From 65e0d3cb80354e04ee31935b301c0d84f01e13b1 Mon Sep 17 00:00:00 2001 From: adlee-was-taken Date: Mon, 20 Apr 2026 18:47:08 -0400 Subject: [PATCH] docs: update CLAUDE.md for the typed-item module layout Co-Authored-By: Claude Sonnet 4.6 --- CLAUDE.md | 51 ++++++++++++++++++++++++++++++++------------------- 1 file changed, 32 insertions(+), 19 deletions(-) diff --git a/CLAUDE.md b/CLAUDE.md index 171900d..eeb855a 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -7,30 +7,43 @@ relicario is a git-backed, self-hostable password manager with a Rust core. Two- ## Build and test ```bash -cargo build # build everything -cargo test # run all tests (unit + integration) -cargo test -p relicario-core # core library tests only -cargo run -- --help # CLI help -cargo run -- generate -l 32 # quick smoke test +cargo build # build everything +cargo test # run all tests (unit + integration) +cargo test -p relicario-core # core library tests only +cargo test -p relicario-cli --test basic_flows # CLI integration tests +cargo build -p relicario-wasm --target wasm32-unknown-unknown # WASM target +cargo run -p relicario-cli -- --help # CLI help +cargo run -p relicario-cli -- generate --length 32 # quick smoke test ``` ## Project structure ``` crates/ -├── relicario-core/ # Platform-agnostic library (no filesystem, no git, no network) +├── relicario-core/ # Platform-agnostic library (no filesystem, no git, no network) │ ├── src/ -│ │ ├── lib.rs # Re-exports public API -│ │ ├── error.rs # RelicarioError enum (thiserror) -│ │ ├── crypto.rs # Argon2id KDF + XChaCha20-Poly1305 encrypt/decrypt -│ │ ├── entry.rs # Entry, ManifestEntry, Manifest structs (serde) -│ │ ├── vault.rs # encrypt_entry, decrypt_entry, encrypt_manifest, decrypt_manifest -│ │ └── imgsecret.rs # DCT-based 256-bit secret embedding in JPEGs -│ └── tests/ -│ └── integration.rs # Full-workflow and two-factor independence tests -└── relicario-cli/ # CLI binary - └── src/ - └── main.rs # clap CLI: init, add, get, list, edit, rm, sync, generate, device +│ │ ├── lib.rs # Re-exports public API +│ │ ├── error.rs # RelicarioError enum (thiserror) +│ │ ├── crypto.rs # Argon2id KDF (length-prefixed, Zeroizing) + XChaCha20-Poly1305 +│ │ ├── ids.rs # ItemId, FieldId, content-addressed AttachmentId +│ │ ├── time.rs # now_unix, MonthYear +│ │ ├── item_types/ # per-type cores + ItemType/ItemCore enums +│ │ ├── item.rs # Item envelope, Field, FieldKind, FieldValue, Section +│ │ ├── attachment.rs # AttachmentRef, EncryptedAttachment, encrypt/decrypt helpers +│ │ ├── manifest.rs # Browse-without-decrypt index (schema_version 2) +│ │ ├── settings.rs # VaultSettings: retention, generator defaults, caps +│ │ ├── generators.rs # CSPRNG password + BIP39 + zxcvbn gate +│ │ ├── vault.rs # JSON ↔ AEAD wrappers for Item/Manifest/VaultSettings +│ │ └── imgsecret.rs # DCT steganography (MAX_DIMENSION cap) +│ └── tests/ # integration.rs, attachments.rs, generators.rs, format_v2.rs, field_history.rs +├── relicario-cli/ # `relicario` binary +│ ├── src/main.rs # clap surface + command handlers +│ ├── src/helpers.rs # vault_dir, git_command, iso8601 +│ ├── src/session.rs # UnlockedVault (master key in Zeroizing) +│ └── tests/ # basic_flows, edit_and_history, attachments, settings, vault_detection +└── relicario-wasm/ # WASM bindings for the extension + ├── src/lib.rs # #[wasm_bindgen] surface + └── src/session.rs # opaque SessionHandle → Zeroizing<[u8;32]> ``` ## Key design decisions @@ -49,14 +62,14 @@ passphrase (UTF-8 bytes) || image_secret (32 bytes from reference JPEG) → Argon2id(salt=vault_salt, m=64MiB, t=3, p=4) → master_key (32 bytes) → XChaCha20-Poly1305(nonce=random 24 bytes) - → encrypted entry/manifest + → encrypted Item/Manifest/VaultSettings ``` ## Conventions - Tests use fast Argon2id params (m=256, t=1, p=1) so they don't take forever. - Test JPEGs are generated synthetically via `make_test_jpeg()` — no binary test fixtures. -- Entry IDs are random 8-char hex strings. +- Item IDs are random 8-char hex strings. - Git history is preserved as an audit log — no squashing. - The CLI shells out to `git` for sync — no libgit2/gitoxide dependency.