feat(chat): provision seed-derived identity + wire the receive sink
Complete the Phase-1 App integration for HushChat, now that the dragonx `hd-transparent-keys` daemon exposes a BIP39 mnemonic (z_exportmnemonic) that is byte-compatible with SilentDragonXLite. Both variants derive the chat identity from the wallet's OWN seed phrase, so it is portable across full-node and lite (same words -> same KDF input -> same identity) and recoverable from the single wallet backup. - App owns a dragonx::chat::ChatService; maybeProvisionChatIdentity() runs each update() tick and, once the wallet seed is reachable and unlocked, derives the identity via deriveChatIdentityFromSecret and sets it on the service. Full-node fetches z_exportmnemonic off the UI thread via the RPC worker; lite reads it synchronously through LiteWalletController::exportSeed. Secrets are wiped on every path. - Wire the previously-dead TransactionRefreshResult.hushChatMetadata sink: both the full and recent transaction-refresh completions now ChatService ::ingest the harvested memos (before the result is moved) so incoming messages are decrypted and threaded. The store dedups across both paths. - Robust provisioning gates: skip + re-arm on relock (isLocked, mirrored for both variants), don't fetch before the encryption state is known, and treat a non-mnemonic wallet (RpcError) as identity-unavailable rather than retrying every tick. rebuildLiteWallet re-arms so a server switch / re-open re-derives from the newly opened wallet. Gated by DRAGONX_ENABLE_CHAT (default OFF) via the constexpr hushChatFeatureEnabledAtBuild() gate, so the wiring folds away in shipping builds. Verified: Linux + Windows(mingw) build with chat ON, ctest 100%, hygiene clean; caches restored to the OFF default. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
15
src/app.h
15
src/app.h
@@ -23,6 +23,7 @@
|
||||
#include "util/async_task_manager.h"
|
||||
#include "util/pool_stats_service.h"
|
||||
#include "wallet/wallet_capabilities.h"
|
||||
#include "chat/chat_service.h"
|
||||
#include "ui/sidebar.h"
|
||||
#include "ui/windows/console_tab.h"
|
||||
#include "imgui.h"
|
||||
@@ -570,6 +571,20 @@ private:
|
||||
// Reason an existing lite wallet failed to auto-open (e.g. server unreachable). Surfaced in
|
||||
// the UI so a stuck "disconnected" state isn't silent; cleared once a wallet opens.
|
||||
std::string lite_open_error_;
|
||||
|
||||
// HushChat (experimental; gated by DRAGONX_ENABLE_CHAT — inert when OFF). App owns the chat
|
||||
// service so the transaction-refresh harvest can decrypt incoming memos into threaded messages.
|
||||
// The identity is derived from the wallet's OWN SDXLite-compatible seed phrase (full-node
|
||||
// z_exportmnemonic / lite exportSeed → the same KDF), so it is portable across both variants.
|
||||
chat::ChatService chat_service_;
|
||||
bool chat_identity_provisioned_ = false; // identity set on the service this session
|
||||
bool chat_identity_fetch_in_flight_ = false; // a z_exportmnemonic worker job is pending
|
||||
bool chat_identity_unavailable_ = false; // provisioning failed definitively (e.g. non-mnemonic wallet)
|
||||
// Provision the chat identity once the wallet seed is reachable+unlocked (per-tick, both
|
||||
// variants); derives via deriveChatIdentityFromSecret and wipes the secret. No-op when the
|
||||
// feature is off, already provisioned, in flight, or unavailable.
|
||||
void maybeProvisionChatIdentity();
|
||||
void provisionChatIdentityFromSecret(std::string secret);
|
||||
// Lite first-run welcome prompt: dismissed for the session once the user picks an action.
|
||||
bool lite_firstrun_dismissed_ = false;
|
||||
// Lite send-time unlock: set to show the unlock modal when a spend is attempted while locked.
|
||||
|
||||
Reference in New Issue
Block a user