroupProfile, LocalProfile
Adds a Maybe SimplexNameInfo field to the wire-level Profile and
GroupProfile (and their DB sibling LocalProfile). JSON instances are
TH-derived with omitNothingFields = True, so the new optional field is
auto-handled and old peers / old JSON without the key decode as Nothing.

Existing record-construction sites are set to simplexName = Nothing as
a placeholder. Outgoing dissemination (userProfileDirect /
userProfileInGroup) and incoming persistence wire-up land in follow-up
commits. redactedMemberProfile passes the field through, matching how
peerType is preserved.
2026-06-04 15:45:42 +00:00
shum 67ae555d88 chat: fix misleading decodeSimplexName docstring
The comment described "@alice.simplex" as the column's surface form,
but ToField SimplexNameInfo writes the canonical strEncode output
("simplex:/name@alice.simplex"). Aligns the docstring with what the
column actually holds.
2026-06-04 06:07:21 +00:00
shum fb72ff6b1a chat: persist simplexName on prepare and connect-via-plan write paths
createPreparedContact/createPreparedGroup gain a Maybe SimplexNameInfo
parameter that they write to contacts.simplex_name / groups.simplex_name
directly. createConnection_ writes to connections.simplex_name as a
transient carrier for the connect-via-plan path. The XInfo handler
in Library/Subscriber.hs reads the connection's simplexName and passes
it to createDirectContact so the final contact row captures the name.

All current callers pass Nothing; the actual flow lights up when
APIConnectPlan accepts ConnectTarget and connectPlanName threads the
name through (later commits in this branch).

Uses the upstream ToField SimplexNameInfo (simplexmq 0b334b66) for
writes; reads continue to go via the soft-degradation helper.
2026-06-03 18:26:35 +00:00
shum 75671201d3 chat: cross-reference groupInfoQueryFields and getGroupAndMember_
Two helpers redundantly maintain the same g.* column list. A future
g.* addition must be applied to both sites; the cross-reference
comments flag this for maintainers. A proper refactor (reusing
groupInfoQueryFields from Connections.hs's inline SELECT) is out of
scope for this branch.
2026-06-03 18:26:25 +00:00
shum e4a1acd4c9 chat: thread simplexName through Contact/GroupInfo/Connection records
Adds `simplexName :: Maybe SimplexNameInfo` to the three records and
extends every SELECT path that reconstructs them to read the new
column. Decoded via eitherToMaybe . strDecode . encodeUtf8 (the
codebase's established pattern for Maybe Text -> typed-decode fields),
extracted as decodeSimplexName helper since the chain appears in
toContact / toContact' / toGroupInfo / toConnection. INSERT paths
still write Nothing - the write-side wiring lands in the next commit
(Task 7).
2026-06-03 15:58:50 +00:00
Evgeny Poberezkin 60e75aa398 Merge branch 'stable' 2026-05-31 17:33:52 +01:00
Evgeny 9bb2bec3fa plan: web previews for channels (#7022)
* plan: web previews for channels

* types for recipient side to support channel web previews and domain names

* fix

* migrations

* update schema and api types

* update schema

* rename migrations

* core: check member role

---------

Co-authored-by: Evgeny @ SimpleX Chat <259188159+evgeny-simplex@users.noreply.github.com>
2026-05-31 17:12:12 +01:00
Evgeny fe6b5186e1 core: update simplexmq (receiving services) (#6212)
* core: update simplexmq

* update agent api

* update simplexmq

* core: add flag to User to use client services

* update simplexmq

* cli command to toggle service for a user

* test, fix

* query plans, core/bot api types

* remove local package reference

* increase server queue size in tests

* show client service status in users list

* update query plans

* cli: fix redraw slowness (#6735)

* cli: add pland to fix redraw slowness

* updtae doc

* cli: decouple key reading from processing via TQueue

* schema and bot types

---------

Co-authored-by: sh <37271604+shumvgolove@users.noreply.github.com>
2026-05-25 10:37:13 +01:00
spaced4ndy a14a66db14 core, ui: chat relay test (#6736) 2026-04-02 15:36:36 +00:00
spaced4ndy 42fe94752c core, ui: public group profile wip (#6734) 2026-04-01 14:17:27 +00:00
Evgeny 1e042718a3 core: shared group ID in group profile for relayed groups (#6716)
* rfc: add shared group ID to profile (the same as linkEntityId and sha256(rootKey))

* implement group ID

* fix

* update simplexmq

* line

* toGroupKeys

* fix test

* fix bot api

* check group ID in other cases

* fix

---------

Co-authored-by: Evgeny @ SimpleX Chat <259188159+evgeny-simplex@users.noreply.github.com>
Co-authored-by: spaced4ndy <8711996+spaced4ndy@users.noreply.github.com>
2026-03-30 08:25:54 +00:00
spaced4ndy 58f47cbadf core, ui: channel subscriber count (#6696) 2026-03-24 10:54:32 +00:00
spaced4ndy b38fc62281 core: chat relays announce new members to owners (with keys); forward x.grp.mem.restrict; sign and verify x.grp.leave and x.info (member profile update) (#6690) 2026-03-19 19:47:02 +00:00
spaced4ndy b97868d79f ios: channels and chat relays ui (#6634) 2026-03-05 09:13:24 +00:00
Evgeny 7d5768cf3a core: prepare group link before creating the group (#6600)
* core: prepare group link before creating the group

* update group creation flow

* refactor

* comments

* update plan, schema, api docs/types

* store shared group ID and keys when joining relay groups

* query plans, api docs
2026-01-27 17:56:31 +00:00
spaced4ndy bd8ba4d5c6 core: chat relays protocol (#6383)
* core: chat relays protocol wip

* types, notes

* remove file

* removal protocol

* schema

* status

* update

* recovery

* update

* formatting

* rename

* more types

* comment

* more docs

* decrease number of steps

* format

* correct

* update

* update protocol

* update

* typo

* todo

* update doc

* update

* update

* remove added

* update

* update

* XGrpRelayReady

* link to chat relays

* update

* remove from protocol

* update

* json

* wip

* remove comment

* wip

* update

* wip

* wip

* update

* wip

* wip

* plans

* better view

* fix

* fix

* relay acceptance

* rework api

* add relays to link

* comment

* active on con, fix send

* comments

* direct in group plan

* prepare

* member connection wip

* comments

* member connection wip

* fix forwarding

* introduce moderators to new member

* enable relay tests

* plans

* security objectives

* refactor

* add to threat model

* stress test wip

* stress test wip

* Revert "stress test wip"

This reverts commit acde8a1fb3.

* Revert "stress test wip"

This reverts commit 6435808438.

* remove stress test

* improve output

* invert relay fkey

* postgres schema

* comments

* group in progress, remove auto-select relays commented code

* comments

* corrections

* comment

* lint

* redundant import

* core: chat relay request worker (#6509)

* update plans

* strict tables

* core: update group link asynchronously with relay link (#6548)

* update simplexmq

* docs: connection to chat relays rfc (#6554)

* add test for 2 relays (doesn't pass)

* create unknown member in same transaction as checking

* fix relays choosing different memberId (XContactRelay)

* plans, api

* use same incognito profile for relays, connect concurrently, save correct link for plan

* test

* don't duplicate items on group connection

* check relay record exists when joining

* use mapConcurrently when adding relays, update schemas

* fix multi-relay join for postgres (savepoint)

* core: async retry connection to chat relays (#6584)

* update simplexmq

* fix api tests

* prefer throwing temp error on connection

* check group relays when deleting from configuration

* relay_request_err_reason

* relay role

* rename, fix syntax

* plans

* rename, style

---------

Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com>
2026-01-21 13:19:06 +00:00
spaced4ndy 2f1816ca32 Merge branch 'master' into chat-relays 2026-01-15 19:18:57 +04:00
spaced4ndy 2d64365d8c core: correctly handle errors in createWithRandomId/Bytes for postgres (reuse withSavepoint from simplexmq) (#6578) 2026-01-15 15:18:15 +00:00
spaced4ndy 4873ca2337 Merge branch 'master' into chat-relays 2026-01-15 13:52:08 +04:00
spaced4ndy 8800f5e62f core: correctly handle errors in withLocalDisplayName for postgres (rollback to savepoint) (#6577) 2026-01-15 09:36:53 +00:00
spaced4ndy ae0dec480d Merge branch 'master' into chat-relays 2025-12-12 14:04:31 +04:00
spaced4ndy f76e994034 core: forward based on relations vector (#6464)
* core: forward based on relations vector wip

* fix introductions

* fix forwarding tests

* fix forwarding inside support scope

* fix deduplication test

* fix more tests

* plans, api

* live migration wip

* enable tests

* member locks

* api

* plans

* fix for postgres

* fix for postgres

* rename predicate

* rename predicate

* optimize

* refactor

* fix

* check

* move part of migration to sql

* plans

* core: preserve detailed information in relation vectors (#6484)

* core: relations vector live migrations; stage 2 migration sql (#6472)

* rework forwarding in support scope

* move operations inside transactions

* set_member_vector_new_relation function

* read vector ad-hoc

* partition in transaction

* fix postgres

* postgres schema

* api

* plans

* remove comment

* lock before migration computation

* refactor

* simplify set relations

* retreive only support scope members

* fix

* refactor

* fix comment

* enable tests

* 1 second

* for update

* locks

* fix mask

* plans

* fix

* postgres

---------

Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com>
2025-12-09 14:48:32 +00:00
spaced4ndy a5c6ea8e5d core: member relations vector migration; set index in group for members; rework logic for avoiding duplicate introductions (#6445) 2025-11-19 15:25:09 +00:00
spaced4ndy 67461d6971 core: manage chat relays initial (#6369) 2025-10-20 08:12:45 +00:00
spaced4ndy 17a0c1b53d core: delivery in channels (#6278)
* core: channels delivery (#6274)

* core: optimize member retrieval query for postgres (#6280)

* core: optimize reading only relays for sending in channels (#6282)

* fixes

* plans
2025-10-01 15:53:27 +00:00
Evgeny eca2937be1 core: backward compatible JSON decoding (#6322) 2025-09-30 23:05:12 +01:00
spaced4ndy c782e6762b feature branch: optimize subscriptions (#6297)
* core: remove contact merge, obsolete group code (#6292)

* core: remove file connections (#6298)

* core: rename migration

* corre: remove unused contacts merged event (#6308)

* core: optimize subscriptions (#6304)

* core: remove conn ids map from subscriptions (#6309)

* rename migration (#6316)

---------

Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com>
2025-09-28 21:31:59 +01:00
Evgeny 015d5de364 directory: move all storage to the database, optimize performance (#6287)
* core: add custom indexed columns to groups and contacts

* directory: use database (TODO search/listing)

* triggers to maintain current member count

* update simplexmq, fix tests, use summary from GroupInfo

* fix all directory tests

* remove acceptance fields from group reg

* enable all tests

* clean up

* postgres migrations, fixes

* query plans

* use function in postgres triggers, improve sqlite query

* fix export/import

* update schema

* prevent admins from promoting groups when approving

* update listing every 5 minutes
2025-09-28 15:11:49 +01:00
spaced4ndy 382241fe3e core: rework synchronous group forwarding in receive loop into asynchronous delivery tasks (#6178) 2025-09-12 13:22:34 +00:00
Evgeny f6c699f3a5 core: update simplexmq (error handling) (#6231)
* core: update simplexmq (error handling)

* update simplexmq
2025-08-29 10:05:20 +01:00
Evgeny 4811d663e6 rfc: bot messages and buttons, core: command markdown, supported commands in profile preferences, chat sessions preference, peer type field in profile to identify bots (#5360)
* rfc: bot messages and buttons

* update

* update bot rfc

* core: add bot commands to chat preferences and peer type to profile

* update postgresql schema

* update query plans

* chat sessions preference

* markdown for bot commands

* schema

* core: file preference, options to create bot from CLI

* core: different command type

* ios: commands menu

* update types

* update ios

* improve command markdown

* core, ios: update types

* android, desktop: clickable commands in messages in chats with bots

* android, desktop: commands menu

* command menu button, bot icon

* ios: connect flow for bots

* android, desktop: connect flow for bots

* icon

* CLI commands to view and set commands, remove "hidden" property of command, bot api docs

* corrections

* fix inheriting profile preferences to business groups

* note on business address

* ios: export localizations

* fix test

* commands to set file preference on user/contact, tidy up layout and display of command and attachment buttons
2025-08-07 11:13:35 +01:00
spaced4ndy 18a00511a7 core: set via_group_link_uri for groups (#6137)
* core: set via_group_link_uri for groups

* schema

* plans

* schema

* add to type

* plans, api
2025-08-01 16:23:52 +01:00
spaced4ndy f42a6751b1 core: allow to manually accept member contact requests (#6129)
* core: allow to manually accept member contact requests

* response

* comment

* comment

* add fields

* fix

* field in request

* compiles

* fix tests

* test

* plans

* fix mobile tests

* fix doc tests

* renames

* group name in event

* fix renames

* tests

* plans

* rename selector

* ios wip

* fix

* ios wip

* move

* fix backend bug, ui

* reject dialogue

* update plans

* kotlin

* delete swipe

* should accept text

* rename

* postgres migration

* ios: pass chat as binding

* rename module

* fix queries

* schema

* update plans, api docs

---------

Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com>
2025-08-01 10:18:29 +01:00
spaced4ndy 7b7926a73e core, ui: allow to choose disappearing messages ttl in user profile (#6097) 2025-07-24 14:52:48 +00:00
Evgeny a5768e903d core, ui: short bio/description for contact and group profiles (#6055)
* core: short bio/description for contact and group profiles

* use short description in commands

* fix tests

* query plans

* ios: show contact and group profile descriptions

* android, desktop: short description/bio

* ui: layout for chat info, correct copy

* comment out fields to add/edit short descriptions

* remove short description from events

* postgres schema
2025-07-11 21:28:10 +01:00
spaced4ndy 2dd54c6697 core, ui: prohibit changing profile for prepared entity when first attempt to connect failed (#6037)
* core: prohibit changing profile for prepared entity when first attempt to connect failed

* reuse incognito

* schema

* ios

* postgres schema

* ios

* reenable tests

* kotlin

* update alert

* rename predicate, combine queries

* send the correct incognito mode, fail on attempt to change mode for prepared connection

* query plans

* ui: show group connecting status

---------

Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com>
2025-07-05 11:09:10 +01:00
spaced4ndy fc98558a37 core: refactor connectViaContact (#6034)
* core: refactor connectViaContact

* true, comment

* optimize connectViaContact for prepared entities

* refactor Connection

* refactor pcc

---------

Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com>
2025-07-04 09:47:40 +00:00
spaced4ndy 79041390f1 core: allow to accept contact requests after address is deleted (#6032)
* core: allow to accept contact requests after address is deleted

* update

* update

* plans

* ios, postgres migration

* schema

* request lock, refactor

* update simplexmq

---------

Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com>
2025-07-03 10:34:11 +00:00
Evgeny d8636953d3 core: connection plans for short links recognize prepared contacts/groups (#6019)
* core: connection plans for short links recognize prepared contacts/groups

* query plans
2025-06-30 16:12:07 +01:00
Evgeny 524de4067a core: add/send contact address and request messages, ios: use auto-reply as welcome message (#6017)
* core: add/send contact address and request messages, ios: use auto-reply as welcome message

* revert event type change

* fix test, type

* multiplatform: update type

* fix query

* ios: hide keyboard when sending the message

* failing test for business chat with a welcome message

* retry joining via contact address

* query plans

* do not send history to the first member (the original customer) of business chat

* correctly handle retries when joining groups, do not create a new connection on retry

* failing test for group welcome message and feature items

* do not send history item if member saw it during joining (based on welcomeSharedMsgId in join request)

* correct fields in PendingContactConnection, update plans

* prevent duplicate group description created in chat, while ensuring that it is created

* fix query
2025-06-30 11:54:13 +01:00
spaced4ndy cc643e5aeb core: rework contact requests so that they are always created with entity (#6011)
* core: rework contact requests so that they are always created with entity

* remove group requests (revert)

* fix schema

* remove accepted, set xcontactId

* enable tests

* fix deduplication, fix address deletion

* fix business ldn

* disable, add tests

* comments, schema

* cleanup

* fix

* plans
2025-06-26 11:05:23 +01:00
Evgeny c0b704f846 core: store welcome and request message IDs, ios: fix sending request without messages, trim sent messages (#6009)
* core: store welcome and request message IDs, ios: fix sending request without messages, trim sent messages

* remove comments

* rename, fix tests

* simplexmq

---------

Co-authored-by: spaced4ndy <8711996+spaced4ndy@users.noreply.github.com>
2025-06-25 16:59:32 +01:00
Evgeny fc04872c91 core: chat item content types for chat initiation (#5998)
* core: chat item content types for chat initiation

* connection mode for ui

* padding

* simplexmq

* initial items

* update content items

* core: feature and e2e items

* refactor

* chat items

* ios types

* fix condition for PQ encryption of link
2025-06-20 11:54:21 +01:00