Encryption Layer 2: Per-Queue E2E

Draft

This section is under construction.

Purpose

Layer 2 provides end-to-end encryption at the queue level, protecting message content from the SMP server.

Key Sources Per Queue Type

Contact Queue

The Contact Queue has NO separate Layer 2 encryption. Layer 3 (server-to-recipient) is sufficient because the sender uses the recipient's DH key from the invitation link.

Reply Queue

For Reply Queues, Layer 2 uses a fresh DH computation:

Sender generates an ephemeral X25519 keypair
Sender's ephemeral public key is included in the cmHeader (SPKI-encoded)
Recipient uses their rcvDhPrivate from queue creation
Shared secret computed via X25519 DH + HSalsa20

ClientMsgEnvelope Format

┌────────────────┬─────────────┬──────────────────┐
│ cmHeader       │ cmNonce(24B)│ cmEncBody        │
│ (phVer, dhKey) │             │ (encrypted)      │
└────────────────┴─────────────┴──────────────────┘

Critical Bug

Bug #17: The nonce for Layer 2 decryption is cmNonce from the envelope header, NOT msgId from the MSG delivery. This was one of the most difficult bugs to find.

Purpose​

Key Sources Per Queue Type​

Contact Queue​

Reply Queue​

ClientMsgEnvelope Format​

Purpose

Key Sources Per Queue Type

Contact Queue

Reply Queue

ClientMsgEnvelope Format