aprhodite

Commit Graph

Author	SHA1	Message	Date
3nd3r	cdfbb666b9	Fix #5 : Fix broken E2E encryption for user-to-user PMs - User-to-user PMs now use a server-derived shared room key (HMAC-SHA256) instead of each user's personal PBKDF2 key (which differed per user, making cross-user decryption impossible) - Server sends room_key in pm_ready, pm_invite, and pm/history responses - crypto.js: add importKeyBase64() for importing server-provided keys - chat.js: use sharedKey for encrypt/decrypt in user-to-user PMs - Violet AI transit encryption still uses personal key (unchanged) - PM history decryption now handles errors gracefully per-message - Encodes otherUser in history URL to prevent injection	2026-04-12 12:54:09 -05:00
ComputerTech	ad510c57e1	Initial commit: SexyChat (Aphrodite) v1.0	2026-04-12 17:55:40 +01:00

Author

SHA1

Message

Date

3nd3r

cdfbb666b9

Fix #5 : Fix broken E2E encryption for user-to-user PMs

- User-to-user PMs now use a server-derived shared room key (HMAC-SHA256)
  instead of each user's personal PBKDF2 key (which differed per user,
  making cross-user decryption impossible)
- Server sends room_key in pm_ready, pm_invite, and pm/history responses
- crypto.js: add importKeyBase64() for importing server-provided keys
- chat.js: use sharedKey for encrypt/decrypt in user-to-user PMs
- Violet AI transit encryption still uses personal key (unchanged)
- PM history decryption now handles errors gracefully per-message
- Encodes otherUser in history URL to prevent injection

2026-04-12 12:54:09 -05:00

ComputerTech

ad510c57e1

Initial commit: SexyChat (Aphrodite) v1.0

2026-04-12 17:55:40 +01:00

2 Commits