hermes-proton

Vigo/hermes-proton

Fork 0

Commit graph

Author	SHA1	Message	Date
Templeton Face	0da56b1c7f	docs: landscape scan of 7 Proton third-party client implementations Systematic study of existing open-source Proton client projects to extract patterns, pitfalls, and reusable code for hermes-proton. Projects analyzed: - hydroxide (Go, SRP, CardDAV/IMAP/SMTP) — complete auth+session ref - rclone protondrive (Go, Drive only) — encryption patterns - roman-16/proton-cli (Go, all 5 products) — 3-tier architecture ref - bscott/pm-cli (Go, Bridge mail) — agent-friendly gold standard - StollD/proton-webdav-bridge (Go, Drive as WebDAV) — caching pattern - cdump/proton-tui (Rust, VPN) — standalone SRP auth module - rvacyber/openclaw-protonmail-skill (TS, Bridge mail) — skill pattern ref Feeds into T1 (hannibal architecture). Closes t_3c87cd08	2026-06-08 18:41:46 +02:00
Amy Allen	c332322220	docs: Proton SRP-6a auth analysis + gopenpgp crypto requirements Deep-dive analysis covering: - SRP-6a protocol flow with password hashing versions 0-4 - Session management (AccessToken, RefreshToken, UID lifecycle) - 2FA (TOTP + U2F) support - Token storage requirements with NaCl secretbox recommendation - gopenpgp crypto operations per product (Mail, Drive, Pass) - Multi-address keyring management - API endpoint reference - Implementation recommendations for auth plugin - Key risks and open questions for T1 architecture design Sources: go-proton-api, go-srp, gopenpgp v2, hydroxide, proton-python-client	2026-06-08 18:29:58 +02:00

Author

SHA1

Message

Date

Templeton Face

0da56b1c7f

docs: landscape scan of 7 Proton third-party client implementations

Systematic study of existing open-source Proton client projects
to extract patterns, pitfalls, and reusable code for hermes-proton.

Projects analyzed:
- hydroxide (Go, SRP, CardDAV/IMAP/SMTP) — complete auth+session ref
- rclone protondrive (Go, Drive only) — encryption patterns
- roman-16/proton-cli (Go, all 5 products) — 3-tier architecture ref
- bscott/pm-cli (Go, Bridge mail) — agent-friendly gold standard
- StollD/proton-webdav-bridge (Go, Drive as WebDAV) — caching pattern
- cdump/proton-tui (Rust, VPN) — standalone SRP auth module
- rvacyber/openclaw-protonmail-skill (TS, Bridge mail) — skill pattern ref

Feeds into T1 (hannibal architecture).

Closes t_3c87cd08

2026-06-08 18:41:46 +02:00

Amy Allen

c332322220

docs: Proton SRP-6a auth analysis + gopenpgp crypto requirements

Deep-dive analysis covering:
- SRP-6a protocol flow with password hashing versions 0-4
- Session management (AccessToken, RefreshToken, UID lifecycle)
- 2FA (TOTP + U2F) support
- Token storage requirements with NaCl secretbox recommendation
- gopenpgp crypto operations per product (Mail, Drive, Pass)
- Multi-address keyring management
- API endpoint reference
- Implementation recommendations for auth plugin
- Key risks and open questions for T1 architecture design

Sources: go-proton-api, go-srp, gopenpgp v2, hydroxide, proton-python-client

2026-06-08 18:29:58 +02:00

2 commits