|
|
c332322220
|
docs: Proton SRP-6a auth analysis + gopenpgp crypto requirements
Deep-dive analysis covering:
- SRP-6a protocol flow with password hashing versions 0-4
- Session management (AccessToken, RefreshToken, UID lifecycle)
- 2FA (TOTP + U2F) support
- Token storage requirements with NaCl secretbox recommendation
- gopenpgp crypto operations per product (Mail, Drive, Pass)
- Multi-address keyring management
- API endpoint reference
- Implementation recommendations for auth plugin
- Key risks and open questions for T1 architecture design
Sources: go-proton-api, go-srp, gopenpgp v2, hydroxide, proton-python-client
|
2026-06-08 18:29:58 +02:00 |
|
|
|
da7dac8301
|
feat(vpn): Proton VPN Hermes skill — CLI wrapper tools
Builds the proton-vpn skill per ARCHITECTURE.md section 6 with 9 tools:
Tools:
- proton_vpn_connect — connect with fastest/random/country/city/P2P/Tor/SC selection
- proton_vpn_disconnect — disconnect current session
- proton_vpn_status — check connection status (parse CLI output)
- proton_vpn_servers — list servers with filters (country, features)
- proton_vpn_killswitch — enable/disable kill switch
- proton_vpn_config — view/modify DNS, NetShield, protocol
- proton_vpn_login — initiate browser OAuth login
- proton_vpn_logout — clear credentials
- proton_vpn_refresh — refresh server list and config
Implementation:
- Python subprocess wrapper around official protonvpn-cli v1.0+
- Human-readable CLI output parsed into structured JSON
- Privilege check (protonvpn group) before privileged operations
- 30-60s timeouts with graceful error handling
- dispatch() entry point for Hermes tool routing
Also includes:
- scripts/install.sh — distro-aware dependency installer
- references/commands.md — CLI quick reference
- .gitignore — exclude __pycache__, env, debug files
Deviations from ARCHITECTURE.md noted in docs:
- CLI uses 'login' (browser OAuth), not 'init'
- No --json output — parsed from tables
- Install via Proton repos, not PyPI
|
2026-06-08 18:29:53 +02:00 |
|
|
|
8fdf219337
|
architecture: Hermes-Proton multi-layer integration design
Complete ARCHITECTURE.md covering:
1. Komodo plugin spec: shared SRP-6a auth, token lifecycle, encrypted store
2. Hermes skill specs: Mail (Bridge), Pass (pass-cli), Drive (rclone), VPN (vpn-cli)
3. MCP tool server: Python stdio MCP server for non-Hermes agents
4. Auth flow: single Proton login shared across all skills
5. File layout: monorepo with plugin/skills/mcp-server/tests/
6. Environment/credential management: full env table, encrypted storage format
References: go-proton-api, pass-cli, rclone protondrive, proton-vpn-cli, hydroxide
|
2026-06-08 18:23:35 +02:00 |
|
|
|
44e75a77fa
|
Seed: hermes-proton prototype — research, architecture, and project scaffold
|
2026-06-08 18:19:01 +02:00 |
|
