Skip to content

huddle 2.0.0 — forward-secrecy steps, recovery, and richer chat

Choose a tag to compare

View all tags
@richer-richard richer-richard released this 09 Jun 15:58
· 5 commits to main since this release
v2.0.0
This tag was signed with the committer’s verified signature.
richer-richard Richard
SSH Key Fingerprint: CtwnvzstjQiWJp3m8e2m3ne4xHDmXM5+6lLbk2DGRxM
Verified
Learn about vigilant mode.
bcf54c2

A major release adding a layer of long-wanted capabilities on top of the 1.3.x hardened base. All wire additions are backward-compatible (new variants/fields are optional — a pre-2.0 peer ignores them, old DB rows still decode); new behaviour is 2.0+-only where both ends must understand it.

Built by a waved multi-agent fleet, then put through an adversarial multi-agent bug scan that surfaced 19 real findings — all fixed before this release. Final gauntlet: clippy 0 errors, lib 200 tests, hybrid_dm 4, proptest 4, integration 8/8 (serial), app_over_server 7/7 (serial).

Security & cryptography

  • Post-quantum downgrade residual closed. A peer's ML-KEM-768 capability is bound into the SAS transcript and a new v4 signed invite, and persisted in verified_peers. Once you've verified or been invited by a peer, a malicious relay can no longer silently force the classical fallback.
  • Forward-only Megolm epoch rotation (rotate on N messages / T hours / membership change), with the rotation state now persisted across restarts — a concrete step toward forward secrecy.
  • Content-layer replay protection — a durable per-(room, sender, session, message-index) seen-set drops wire-level replays even across restart / cross-transport rebroadcast.
  • Master-passphrase change + at-rest rekey — atomic, rollback-safe PRAGMA rekey (derives the new key from the existing salt, so there's no salt-write failure window).
  • Safety-number-change alarm on TOFU drift, plus seed/phrase zeroization throughout.

Recovery

  • BIP39 seed phrase — export your identity as a 24-word checksummed mnemonic and restore it (PeerId, ML-KEM key, DM keys) on a new machine.

Reliability

  • At-least-once relay delivery — the relay keeps a queued mailbox row until the recipient ACKs durable receipt; pre-2.0 clients keep the safe delete-after-deliver path.

Product

  • FTS5 full-text search, disappearing messages (per-room TTL, truly deleted), and reactions / replies / edits / deletes (edit shows an "edited" marker; delete-for-everyone is honestly best-effort).

Engineering

  • Single-sourced workspace version, proptest + cargo-fuzz targets, a Prometheus /metrics endpoint on the relay, and a cargo-deny supply-chain gate.

See docs/ROADMAP-2.0-and-beyond.md for the sequenced heavy work this release set the foundation for (MLS groups, Double Ratchet, hybrid PQ auth, metadata blinding, multi-device, mobile).

Relay operators: redeploy huddle-server to get at-least-once delivery + /metrics (backward-compatible, no rush). Install: `cargo install huddle-gui --force` / `huddle --force` / `huddle-server --force`.

Assets 2
Loading