nomad_protocol/core/
constants.rs

1//! Protocol constants from NOMAD specifications.
2//!
3//! These values are fixed by the protocol and MUST NOT be changed.
4
5use std::time::Duration;
6
7// =============================================================================
8// CRYPTOGRAPHIC CONSTANTS (1-SECURITY.md)
9// =============================================================================
10
11/// Poly1305 authentication tag size.
12pub const AEAD_TAG_SIZE: usize = 16;
13
14/// XChaCha20 nonce size.
15pub const AEAD_NONCE_SIZE: usize = 24;
16
17/// X25519 public key size.
18pub const PUBLIC_KEY_SIZE: usize = 32;
19
20/// X25519 private key size.
21pub const PRIVATE_KEY_SIZE: usize = 32;
22
23/// BLAKE2s hash output size.
24pub const HASH_SIZE: usize = 32;
25
26/// Session ID size (48-bit).
27pub const SESSION_ID_SIZE: usize = 6;
28
29/// Protocol version (v1.0).
30pub const PROTOCOL_VERSION: u16 = 0x0001;
31
32// =============================================================================
33// FRAME TYPES (0-PROTOCOL.md)
34// =============================================================================
35
36/// Handshake initiation (Noise_IK first message).
37pub const FRAME_TYPE_HANDSHAKE_INIT: u8 = 0x01;
38
39/// Handshake response (Noise_IK second message).
40pub const FRAME_TYPE_HANDSHAKE_RESP: u8 = 0x02;
41
42/// Data frame (encrypted sync message).
43pub const FRAME_TYPE_DATA: u8 = 0x03;
44
45/// Rekey frame.
46pub const FRAME_TYPE_REKEY: u8 = 0x04;
47
48/// Close frame (graceful termination).
49pub const FRAME_TYPE_CLOSE: u8 = 0x05;
50
51// =============================================================================
52// FRAME FLAGS (2-TRANSPORT.md)
53// =============================================================================
54
55/// Frame contains only acknowledgment, no state diff.
56pub const FLAG_ACK_ONLY: u8 = 0x01;
57
58/// Extension data follows payload.
59pub const FLAG_HAS_EXTENSION: u8 = 0x02;
60
61// =============================================================================
62// FRAME SIZES (2-TRANSPORT.md)
63// =============================================================================
64
65/// Data frame header size (type + flags + session_id + nonce).
66pub const DATA_FRAME_HEADER_SIZE: usize = 16;
67
68/// Minimum data frame size (header + empty payload + tag).
69pub const MIN_DATA_FRAME_SIZE: usize = 32;
70
71/// Minimum handshake init size.
72pub const MIN_HANDSHAKE_INIT_SIZE: usize = 100;
73
74/// Minimum handshake response size.
75pub const MIN_HANDSHAKE_RESP_SIZE: usize = 56;
76
77/// Recommended max payload for mobile networks.
78pub const RECOMMENDED_MAX_PAYLOAD: usize = 1200;
79
80// =============================================================================
81// TIMING CONSTANTS - TRANSPORT (2-TRANSPORT.md)
82// =============================================================================
83
84/// Initial retransmission timeout.
85pub const INITIAL_RTO: Duration = Duration::from_millis(1000);
86
87/// Minimum retransmission timeout.
88pub const MIN_RTO: Duration = Duration::from_millis(100);
89
90/// Maximum retransmission timeout.
91pub const MAX_RTO: Duration = Duration::from_millis(60000);
92
93/// Collection interval for batching rapid state changes.
94pub const COLLECTION_INTERVAL: Duration = Duration::from_millis(8);
95
96/// Maximum delay for ack-only frame.
97pub const DELAYED_ACK_TIMEOUT: Duration = Duration::from_millis(100);
98
99/// Maximum frame rate (Hz).
100pub const MAX_FRAME_RATE: u32 = 50;
101
102/// Minimum frame interval (ms) - will use max(SRTT/2, this).
103pub const MIN_FRAME_INTERVAL_MS: u64 = 20;
104
105/// Send keepalive if idle for this long.
106pub const KEEPALIVE_INTERVAL: Duration = Duration::from_secs(25);
107
108/// Consider connection dead after this long without frames.
109pub const DEAD_INTERVAL: Duration = Duration::from_secs(60);
110
111/// Maximum retransmission attempts before giving up.
112pub const MAX_RETRANSMITS: u32 = 10;
113
114// =============================================================================
115// TIMING CONSTANTS - SECURITY (1-SECURITY.md)
116// =============================================================================
117
118/// Initiate rekey after this time.
119pub const REKEY_AFTER_TIME: Duration = Duration::from_secs(120);
120
121/// Hard limit, reject old keys after this time.
122pub const REJECT_AFTER_TIME: Duration = Duration::from_secs(180);
123
124/// Soft limit on messages before rekey.
125pub const REKEY_AFTER_MESSAGES: u64 = 1 << 60;
126
127/// Hard limit on messages - MUST terminate session.
128pub const REJECT_AFTER_MESSAGES: u64 = u64::MAX;
129
130/// Maximum epoch value.
131pub const MAX_EPOCH: u32 = u32::MAX;
132
133/// Keep old keys for late packets during rekey.
134pub const OLD_KEY_RETENTION: Duration = Duration::from_secs(5);
135
136/// Handshake timeout (initial).
137pub const HANDSHAKE_TIMEOUT: Duration = Duration::from_millis(1000);
138
139/// Maximum handshake retries.
140pub const HANDSHAKE_MAX_RETRIES: u32 = 5;
141
142/// Handshake backoff multiplier.
143pub const HANDSHAKE_BACKOFF: u32 = 2;
144
145// =============================================================================
146// ANTI-REPLAY (1-SECURITY.md)
147// =============================================================================
148
149/// Minimum replay window size in bits.
150pub const REPLAY_WINDOW_SIZE: usize = 2048;
151
152// =============================================================================
153// SYNC MESSAGE (3-SYNC.md)
154// =============================================================================
155
156/// Sync message header size (3 x u64 + u32).
157pub const SYNC_MESSAGE_HEADER_SIZE: usize = 28;
158
159// =============================================================================
160// EXTENSIONS (4-EXTENSIONS.md)
161// =============================================================================
162
163/// Extension type: Compression (zstd).
164pub const EXT_COMPRESSION: u16 = 0x0001;
165
166/// Extension type: Scrollback (terminal-specific).
167pub const EXT_SCROLLBACK: u16 = 0x0002;
168
169/// Extension type: Prediction (terminal-specific).
170pub const EXT_PREDICTION: u16 = 0x0003;
171
172/// Minimum size to attempt compression.
173pub const MIN_COMPRESS_SIZE: usize = 64;
174
175/// Default zstd compression level.
176pub const DEFAULT_COMPRESSION_LEVEL: i32 = 3;
177
178// =============================================================================
179// NONCE DIRECTION (1-SECURITY.md)
180// =============================================================================
181
182/// Nonce direction: Initiator -> Responder.
183pub const NONCE_DIR_INITIATOR: u8 = 0x00;
184
185/// Nonce direction: Responder -> Initiator.
186pub const NONCE_DIR_RESPONDER: u8 = 0x01;