mirror of
https://github.com/BigBodyCobain/Shadowbroker.git
synced 2026-05-01 23:35:07 +02:00
anoracleofra-code
59b1723866
Phase 1 — Transport layer fix: - Bake in default MESH_PEER_PUSH_SECRET so peer push, real-time propagation, and pull-sync all work out of the box instead of silently no-oping on an empty secret. - Pass secret through docker-compose.yml for container deployments. Phase 2 — Per-gate content keys: - Generate a cryptographically random 32-byte secret per gate on creation (and backfill existing gates on startup). - Upgrade HKDF envelope encryption to use per-gate secret as IKM so knowing a gate name alone no longer decrypts messages. - 3-tier decryption fallback (phase2 key → legacy name-only → legacy node-local) preserves backward compatibility. - Expose gate_secret via list_gates API for authorized members. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>