logos-messaging/libchat
1
0
Fork 0
mirror of https://github.com/logos-messaging/libchat.git synced 2026-06-28 03:59:27 +00:00
Code Issues Packages Projects Releases Wiki Activity
libchat/crates/client/src/client.rs

293 lines
11 KiB
Rust
Raw Normal View History

feat: introduce client event system (#106) * chore(flake): accept extra system attr; add perl for openssl-sys build forAllSystems calls the lambda with {system, pkgs}; strict destructuring requires `..` to ignore the system attribute. `pkgs.perl` is needed because openssl-sys is pulled vendored via libsqlite3-sys / rusqlite / chat-sqlite, and its `perl Configure` step needs FindBin.pm, which Fedora's system perl doesn't ship. * feat: introduce client event system - Core processing yields a `PayloadOutcome` enum — `Empty`, `Convo`, or `Inbox`. `ConvoOutcome` carries a conversation id and an optional decrypted `Content`; `InboxOutcome` adds a `NewConversation` (id + `ConversationClass`) for a peer-initiated conversation. - Client translates `PayloadOutcome` into app-facing `Vec<Event>` (`ConversationStarted`, `MessageReceived`) at the boundary, so the application loop sees discrete events rather than core types. - MLS group welcomes produce a `ConversationStarted` event with no initial content, fixing the silent-group-join case where the inbox layer dropped the observation. - C FFI exposes an `EventList` opaque type with indexed accessors and an `Invalid` sentinel for out-of-bounds / non-applicable reads. - Symmetric `Inbox` / `InboxV2` handlers: both return `Result<InboxOutcome, _>` and own the persistence + ephemeral-key cleanup for the conversations they create. - Updated and simplified `docs/adr/0001-client-event-system.md`. * chore(flake): bump nixpkgs to nixos-unstable-small Temporary. The two crates.io UA fixes (NixOS/nixpkgs#512735 for fetchCargoVendor's python-requests UA, NixOS/nixpkgs#524985 for importCargoLock's curl UA) haven't propagated to nixos-unstable yet. Switch to nixos-unstable-small and force logos-delivery to follow so the smoketest gets the same fix. Revert once nixos-unstable catches up. Refs: - https://github.com/rust-lang/crates.io/issues/13482 - https://github.com/rust-lang/crates.io/issues/13783 - https://crates.io/data-access
2026-05-28 23:51:15 +02:00
use std::sync::Arc;
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
use std::thread::{self, JoinHandle};
feat: introduce client event system (#106) * chore(flake): accept extra system attr; add perl for openssl-sys build forAllSystems calls the lambda with {system, pkgs}; strict destructuring requires `..` to ignore the system attribute. `pkgs.perl` is needed because openssl-sys is pulled vendored via libsqlite3-sys / rusqlite / chat-sqlite, and its `perl Configure` step needs FindBin.pm, which Fedora's system perl doesn't ship. * feat: introduce client event system - Core processing yields a `PayloadOutcome` enum — `Empty`, `Convo`, or `Inbox`. `ConvoOutcome` carries a conversation id and an optional decrypted `Content`; `InboxOutcome` adds a `NewConversation` (id + `ConversationClass`) for a peer-initiated conversation. - Client translates `PayloadOutcome` into app-facing `Vec<Event>` (`ConversationStarted`, `MessageReceived`) at the boundary, so the application loop sees discrete events rather than core types. - MLS group welcomes produce a `ConversationStarted` event with no initial content, fixing the silent-group-join case where the inbox layer dropped the observation. - C FFI exposes an `EventList` opaque type with indexed accessors and an `Invalid` sentinel for out-of-bounds / non-applicable reads. - Symmetric `Inbox` / `InboxV2` handlers: both return `Result<InboxOutcome, _>` and own the persistence + ephemeral-key cleanup for the conversations they create. - Updated and simplified `docs/adr/0001-client-event-system.md`. * chore(flake): bump nixpkgs to nixos-unstable-small Temporary. The two crates.io UA fixes (NixOS/nixpkgs#512735 for fetchCargoVendor's python-requests UA, NixOS/nixpkgs#524985 for importCargoLock's curl UA) haven't propagated to nixos-unstable yet. Switch to nixos-unstable-small and force logos-delivery to follow so the smoketest gets the same fix. Revert once nixos-unstable catches up. Refs: - https://github.com/rust-lang/crates.io/issues/13482 - https://github.com/rust-lang/crates.io/issues/13783 - https://crates.io/data-access
2026-05-28 23:51:15 +02:00
DeMLS Integration (#134) * Add WakeupService * Move Id to trait * Add GroupV2 * Add convo cache * Add TestHarness * Instrument call paths * Downgrade Ciphersuite * Update imports * cleanups * Add Wakeups to Client * fix: protoc dependency for ci * fix: nix hash * Remove save_conversation for v2 * PR comments
2026-06-15 13:15:18 -07:00
use components::{EphemeralRegistry, ThreadedWakeupService, WakeupEvent};
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
use crossbeam_channel::{Receiver, Sender, select};
feat: implement Client crate and C FFI bindings (#73) Implement a `client` crate that wraps the `libchat` context behind a simple `ChatClient<D>` API. The delivery strategy is pluggable via a `DeliveryService` trait, with two implementations provided: - `InProcessDelivery` — shared `MessageBus` for single-process tests - `CDelivery` — C function-pointer callback for the FFI layer Add a `client-ffi` crate that exposes the client as a C API via `safer-ffi`. A `generate-headers` binary produces the companion C header. Include two runnable examples: - `examples/in-process` — Alice/Bob exchange using in-process delivery - `examples/c-ffi` — same exchange written entirely in C; smoketested under valgrind (to catch memory leaks) in CI iterates: #71
2026-04-08 23:15:48 +02:00
use libchat::{
refactor(core): replace Rc-based Context with a synchronous, Send-able Core (#123) Make the conversations core Send so the threaded client can own it behind an Arc<Mutex<Core>>: a background worker polls the transport and handles inbound payloads while the application thread issues outbound calls (send, create conversation). Sharing the core across those two threads means moving it into the spawned worker, which is only legal if it is Send. Access stays serialized by the client's Mutex (one thread at a time), so the core needs Send but not Sync and carries no lock of its own. See docs/adr/0001-client-event-system.md for the background-poller design. The Rc<RefCell> service-sharing is what made the core !Send. Context is de-Rc'd and renamed to Core, owning its services outright and driving the inbox and conversation primitives with plain &mut self. - Services (identity, delivery, store, registry, MLS context, causal history) are bundled into a ServiceContext<S> behind an ExternalServices trait, with S = (DS, RS, CS). Constructors live on the (DS, RS, CS) form because S cannot be inferred backwards through S::DS. - Inbox, InboxV2, PrivateV1Convo, and GroupV1Convo become non-generic and receive the ServiceContext bundle as a &mut/& parameter; no Rc or RefCell-as-shared-state remains, so Core is Send whenever its injected services are. - Dispatch branches on ConversationKind in one place: Core rebuilds the target as a Convo<S>/GroupConvo<S> trait object bound to the service bundle, so conversations never escape the orchestrator. - CausalHistoryStore drops its Rc, keeping a plain RefCell.
2026-06-08 21:55:33 +02:00
ChatError, ChatStorage, ConversationId, ConvoOutcome, Core, DeliveryService, InboxOutcome,
Introduction, PayloadOutcome, RegistrationService, StorageConfig,
feat: implement Client crate and C FFI bindings (#73) Implement a `client` crate that wraps the `libchat` context behind a simple `ChatClient<D>` API. The delivery strategy is pluggable via a `DeliveryService` trait, with two implementations provided: - `InProcessDelivery` — shared `MessageBus` for single-process tests - `CDelivery` — C function-pointer callback for the FFI layer Add a `client-ffi` crate that exposes the client as a C API via `safer-ffi`. A `generate-headers` binary produces the companion C header. Include two runnable examples: - `examples/in-process` — Alice/Bob exchange using in-process delivery - `examples/c-ffi` — same exchange written entirely in C; smoketested under valgrind (to catch memory leaks) in CI iterates: #71
2026-04-08 23:15:48 +02:00
};
Update Context to accept External Identity Provider. (#127) * rename .account_id() to .id() * Create logos-traits crate * Remove AccountId references * external IdentityProvider for Context * Fix compile errors from merge * Update logos-traits to shared-traits * format fixes * warnings cleanup * clippy fix * Remove rebase artifact
2026-06-10 06:59:04 -07:00
use logos_account::TestLogosAccount;
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
use parking_lot::Mutex;
Add GroupV1 + InboxV2 (#92) * Add GroupV1 * Clean warnings * Remove dead test * Re-use components in integration tests * Remove deadcode * undo import fixes * tidy * Update Accounts + service_traits * Remove ClientCtx * Remove duplicate test_utils * Wrap constructor in result * Warning fixups * Appease clippy * Update comments * Update todo * Clean up warnings * Avoid panic * Fix libchat import in chat-cli * Add InboxV2 comment * Add comments to GroupV1Convo * Update doc comments * reduce visibility * Doc Integration tests * Hashlen update * remove type alias for ProtocolParams * Remove stray printlines * Review fixes * PR review changes * Add trait comments * chat_proto import paths * PR Feedback fixes * Update CliClient * Update CLI DeliveryService impls
2026-05-19 11:54:54 -07:00
use crate::errors::ClientError;
feat: introduce client event system (#106) * chore(flake): accept extra system attr; add perl for openssl-sys build forAllSystems calls the lambda with {system, pkgs}; strict destructuring requires `..` to ignore the system attribute. `pkgs.perl` is needed because openssl-sys is pulled vendored via libsqlite3-sys / rusqlite / chat-sqlite, and its `perl Configure` step needs FindBin.pm, which Fedora's system perl doesn't ship. * feat: introduce client event system - Core processing yields a `PayloadOutcome` enum — `Empty`, `Convo`, or `Inbox`. `ConvoOutcome` carries a conversation id and an optional decrypted `Content`; `InboxOutcome` adds a `NewConversation` (id + `ConversationClass`) for a peer-initiated conversation. - Client translates `PayloadOutcome` into app-facing `Vec<Event>` (`ConversationStarted`, `MessageReceived`) at the boundary, so the application loop sees discrete events rather than core types. - MLS group welcomes produce a `ConversationStarted` event with no initial content, fixing the silent-group-join case where the inbox layer dropped the observation. - C FFI exposes an `EventList` opaque type with indexed accessors and an `Invalid` sentinel for out-of-bounds / non-applicable reads. - Symmetric `Inbox` / `InboxV2` handlers: both return `Result<InboxOutcome, _>` and own the persistence + ephemeral-key cleanup for the conversations they create. - Updated and simplified `docs/adr/0001-client-event-system.md`. * chore(flake): bump nixpkgs to nixos-unstable-small Temporary. The two crates.io UA fixes (NixOS/nixpkgs#512735 for fetchCargoVendor's python-requests UA, NixOS/nixpkgs#524985 for importCargoLock's curl UA) haven't propagated to nixos-unstable yet. Switch to nixos-unstable-small and force logos-delivery to follow so the smoketest gets the same fix. Revert once nixos-unstable catches up. Refs: - https://github.com/rust-lang/crates.io/issues/13482 - https://github.com/rust-lang/crates.io/issues/13783 - https://crates.io/data-access
2026-05-28 23:51:15 +02:00
use crate::event::Event;
feat: implement Client crate and C FFI bindings (#73) Implement a `client` crate that wraps the `libchat` context behind a simple `ChatClient<D>` API. The delivery strategy is pluggable via a `DeliveryService` trait, with two implementations provided: - `InProcessDelivery` — shared `MessageBus` for single-process tests - `CDelivery` — C function-pointer callback for the FFI layer Add a `client-ffi` crate that exposes the client as a C API via `safer-ffi`. A `generate-headers` binary produces the companion C header. Include two runnable examples: - `examples/in-process` — Alice/Bob exchange using in-process delivery - `examples/c-ffi` — same exchange written entirely in C; smoketested under valgrind (to catch memory leaks) in CI iterates: #71
2026-04-08 23:15:48 +02:00
DeMLS Integration (#134) * Add WakeupService * Move Id to trait * Add GroupV2 * Add convo cache * Add TestHarness * Instrument call paths * Downgrade Ciphersuite * Update imports * cleanups * Add Wakeups to Client * fix: protoc dependency for ci * fix: nix hash * Remove save_conversation for v2 * PR comments
2026-06-15 13:15:18 -07:00
type ClientCore<T, R> = Core<(TestLogosAccount, T, R, ThreadedWakeupService, ChatStorage)>;
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
/// The transport as the client sees it: a [`DeliveryService`] for outbound
/// publishing plus the inbound payload stream the worker drains. One object owns
/// both directions of the boundary.
pub trait Transport: DeliveryService + Send + 'static {
/// Hand over the inbound payload stream. Called once, at client construction,
/// before the [`Core`] takes ownership of the service.
fn inbound(&mut self) -> Receiver<Vec<u8>>;
}
/// High-level chat client.
///
/// Owns the synchronous [`Core`] behind an `Arc<Mutex<…>>` and a background
/// worker that consumes inbound payloads off the transport's channel, drives
/// the core, and forwards observations as [`Event`]s. Construction returns the
/// handle together with the `Receiver<Event>` the application drains on its own
/// schedule.
///
/// Outbound calls (`send_message`, `create_conversation`, …) run on the
/// caller's thread: they briefly lock the core, invoke it, and return — no
/// message-passing round-trip. The `Arc`/`Mutex`/threads live entirely here;
/// the core never mentions threads.
pub struct ChatClient<T: DeliveryService, R: RegistrationService = EphemeralRegistry> {
/// `parking_lot::Mutex` for its eventual fairness: an inbound burst can't
/// starve caller operations of the lock.
core: Arc<Mutex<ClientCore<T, R>>>,
/// Dropped on `Drop` to wake the worker's `select!` and shut it down.
shutdown: Option<Sender<()>>,
worker: Option<JoinHandle<()>>,
Flatten Repos (#70) * move to “crates” style folder * Update workspace * clear crate names * Rename crate folders based on feedback * Use workspace dependencies instead of paths * Move updated files from core
2026-03-24 18:21:00 -07:00
}
feat: http server based key package registry (#124) * feat: http server based key package registry * chore: instructions on running the registration service * chore: remove duplicate post param * chore: revert out sourced account id for multi devices support * feat: signature on account id and key packages * chore: include http registry in contact registry module * refactor: use device id for retrieve key package * chore: use string for device id * feat: server verification on the register * chore: doc the smoke test * chore: fix data folder non exist * chore: use payload for register and retrieve * chore: fix clippy
2026-06-04 10:09:29 +08:00
// ── Default-registry constructors ────────────────────────────────────────────
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
impl<T: Transport> ChatClient<T, EphemeralRegistry> {
feat: implement Client crate and C FFI bindings (#73) Implement a `client` crate that wraps the `libchat` context behind a simple `ChatClient<D>` API. The delivery strategy is pluggable via a `DeliveryService` trait, with two implementations provided: - `InProcessDelivery` — shared `MessageBus` for single-process tests - `CDelivery` — C function-pointer callback for the FFI layer Add a `client-ffi` crate that exposes the client as a C API via `safer-ffi`. A `generate-headers` binary produces the companion C header. Include two runnable examples: - `examples/in-process` — Alice/Bob exchange using in-process delivery - `examples/c-ffi` — same exchange written entirely in C; smoketested under valgrind (to catch memory leaks) in CI iterates: #71
2026-04-08 23:15:48 +02:00
/// Create an in-memory, ephemeral client. Identity is lost on drop.
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
pub fn new(name: impl Into<String>, mut transport: T) -> (Self, Receiver<Event>) {
let inbound = transport.inbound();
Update Context to accept External Identity Provider. (#127) * rename .account_id() to .id() * Create logos-traits crate * Remove AccountId references * external IdentityProvider for Context * Fix compile errors from merge * Update logos-traits to shared-traits * format fixes * warnings cleanup * clippy fix * Remove rebase artifact
2026-06-10 06:59:04 -07:00
let ident = TestLogosAccount::new(name);
DeMLS Integration (#134) * Add WakeupService * Move Id to trait * Add GroupV2 * Add convo cache * Add TestHarness * Instrument call paths * Downgrade Ciphersuite * Update imports * cleanups * Add Wakeups to Client * fix: protoc dependency for ci * fix: nix hash * Remove save_conversation for v2 * PR comments
2026-06-15 13:15:18 -07:00
let (wakeup_tx, wakeup_rx) = crossbeam_channel::unbounded();
let wakeup_service = ThreadedWakeupService::new(wakeup_tx);
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
let core = Core::new_with_name(
ident,
transport,
EphemeralRegistry::new(),
DeMLS Integration (#134) * Add WakeupService * Move Id to trait * Add GroupV2 * Add convo cache * Add TestHarness * Instrument call paths * Downgrade Ciphersuite * Update imports * cleanups * Add Wakeups to Client * fix: protoc dependency for ci * fix: nix hash * Remove save_conversation for v2 * PR comments
2026-06-15 13:15:18 -07:00
wakeup_service,
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
ChatStorage::in_memory(),
)
.unwrap();
DeMLS Integration (#134) * Add WakeupService * Move Id to trait * Add GroupV2 * Add convo cache * Add TestHarness * Instrument call paths * Downgrade Ciphersuite * Update imports * cleanups * Add Wakeups to Client * fix: protoc dependency for ci * fix: nix hash * Remove save_conversation for v2 * PR comments
2026-06-15 13:15:18 -07:00
Self::spawn(core, inbound, wakeup_rx)
Flatten Repos (#70) * move to “crates” style folder * Update workspace * clear crate names * Rename crate folders based on feedback * Use workspace dependencies instead of paths * Move updated files from core
2026-03-24 18:21:00 -07:00
}
feat: implement Client crate and C FFI bindings (#73) Implement a `client` crate that wraps the `libchat` context behind a simple `ChatClient<D>` API. The delivery strategy is pluggable via a `DeliveryService` trait, with two implementations provided: - `InProcessDelivery` — shared `MessageBus` for single-process tests - `CDelivery` — C function-pointer callback for the FFI layer Add a `client-ffi` crate that exposes the client as a C API via `safer-ffi`. A `generate-headers` binary produces the companion C header. Include two runnable examples: - `examples/in-process` — Alice/Bob exchange using in-process delivery - `examples/c-ffi` — same exchange written entirely in C; smoketested under valgrind (to catch memory leaks) in CI iterates: #71
2026-04-08 23:15:48 +02:00
/// Open or create a persistent client backed by `StorageConfig`.
///
/// If an identity already exists in storage it is loaded; otherwise a new
/// one is created and saved.
pub fn open(
name: impl Into<String>,
config: StorageConfig,
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
mut transport: T,
) -> Result<(Self, Receiver<Event>), ClientError> {
feat: implement Client crate and C FFI bindings (#73) Implement a `client` crate that wraps the `libchat` context behind a simple `ChatClient<D>` API. The delivery strategy is pluggable via a `DeliveryService` trait, with two implementations provided: - `InProcessDelivery` — shared `MessageBus` for single-process tests - `CDelivery` — C function-pointer callback for the FFI layer Add a `client-ffi` crate that exposes the client as a C API via `safer-ffi`. A `generate-headers` binary produces the companion C header. Include two runnable examples: - `examples/in-process` — Alice/Bob exchange using in-process delivery - `examples/c-ffi` — same exchange written entirely in C; smoketested under valgrind (to catch memory leaks) in CI iterates: #71
2026-04-08 23:15:48 +02:00
let store = ChatStorage::new(config).map_err(ChatError::from)?;
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
let inbound = transport.inbound();
Update Context to accept External Identity Provider. (#127) * rename .account_id() to .id() * Create logos-traits crate * Remove AccountId references * external IdentityProvider for Context * Fix compile errors from merge * Update logos-traits to shared-traits * format fixes * warnings cleanup * clippy fix * Remove rebase artifact
2026-06-10 06:59:04 -07:00
let ident = TestLogosAccount::new(name);
DeMLS Integration (#134) * Add WakeupService * Move Id to trait * Add GroupV2 * Add convo cache * Add TestHarness * Instrument call paths * Downgrade Ciphersuite * Update imports * cleanups * Add Wakeups to Client * fix: protoc dependency for ci * fix: nix hash * Remove save_conversation for v2 * PR comments
2026-06-15 13:15:18 -07:00
let (wakeup_tx, wakeup_rx) = crossbeam_channel::unbounded();
let wakeup_service = ThreadedWakeupService::new(wakeup_tx);
let core = Core::new_from_store(
ident,
transport,
EphemeralRegistry::new(),
wakeup_service,
store,
)?;
Ok(Self::spawn(core, inbound, wakeup_rx))
feat: implement Client crate and C FFI bindings (#73) Implement a `client` crate that wraps the `libchat` context behind a simple `ChatClient<D>` API. The delivery strategy is pluggable via a `DeliveryService` trait, with two implementations provided: - `InProcessDelivery` — shared `MessageBus` for single-process tests - `CDelivery` — C function-pointer callback for the FFI layer Add a `client-ffi` crate that exposes the client as a C API via `safer-ffi`. A `generate-headers` binary produces the companion C header. Include two runnable examples: - `examples/in-process` — Alice/Bob exchange using in-process delivery - `examples/c-ffi` — same exchange written entirely in C; smoketested under valgrind (to catch memory leaks) in CI iterates: #71
2026-04-08 23:15:48 +02:00
}
feat: http server based key package registry (#124) * feat: http server based key package registry * chore: instructions on running the registration service * chore: remove duplicate post param * chore: revert out sourced account id for multi devices support * feat: signature on account id and key packages * chore: include http registry in contact registry module * refactor: use device id for retrieve key package * chore: use string for device id * feat: server verification on the register * chore: doc the smoke test * chore: fix data folder non exist * chore: use payload for register and retrieve * chore: fix clippy
2026-06-04 10:09:29 +08:00
}
// ── Caller-supplied registry + shared methods ────────────────────────────────
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
impl<T, R> ChatClient<T, R>
feat: http server based key package registry (#124) * feat: http server based key package registry * chore: instructions on running the registration service * chore: remove duplicate post param * chore: revert out sourced account id for multi devices support * feat: signature on account id and key packages * chore: include http registry in contact registry module * refactor: use device id for retrieve key package * chore: use string for device id * feat: server verification on the register * chore: doc the smoke test * chore: fix data folder non exist * chore: use payload for register and retrieve * chore: fix clippy
2026-06-04 10:09:29 +08:00
where
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
T: DeliveryService + Send + 'static,
R: RegistrationService + Send + 'static,
feat: http server based key package registry (#124) * feat: http server based key package registry * chore: instructions on running the registration service * chore: remove duplicate post param * chore: revert out sourced account id for multi devices support * feat: signature on account id and key packages * chore: include http registry in contact registry module * refactor: use device id for retrieve key package * chore: use string for device id * feat: server verification on the register * chore: doc the smoke test * chore: fix data folder non exist * chore: use payload for register and retrieve * chore: fix clippy
2026-06-04 10:09:29 +08:00
{
/// Open or create a persistent client with a caller-supplied registration
/// service. Use this to swap in a network-backed registry (e.g. the
/// testnet KeyPackage Registry) in place of the default in-memory store.
///
/// Submits this account's KeyPackage to the registry as the last step of
/// construction. The default in-memory `open` path skips this call, but
/// when a real registry is wired in we want each session to publish so
/// other clients can fetch it.
pub fn open_with_registry(
name: impl Into<String>,
config: StorageConfig,
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
mut transport: T,
feat: http server based key package registry (#124) * feat: http server based key package registry * chore: instructions on running the registration service * chore: remove duplicate post param * chore: revert out sourced account id for multi devices support * feat: signature on account id and key packages * chore: include http registry in contact registry module * refactor: use device id for retrieve key package * chore: use string for device id * feat: server verification on the register * chore: doc the smoke test * chore: fix data folder non exist * chore: use payload for register and retrieve * chore: fix clippy
2026-06-04 10:09:29 +08:00
registry: R,
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
) -> Result<(Self, Receiver<Event>), ClientError>
where
T: Transport,
{
feat: http server based key package registry (#124) * feat: http server based key package registry * chore: instructions on running the registration service * chore: remove duplicate post param * chore: revert out sourced account id for multi devices support * feat: signature on account id and key packages * chore: include http registry in contact registry module * refactor: use device id for retrieve key package * chore: use string for device id * feat: server verification on the register * chore: doc the smoke test * chore: fix data folder non exist * chore: use payload for register and retrieve * chore: fix clippy
2026-06-04 10:09:29 +08:00
let store = ChatStorage::new(config).map_err(ChatError::from)?;
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
let inbound = transport.inbound();
Update Context to accept External Identity Provider. (#127) * rename .account_id() to .id() * Create logos-traits crate * Remove AccountId references * external IdentityProvider for Context * Fix compile errors from merge * Update logos-traits to shared-traits * format fixes * warnings cleanup * clippy fix * Remove rebase artifact
2026-06-10 06:59:04 -07:00
let ident = TestLogosAccount::new(name);
DeMLS Integration (#134) * Add WakeupService * Move Id to trait * Add GroupV2 * Add convo cache * Add TestHarness * Instrument call paths * Downgrade Ciphersuite * Update imports * cleanups * Add Wakeups to Client * fix: protoc dependency for ci * fix: nix hash * Remove save_conversation for v2 * PR comments
2026-06-15 13:15:18 -07:00
let (wakeup_tx, wakeup_rx) = crossbeam_channel::unbounded();
let wakeup_service = ThreadedWakeupService::new(wakeup_tx);
let mut core = Core::new_from_store(ident, transport, registry, wakeup_service, store)?;
refactor(core): replace Rc-based Context with a synchronous, Send-able Core (#123) Make the conversations core Send so the threaded client can own it behind an Arc<Mutex<Core>>: a background worker polls the transport and handles inbound payloads while the application thread issues outbound calls (send, create conversation). Sharing the core across those two threads means moving it into the spawned worker, which is only legal if it is Send. Access stays serialized by the client's Mutex (one thread at a time), so the core needs Send but not Sync and carries no lock of its own. See docs/adr/0001-client-event-system.md for the background-poller design. The Rc<RefCell> service-sharing is what made the core !Send. Context is de-Rc'd and renamed to Core, owning its services outright and driving the inbox and conversation primitives with plain &mut self. - Services (identity, delivery, store, registry, MLS context, causal history) are bundled into a ServiceContext<S> behind an ExternalServices trait, with S = (DS, RS, CS). Constructors live on the (DS, RS, CS) form because S cannot be inferred backwards through S::DS. - Inbox, InboxV2, PrivateV1Convo, and GroupV1Convo become non-generic and receive the ServiceContext bundle as a &mut/& parameter; no Rc or RefCell-as-shared-state remains, so Core is Send whenever its injected services are. - Dispatch branches on ConversationKind in one place: Core rebuilds the target as a Convo<S>/GroupConvo<S> trait object bound to the service bundle, so conversations never escape the orchestrator. - CausalHistoryStore drops its Rc, keeping a plain RefCell.
2026-06-08 21:55:33 +02:00
core.register_keypackage()?;
DeMLS Integration (#134) * Add WakeupService * Move Id to trait * Add GroupV2 * Add convo cache * Add TestHarness * Instrument call paths * Downgrade Ciphersuite * Update imports * cleanups * Add Wakeups to Client * fix: protoc dependency for ci * fix: nix hash * Remove save_conversation for v2 * PR comments
2026-06-15 13:15:18 -07:00
Ok(Self::spawn(core, inbound, wakeup_rx))
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
}
DeMLS Integration (#134) * Add WakeupService * Move Id to trait * Add GroupV2 * Add convo cache * Add TestHarness * Instrument call paths * Downgrade Ciphersuite * Update imports * cleanups * Add Wakeups to Client * fix: protoc dependency for ci * fix: nix hash * Remove save_conversation for v2 * PR comments
2026-06-15 13:15:18 -07:00
fn spawn(
core: ClientCore<T, R>,
inbound: Receiver<Vec<u8>>,
wakeup_events: Receiver<WakeupEvent>,
) -> (Self, Receiver<Event>) {
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
let core = Arc::new(Mutex::new(core));
let (event_tx, event_rx) = crossbeam_channel::unbounded();
let (shutdown_tx, shutdown_rx) = crossbeam_channel::bounded::<()>(0);
let worker = thread::spawn({
let core = Arc::clone(&core);
DeMLS Integration (#134) * Add WakeupService * Move Id to trait * Add GroupV2 * Add convo cache * Add TestHarness * Instrument call paths * Downgrade Ciphersuite * Update imports * cleanups * Add Wakeups to Client * fix: protoc dependency for ci * fix: nix hash * Remove save_conversation for v2 * PR comments
2026-06-15 13:15:18 -07:00
move || worker_loop(core, inbound, wakeup_events, shutdown_rx, event_tx)
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
});
(
Self {
core,
shutdown: Some(shutdown_tx),
worker: Some(worker),
},
event_rx,
)
feat: http server based key package registry (#124) * feat: http server based key package registry * chore: instructions on running the registration service * chore: remove duplicate post param * chore: revert out sourced account id for multi devices support * feat: signature on account id and key packages * chore: include http registry in contact registry module * refactor: use device id for retrieve key package * chore: use string for device id * feat: server verification on the register * chore: doc the smoke test * chore: fix data folder non exist * chore: use payload for register and retrieve * chore: fix clippy
2026-06-04 10:09:29 +08:00
}
feat: implement Client crate and C FFI bindings (#73) Implement a `client` crate that wraps the `libchat` context behind a simple `ChatClient<D>` API. The delivery strategy is pluggable via a `DeliveryService` trait, with two implementations provided: - `InProcessDelivery` — shared `MessageBus` for single-process tests - `CDelivery` — C function-pointer callback for the FFI layer Add a `client-ffi` crate that exposes the client as a C API via `safer-ffi`. A `generate-headers` binary produces the companion C header. Include two runnable examples: - `examples/in-process` — Alice/Bob exchange using in-process delivery - `examples/c-ffi` — same exchange written entirely in C; smoketested under valgrind (to catch memory leaks) in CI iterates: #71
2026-04-08 23:15:48 +02:00
/// Returns the installation name (identity label) of this client.
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
pub fn installation_name(&self) -> String {
self.core.lock().installation_name().to_string()
feat: implement Client crate and C FFI bindings (#73) Implement a `client` crate that wraps the `libchat` context behind a simple `ChatClient<D>` API. The delivery strategy is pluggable via a `DeliveryService` trait, with two implementations provided: - `InProcessDelivery` — shared `MessageBus` for single-process tests - `CDelivery` — C function-pointer callback for the FFI layer Add a `client-ffi` crate that exposes the client as a C API via `safer-ffi`. A `generate-headers` binary produces the companion C header. Include two runnable examples: - `examples/in-process` — Alice/Bob exchange using in-process delivery - `examples/c-ffi` — same exchange written entirely in C; smoketested under valgrind (to catch memory leaks) in CI iterates: #71
2026-04-08 23:15:48 +02:00
}
/// Produce a serialised introduction bundle for sharing out-of-band.
refactor(core): replace Rc-based Context with a synchronous, Send-able Core (#123) Make the conversations core Send so the threaded client can own it behind an Arc<Mutex<Core>>: a background worker polls the transport and handles inbound payloads while the application thread issues outbound calls (send, create conversation). Sharing the core across those two threads means moving it into the spawned worker, which is only legal if it is Send. Access stays serialized by the client's Mutex (one thread at a time), so the core needs Send but not Sync and carries no lock of its own. See docs/adr/0001-client-event-system.md for the background-poller design. The Rc<RefCell> service-sharing is what made the core !Send. Context is de-Rc'd and renamed to Core, owning its services outright and driving the inbox and conversation primitives with plain &mut self. - Services (identity, delivery, store, registry, MLS context, causal history) are bundled into a ServiceContext<S> behind an ExternalServices trait, with S = (DS, RS, CS). Constructors live on the (DS, RS, CS) form because S cannot be inferred backwards through S::DS. - Inbox, InboxV2, PrivateV1Convo, and GroupV1Convo become non-generic and receive the ServiceContext bundle as a &mut/& parameter; no Rc or RefCell-as-shared-state remains, so Core is Send whenever its injected services are. - Dispatch branches on ConversationKind in one place: Core rebuilds the target as a Convo<S>/GroupConvo<S> trait object bound to the service bundle, so conversations never escape the orchestrator. - CausalHistoryStore drops its Rc, keeping a plain RefCell.
2026-06-08 21:55:33 +02:00
pub fn create_intro_bundle(&mut self) -> Result<Vec<u8>, ClientError> {
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
self.core.lock().create_intro_bundle().map_err(Into::into)
feat: implement Client crate and C FFI bindings (#73) Implement a `client` crate that wraps the `libchat` context behind a simple `ChatClient<D>` API. The delivery strategy is pluggable via a `DeliveryService` trait, with two implementations provided: - `InProcessDelivery` — shared `MessageBus` for single-process tests - `CDelivery` — C function-pointer callback for the FFI layer Add a `client-ffi` crate that exposes the client as a C API via `safer-ffi`. A `generate-headers` binary produces the companion C header. Include two runnable examples: - `examples/in-process` — Alice/Bob exchange using in-process delivery - `examples/c-ffi` — same exchange written entirely in C; smoketested under valgrind (to catch memory leaks) in CI iterates: #71
2026-04-08 23:15:48 +02:00
}
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
/// Parse intro bundle bytes and initiate a private conversation. Outbound
/// envelopes are published by the core. Returns this side's conversation ID.
feat: implement Client crate and C FFI bindings (#73) Implement a `client` crate that wraps the `libchat` context behind a simple `ChatClient<D>` API. The delivery strategy is pluggable via a `DeliveryService` trait, with two implementations provided: - `InProcessDelivery` — shared `MessageBus` for single-process tests - `CDelivery` — C function-pointer callback for the FFI layer Add a `client-ffi` crate that exposes the client as a C API via `safer-ffi`. A `generate-headers` binary produces the companion C header. Include two runnable examples: - `examples/in-process` — Alice/Bob exchange using in-process delivery - `examples/c-ffi` — same exchange written entirely in C; smoketested under valgrind (to catch memory leaks) in CI iterates: #71
2026-04-08 23:15:48 +02:00
pub fn create_conversation(
&mut self,
intro_bundle: &[u8],
initial_content: &[u8],
refactor(core): replace Rc-based Context with a synchronous, Send-able Core (#123) Make the conversations core Send so the threaded client can own it behind an Arc<Mutex<Core>>: a background worker polls the transport and handles inbound payloads while the application thread issues outbound calls (send, create conversation). Sharing the core across those two threads means moving it into the spawned worker, which is only legal if it is Send. Access stays serialized by the client's Mutex (one thread at a time), so the core needs Send but not Sync and carries no lock of its own. See docs/adr/0001-client-event-system.md for the background-poller design. The Rc<RefCell> service-sharing is what made the core !Send. Context is de-Rc'd and renamed to Core, owning its services outright and driving the inbox and conversation primitives with plain &mut self. - Services (identity, delivery, store, registry, MLS context, causal history) are bundled into a ServiceContext<S> behind an ExternalServices trait, with S = (DS, RS, CS). Constructors live on the (DS, RS, CS) form because S cannot be inferred backwards through S::DS. - Inbox, InboxV2, PrivateV1Convo, and GroupV1Convo become non-generic and receive the ServiceContext bundle as a &mut/& parameter; no Rc or RefCell-as-shared-state remains, so Core is Send whenever its injected services are. - Dispatch branches on ConversationKind in one place: Core rebuilds the target as a Convo<S>/GroupConvo<S> trait object bound to the service bundle, so conversations never escape the orchestrator. - CausalHistoryStore drops its Rc, keeping a plain RefCell.
2026-06-08 21:55:33 +02:00
) -> Result<ConversationId, ClientError> {
feat: implement Client crate and C FFI bindings (#73) Implement a `client` crate that wraps the `libchat` context behind a simple `ChatClient<D>` API. The delivery strategy is pluggable via a `DeliveryService` trait, with two implementations provided: - `InProcessDelivery` — shared `MessageBus` for single-process tests - `CDelivery` — C function-pointer callback for the FFI layer Add a `client-ffi` crate that exposes the client as a C API via `safer-ffi`. A `generate-headers` binary produces the companion C header. Include two runnable examples: - `examples/in-process` — Alice/Bob exchange using in-process delivery - `examples/c-ffi` — same exchange written entirely in C; smoketested under valgrind (to catch memory leaks) in CI iterates: #71
2026-04-08 23:15:48 +02:00
let intro = Introduction::try_from(intro_bundle)?;
refactor(core): replace Rc-based Context with a synchronous, Send-able Core (#123) Make the conversations core Send so the threaded client can own it behind an Arc<Mutex<Core>>: a background worker polls the transport and handles inbound payloads while the application thread issues outbound calls (send, create conversation). Sharing the core across those two threads means moving it into the spawned worker, which is only legal if it is Send. Access stays serialized by the client's Mutex (one thread at a time), so the core needs Send but not Sync and carries no lock of its own. See docs/adr/0001-client-event-system.md for the background-poller design. The Rc<RefCell> service-sharing is what made the core !Send. Context is de-Rc'd and renamed to Core, owning its services outright and driving the inbox and conversation primitives with plain &mut self. - Services (identity, delivery, store, registry, MLS context, causal history) are bundled into a ServiceContext<S> behind an ExternalServices trait, with S = (DS, RS, CS). Constructors live on the (DS, RS, CS) form because S cannot be inferred backwards through S::DS. - Inbox, InboxV2, PrivateV1Convo, and GroupV1Convo become non-generic and receive the ServiceContext bundle as a &mut/& parameter; no Rc or RefCell-as-shared-state remains, so Core is Send whenever its injected services are. - Dispatch branches on ConversationKind in one place: Core rebuilds the target as a Convo<S>/GroupConvo<S> trait object bound to the service bundle, so conversations never escape the orchestrator. - CausalHistoryStore drops its Rc, keeping a plain RefCell.
2026-06-08 21:55:33 +02:00
self.core
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
.lock()
Add 1:1 Chats using Groups (#139) * Add Identified Trait for convo * Add PrivateV2Convo * Rename to DirectV1 * Rename ConvoTypeOwned variant * Update DirectV1 to support multiple members * Apply suggestion from @kaichaosun Co-authored-by: kaichao <kaichaosuna@gmail.com> --------- Co-authored-by: kaichao <kaichaosuna@gmail.com>
2026-06-19 12:01:17 -07:00
.create_private_convo_v1(&intro, initial_content)
refactor(core): replace Rc-based Context with a synchronous, Send-able Core (#123) Make the conversations core Send so the threaded client can own it behind an Arc<Mutex<Core>>: a background worker polls the transport and handles inbound payloads while the application thread issues outbound calls (send, create conversation). Sharing the core across those two threads means moving it into the spawned worker, which is only legal if it is Send. Access stays serialized by the client's Mutex (one thread at a time), so the core needs Send but not Sync and carries no lock of its own. See docs/adr/0001-client-event-system.md for the background-poller design. The Rc<RefCell> service-sharing is what made the core !Send. Context is de-Rc'd and renamed to Core, owning its services outright and driving the inbox and conversation primitives with plain &mut self. - Services (identity, delivery, store, registry, MLS context, causal history) are bundled into a ServiceContext<S> behind an ExternalServices trait, with S = (DS, RS, CS). Constructors live on the (DS, RS, CS) form because S cannot be inferred backwards through S::DS. - Inbox, InboxV2, PrivateV1Convo, and GroupV1Convo become non-generic and receive the ServiceContext bundle as a &mut/& parameter; no Rc or RefCell-as-shared-state remains, so Core is Send whenever its injected services are. - Dispatch branches on ConversationKind in one place: Core rebuilds the target as a Convo<S>/GroupConvo<S> trait object bound to the service bundle, so conversations never escape the orchestrator. - CausalHistoryStore drops its Rc, keeping a plain RefCell.
2026-06-08 21:55:33 +02:00
.map_err(Into::into)
feat: implement Client crate and C FFI bindings (#73) Implement a `client` crate that wraps the `libchat` context behind a simple `ChatClient<D>` API. The delivery strategy is pluggable via a `DeliveryService` trait, with two implementations provided: - `InProcessDelivery` — shared `MessageBus` for single-process tests - `CDelivery` — C function-pointer callback for the FFI layer Add a `client-ffi` crate that exposes the client as a C API via `safer-ffi`. A `generate-headers` binary produces the companion C header. Include two runnable examples: - `examples/in-process` — Alice/Bob exchange using in-process delivery - `examples/c-ffi` — same exchange written entirely in C; smoketested under valgrind (to catch memory leaks) in CI iterates: #71
2026-04-08 23:15:48 +02:00
}
/// List all conversation IDs known to this client.
refactor(core): replace Rc-based Context with a synchronous, Send-able Core (#123) Make the conversations core Send so the threaded client can own it behind an Arc<Mutex<Core>>: a background worker polls the transport and handles inbound payloads while the application thread issues outbound calls (send, create conversation). Sharing the core across those two threads means moving it into the spawned worker, which is only legal if it is Send. Access stays serialized by the client's Mutex (one thread at a time), so the core needs Send but not Sync and carries no lock of its own. See docs/adr/0001-client-event-system.md for the background-poller design. The Rc<RefCell> service-sharing is what made the core !Send. Context is de-Rc'd and renamed to Core, owning its services outright and driving the inbox and conversation primitives with plain &mut self. - Services (identity, delivery, store, registry, MLS context, causal history) are bundled into a ServiceContext<S> behind an ExternalServices trait, with S = (DS, RS, CS). Constructors live on the (DS, RS, CS) form because S cannot be inferred backwards through S::DS. - Inbox, InboxV2, PrivateV1Convo, and GroupV1Convo become non-generic and receive the ServiceContext bundle as a &mut/& parameter; no Rc or RefCell-as-shared-state remains, so Core is Send whenever its injected services are. - Dispatch branches on ConversationKind in one place: Core rebuilds the target as a Convo<S>/GroupConvo<S> trait object bound to the service bundle, so conversations never escape the orchestrator. - CausalHistoryStore drops its Rc, keeping a plain RefCell.
2026-06-08 21:55:33 +02:00
pub fn list_conversations(&self) -> Result<Vec<ConversationId>, ClientError> {
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
self.core.lock().list_conversations().map_err(Into::into)
feat: implement Client crate and C FFI bindings (#73) Implement a `client` crate that wraps the `libchat` context behind a simple `ChatClient<D>` API. The delivery strategy is pluggable via a `DeliveryService` trait, with two implementations provided: - `InProcessDelivery` — shared `MessageBus` for single-process tests - `CDelivery` — C function-pointer callback for the FFI layer Add a `client-ffi` crate that exposes the client as a C API via `safer-ffi`. A `generate-headers` binary produces the companion C header. Include two runnable examples: - `examples/in-process` — Alice/Bob exchange using in-process delivery - `examples/c-ffi` — same exchange written entirely in C; smoketested under valgrind (to catch memory leaks) in CI iterates: #71
2026-04-08 23:15:48 +02:00
}
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
/// Encrypt and send `content` to an existing conversation. The core
/// publishes the outbound envelope.
refactor(core): replace Rc-based Context with a synchronous, Send-able Core (#123) Make the conversations core Send so the threaded client can own it behind an Arc<Mutex<Core>>: a background worker polls the transport and handles inbound payloads while the application thread issues outbound calls (send, create conversation). Sharing the core across those two threads means moving it into the spawned worker, which is only legal if it is Send. Access stays serialized by the client's Mutex (one thread at a time), so the core needs Send but not Sync and carries no lock of its own. See docs/adr/0001-client-event-system.md for the background-poller design. The Rc<RefCell> service-sharing is what made the core !Send. Context is de-Rc'd and renamed to Core, owning its services outright and driving the inbox and conversation primitives with plain &mut self. - Services (identity, delivery, store, registry, MLS context, causal history) are bundled into a ServiceContext<S> behind an ExternalServices trait, with S = (DS, RS, CS). Constructors live on the (DS, RS, CS) form because S cannot be inferred backwards through S::DS. - Inbox, InboxV2, PrivateV1Convo, and GroupV1Convo become non-generic and receive the ServiceContext bundle as a &mut/& parameter; no Rc or RefCell-as-shared-state remains, so Core is Send whenever its injected services are. - Dispatch branches on ConversationKind in one place: Core rebuilds the target as a Convo<S>/GroupConvo<S> trait object bound to the service bundle, so conversations never escape the orchestrator. - CausalHistoryStore drops its Rc, keeping a plain RefCell.
2026-06-08 21:55:33 +02:00
pub fn send_message(&mut self, convo_id: &str, content: &[u8]) -> Result<(), ClientError> {
self.core
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
.lock()
refactor(core): replace Rc-based Context with a synchronous, Send-able Core (#123) Make the conversations core Send so the threaded client can own it behind an Arc<Mutex<Core>>: a background worker polls the transport and handles inbound payloads while the application thread issues outbound calls (send, create conversation). Sharing the core across those two threads means moving it into the spawned worker, which is only legal if it is Send. Access stays serialized by the client's Mutex (one thread at a time), so the core needs Send but not Sync and carries no lock of its own. See docs/adr/0001-client-event-system.md for the background-poller design. The Rc<RefCell> service-sharing is what made the core !Send. Context is de-Rc'd and renamed to Core, owning its services outright and driving the inbox and conversation primitives with plain &mut self. - Services (identity, delivery, store, registry, MLS context, causal history) are bundled into a ServiceContext<S> behind an ExternalServices trait, with S = (DS, RS, CS). Constructors live on the (DS, RS, CS) form because S cannot be inferred backwards through S::DS. - Inbox, InboxV2, PrivateV1Convo, and GroupV1Convo become non-generic and receive the ServiceContext bundle as a &mut/& parameter; no Rc or RefCell-as-shared-state remains, so Core is Send whenever its injected services are. - Dispatch branches on ConversationKind in one place: Core rebuilds the target as a Convo<S>/GroupConvo<S> trait object bound to the service bundle, so conversations never escape the orchestrator. - CausalHistoryStore drops its Rc, keeping a plain RefCell.
2026-06-08 21:55:33 +02:00
.send_content(convo_id, content)
.map_err(Into::into)
feat: implement Client crate and C FFI bindings (#73) Implement a `client` crate that wraps the `libchat` context behind a simple `ChatClient<D>` API. The delivery strategy is pluggable via a `DeliveryService` trait, with two implementations provided: - `InProcessDelivery` — shared `MessageBus` for single-process tests - `CDelivery` — C function-pointer callback for the FFI layer Add a `client-ffi` crate that exposes the client as a C API via `safer-ffi`. A `generate-headers` binary produces the companion C header. Include two runnable examples: - `examples/in-process` — Alice/Bob exchange using in-process delivery - `examples/c-ffi` — same exchange written entirely in C; smoketested under valgrind (to catch memory leaks) in CI iterates: #71
2026-04-08 23:15:48 +02:00
}
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
}
impl<T: DeliveryService, R: RegistrationService> Drop for ChatClient<T, R> {
fn drop(&mut self) {
// Dropping the sender disconnects the worker's shutdown channel, waking
// its `select!` so it can exit; then we join it.
self.shutdown.take();
if let Some(handle) = self.worker.take() {
let _ = handle.join();
}
}
}
feat: implement Client crate and C FFI bindings (#73) Implement a `client` crate that wraps the `libchat` context behind a simple `ChatClient<D>` API. The delivery strategy is pluggable via a `DeliveryService` trait, with two implementations provided: - `InProcessDelivery` — shared `MessageBus` for single-process tests - `CDelivery` — C function-pointer callback for the FFI layer Add a `client-ffi` crate that exposes the client as a C API via `safer-ffi`. A `generate-headers` binary produces the companion C header. Include two runnable examples: - `examples/in-process` — Alice/Bob exchange using in-process delivery - `examples/c-ffi` — same exchange written entirely in C; smoketested under valgrind (to catch memory leaks) in CI iterates: #71
2026-04-08 23:15:48 +02:00
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
/// Background loop: block until an inbound payload or shutdown arrives, drive
/// the core on each payload, and forward events. No polling — `select!` parks
/// the thread until one of the channels is ready.
fn worker_loop<T, R>(
core: Arc<Mutex<ClientCore<T, R>>>,
inbound: Receiver<Vec<u8>>,
DeMLS Integration (#134) * Add WakeupService * Move Id to trait * Add GroupV2 * Add convo cache * Add TestHarness * Instrument call paths * Downgrade Ciphersuite * Update imports * cleanups * Add Wakeups to Client * fix: protoc dependency for ci * fix: nix hash * Remove save_conversation for v2 * PR comments
2026-06-15 13:15:18 -07:00
wakeup_events: Receiver<WakeupEvent>,
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
shutdown: Receiver<()>,
event_tx: Sender<Event>,
) where
T: DeliveryService + Send + 'static,
R: RegistrationService + Send + 'static,
{
loop {
select! {
recv(inbound) -> msg => {
let Ok(bytes) = msg else {
return; // transport's sender dropped
};
let events = {
let mut core = core.lock();
match core.handle_payload(&bytes) {
Ok(outcome) => events_from_inbound(outcome),
Err(e) => {
tracing::warn!("inbound handle_payload failed: {e:?}");
vec![Event::InboundError {
message: e.to_string(),
}]
}
}
};
for event in events {
if event_tx.send(event).is_err() {
return; // application dropped the receiver
}
}
}
DeMLS Integration (#134) * Add WakeupService * Move Id to trait * Add GroupV2 * Add convo cache * Add TestHarness * Instrument call paths * Downgrade Ciphersuite * Update imports * cleanups * Add Wakeups to Client * fix: protoc dependency for ci * fix: nix hash * Remove save_conversation for v2 * PR comments
2026-06-15 13:15:18 -07:00
recv(wakeup_events) -> msg => {
let Ok(WakeupEvent { convo_id }) = msg else {
return; // wakeup service's sender dropped
};
if let Err(e) = core.lock().wakeup(&convo_id) {
tracing::warn!("wakeup failed: {e:?}");
}
}
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
recv(shutdown) -> _ => return,
}
feat: implement Client crate and C FFI bindings (#73) Implement a `client` crate that wraps the `libchat` context behind a simple `ChatClient<D>` API. The delivery strategy is pluggable via a `DeliveryService` trait, with two implementations provided: - `InProcessDelivery` — shared `MessageBus` for single-process tests - `CDelivery` — C function-pointer callback for the FFI layer Add a `client-ffi` crate that exposes the client as a C API via `safer-ffi`. A `generate-headers` binary produces the companion C header. Include two runnable examples: - `examples/in-process` — Alice/Bob exchange using in-process delivery - `examples/c-ffi` — same exchange written entirely in C; smoketested under valgrind (to catch memory leaks) in CI iterates: #71
2026-04-08 23:15:48 +02:00
}
Flatten Repos (#70) * move to “crates” style folder * Update workspace * clear crate names * Rename crate folders based on feedback * Use workspace dependencies instead of paths * Move updated files from core
2026-03-24 18:21:00 -07:00
}
feat: introduce client event system (#106) * chore(flake): accept extra system attr; add perl for openssl-sys build forAllSystems calls the lambda with {system, pkgs}; strict destructuring requires `..` to ignore the system attribute. `pkgs.perl` is needed because openssl-sys is pulled vendored via libsqlite3-sys / rusqlite / chat-sqlite, and its `perl Configure` step needs FindBin.pm, which Fedora's system perl doesn't ship. * feat: introduce client event system - Core processing yields a `PayloadOutcome` enum — `Empty`, `Convo`, or `Inbox`. `ConvoOutcome` carries a conversation id and an optional decrypted `Content`; `InboxOutcome` adds a `NewConversation` (id + `ConversationClass`) for a peer-initiated conversation. - Client translates `PayloadOutcome` into app-facing `Vec<Event>` (`ConversationStarted`, `MessageReceived`) at the boundary, so the application loop sees discrete events rather than core types. - MLS group welcomes produce a `ConversationStarted` event with no initial content, fixing the silent-group-join case where the inbox layer dropped the observation. - C FFI exposes an `EventList` opaque type with indexed accessors and an `Invalid` sentinel for out-of-bounds / non-applicable reads. - Symmetric `Inbox` / `InboxV2` handlers: both return `Result<InboxOutcome, _>` and own the persistence + ephemeral-key cleanup for the conversations they create. - Updated and simplified `docs/adr/0001-client-event-system.md`. * chore(flake): bump nixpkgs to nixos-unstable-small Temporary. The two crates.io UA fixes (NixOS/nixpkgs#512735 for fetchCargoVendor's python-requests UA, NixOS/nixpkgs#524985 for importCargoLock's curl UA) haven't propagated to nixos-unstable yet. Switch to nixos-unstable-small and force logos-delivery to follow so the smoketest gets the same fix. Revert once nixos-unstable catches up. Refs: - https://github.com/rust-lang/crates.io/issues/13482 - https://github.com/rust-lang/crates.io/issues/13783 - https://crates.io/data-access
2026-05-28 23:51:15 +02:00
feat(client): add threaded transport polling (#125) The client, not the app, now drives the transport; events are delivered asynchronously, per ADR 0001. - ChatClient owns Arc<Mutex<Core>> + a worker thread. - The worker select!s over the inbound and shutdown channels; Drop joins it. Outbound runs on the caller's thread. - A single Transport (DeliveryService + inbound()) owns both directions of the boundary, so the client takes one transport rather than a (delivery, inbound) pair. InProcessDelivery::new, CDelivery, and chat-cli's transports implement it. - FFI replaces client_receive with client_push_inbound + client_poll_events. - chat-cli drains Receiver<Event>; inbound and event channels are both crossbeam. - Corrects ADR 0001's inbound sequence to push — the worker parks on select!, it never polls.
2026-06-11 10:08:07 +02:00
/// Walk a [`PayloadOutcome`] in causal order and emit one `Event` per
feat: introduce client event system (#106) * chore(flake): accept extra system attr; add perl for openssl-sys build forAllSystems calls the lambda with {system, pkgs}; strict destructuring requires `..` to ignore the system attribute. `pkgs.perl` is needed because openssl-sys is pulled vendored via libsqlite3-sys / rusqlite / chat-sqlite, and its `perl Configure` step needs FindBin.pm, which Fedora's system perl doesn't ship. * feat: introduce client event system - Core processing yields a `PayloadOutcome` enum — `Empty`, `Convo`, or `Inbox`. `ConvoOutcome` carries a conversation id and an optional decrypted `Content`; `InboxOutcome` adds a `NewConversation` (id + `ConversationClass`) for a peer-initiated conversation. - Client translates `PayloadOutcome` into app-facing `Vec<Event>` (`ConversationStarted`, `MessageReceived`) at the boundary, so the application loop sees discrete events rather than core types. - MLS group welcomes produce a `ConversationStarted` event with no initial content, fixing the silent-group-join case where the inbox layer dropped the observation. - C FFI exposes an `EventList` opaque type with indexed accessors and an `Invalid` sentinel for out-of-bounds / non-applicable reads. - Symmetric `Inbox` / `InboxV2` handlers: both return `Result<InboxOutcome, _>` and own the persistence + ephemeral-key cleanup for the conversations they create. - Updated and simplified `docs/adr/0001-client-event-system.md`. * chore(flake): bump nixpkgs to nixos-unstable-small Temporary. The two crates.io UA fixes (NixOS/nixpkgs#512735 for fetchCargoVendor's python-requests UA, NixOS/nixpkgs#524985 for importCargoLock's curl UA) haven't propagated to nixos-unstable yet. Switch to nixos-unstable-small and force logos-delivery to follow so the smoketest gets the same fix. Revert once nixos-unstable catches up. Refs: - https://github.com/rust-lang/crates.io/issues/13482 - https://github.com/rust-lang/crates.io/issues/13783 - https://crates.io/data-access
2026-05-28 23:51:15 +02:00
/// observation. For an `Inbox` outcome, [`Event::ConversationStarted`]
/// precedes the message event. The convo id is wrapped into `Arc<str>` once
/// per outcome and shared across the events it produces.
fn events_from_inbound(result: PayloadOutcome) -> Vec<Event> {
match result {
PayloadOutcome::Empty => Vec::new(),
PayloadOutcome::Convo(co) => convo_events(co),
PayloadOutcome::Inbox(io) => inbox_events(io),
}
}
fn convo_events(outcome: ConvoOutcome) -> Vec<Event> {
let ConvoOutcome { convo_id, content } = outcome;
content
.map(|c| Event::MessageReceived {
convo_id: Arc::from(convo_id),
content: c.bytes,
})
.into_iter()
.collect()
}
fn inbox_events(outcome: InboxOutcome) -> Vec<Event> {
let InboxOutcome {
new_conversation,
initial,
} = outcome;
let id: Arc<str> = Arc::from(new_conversation.convo_id);
let mut events = Vec::with_capacity(2);
events.push(Event::ConversationStarted {
convo_id: Arc::clone(&id),
class: new_conversation.class,
});
if let Some(c) = initial.and_then(|co| co.content) {
events.push(Event::MessageReceived {
convo_id: Arc::clone(&id),
content: c.bytes,
});
}
events
}
Reference in New Issue Copy Permalink