Context
When a client receives a trusted-session invitation, local trust must still be enforced. The client must decrypt the envelope, verify the issuer signature, validate the issuer as trusted, ensure the invitation targets the local client, check expiration, check replay protection, and apply local acceptance policy.
Objective
Allow a ByteSync client to receive, verify, display, accept, or reject a trusted-session invitation from a trusted client.
Expected capabilities
- Local decryption of the invitation envelope.
- Signature verification with the trusted issuer public key.
- Recipient identity validation.
- Expiration checks.
- Nonce replay protection.
- Manual acceptance UI when no auto-accept grant applies.
- Initial grant models for future auto-accept decisions.
Acceptance criteria
- A client can receive and decrypt an invitation addressed to it.
- Invitations signed by non-trusted clients are rejected.
- Expired invitations are rejected.
- Replayed invitations are rejected.
- Valid invitations can be shown to the user.
- The user can accept or reject the invitation.
- The decision is returned to the initiator.
- Grant models are ready for auto-accept work.
Out of scope
- Effective session join after acceptance.
- Automatic inventory or synchronization startup.
- Full advanced grant-management UI.
Implementation tickets
Context
When a client receives a trusted-session invitation, local trust must still be enforced. The client must decrypt the envelope, verify the issuer signature, validate the issuer as trusted, ensure the invitation targets the local client, check expiration, check replay protection, and apply local acceptance policy.
Objective
Allow a ByteSync client to receive, verify, display, accept, or reject a trusted-session invitation from a trusted client.
Expected capabilities
Acceptance criteria
Out of scope
Implementation tickets