# Chat Port Feasibility Audit (2026-05-06) Scope: - Evaluate whether SilentDragonXLite chat can be ported to the current full-node ImGui wallet. - If feasible, define a safe path with feature flagging. ## Source Audit (SilentDragonXLite) Primary chat surfaces in the reference codebase: - `external/SilentDragonXLite/src/chatmodel.h` - `external/SilentDragonXLite/src/chatmodel.cpp` - `external/SilentDragonXLite/src/Chat/Chat.h` - `external/SilentDragonXLite/src/Chat/Chat.cpp` - `external/SilentDragonXLite/src/controller.cpp` (transaction scan + memo decrypt/encrypt) - `external/SilentDragonXLite/src/Model/ChatItem.*` - `external/SilentDragonXLite/src/Model/ContactRequest*` - `external/SilentDragonXLite/src/DataStore/ChatDataStore.*` - `external/SilentDragonXLite/src/mainwindow.ui` and related Qt UI widgets. Observed characteristics: - Chat is tightly coupled to Qt widget/UI classes (`QListView`, `QStandardItemModel`, `.ui` forms). - Message transport relies on memo payload parsing/decryption embedded directly in transaction refresh/controller flow. - Contact requests, chat IDs, and message rendering are mixed with Qt view models and DataStore semantics. - Crypto flow depends on shared secret derivation and memo header conventions implemented inline in controller/chat code. ## Current Wallet Architecture Gap Current app (`src/`) is Dear ImGui + SDL3 with different state/render model: - No existing chat domain model/service in ImGui code path. - No Qt runtime/view-model infrastructure to reuse reference chat modules. - Transaction refresh path is centralized in `NetworkRefreshService` and app refresh orchestration, not Qt controller callbacks. ## Feasibility Decision Decision: **Not safe to directly port in this batch**. Reason: - A direct transplant would require substantial re-architecture, not incremental copy-over. - High risk of regressions in transaction refresh correctness, memo handling, and wallet UX stability. - Crypto/message parsing code requires dedicated security review before enabling in production. ## Estimated Effort (for a proper staged port) 1. Domain extraction (chat/contact/message models, storage interfaces): 3-5 days 2. Service integration with current refresh pipeline (`NetworkRefreshService` + app): 4-7 days 3. ImGui chat UI (list, composer, contact requests, actions): 4-6 days 4. Security hardening + memo/crypto validation tests: 3-5 days 5. End-to-end QA/regression/perf pass: 2-4 days Total estimate: **16-27 engineer-days**. ## Risk Profile - Security risk: high (memo crypto path and malformed payload handling). - Stability risk: high (transaction refresh path is core-wallet critical). - UX risk: medium (new asynchronous chat states and contact flows). ## Recommended Safe Plan 1. Add compile/runtime feature flag (`DRAGONX_ENABLE_CHAT`) default OFF. 2. Implement read-only parser + storage first (no send), fully test malformed memos. 3. Add send path behind same flag with strict size/format guards. 4. Ship disabled by default until security and regression acceptance criteria are met.