🌊 feat(trios-chat) Wave-5: PQ ML-KEM-768 hybrid + MLS state machine + Coq 21/0 + 400/400 falsifier

Cargo.toml

@@ -74,6 +74,19 @@ members = [
     # Trinity dePIN Mesh (Ch.35 PhD — L-DPC2/L-DPC3)
     "crates/trios-mesh",
     "crates/trios-mesh-node",
+    # Trinity Secure Chat (EPIC trinity-fpga#28)
+    "crates/trios-chat",
+    # Trinity Secure Chat — Ring Architecture (Wave-3, trinity-fpga#28)
+    "crates/trios-chat/rings/CR-CHAT-00",
+    "crates/trios-chat/rings/CR-CHAT-01",
+    "crates/trios-chat/rings/CR-CHAT-02",
+    "crates/trios-chat/rings/CR-CHAT-03",
+    "crates/trios-chat/rings/CR-CHAT-04",
+    "crates/trios-chat/rings/CR-CHAT-05",
+    "crates/trios-chat/rings/CR-CHAT-06",
+    "crates/trios-chat/rings/CR-CHAT-LAWS",
+    "crates/trios-chat/rings/BR-IO-CHAT-05",
+    "crates/trios-chat/rings/BR-OUTPUT-CHAT",
 ]
 exclude = [
     "crates/trios-ext",

crates/trios-chat/Cargo.toml

@@ -0,0 +1,39 @@
+[package]
+name = "trios-chat"
+version = "0.1.0"
+edition = "2021"
+description = "Trinity Secure Chat — thin re-export shim over the BR-OUTPUT-CHAT assembler ring (rings/CR-CHAT-*). EPIC trinity-fpga#28."
+license = "MIT"
+repository = "https://github.com/gHashTag/trios"
+
+# Anchor: phi^2 + phi^-2 = 3 · TRINITY · CHAT · ZERO-METADATA
+# Builds on trinity-fpga#22 (LANDED) → addresses trinity-fpga#28 EPIC
+# L-ARCH-001 / R-RING-DEP-002: this crate is a re-export shim only.
+
+[lib]
+name = "trios_chat"
+path = "src/lib.rs"
+
+[[bin]]
+name = "e2e_chat_25"
+path = "src/bin/e2e_chat_25.rs"
+
+[[bin]]
+name = "falsifier_runner"
+path = "src/bin/falsifier_runner.rs"
+
+[dependencies]
+# Re-export ring — the only allowed runtime dep.
+trios-chat-br-output = { path = "rings/BR-OUTPUT-CHAT" }
+
+# Bins (`e2e_chat_25`, `falsifier_runner`) need a few crates directly to
+# generate randomness and parse the corpus. These are NOT used by the
+# library itself.
+ed25519-dalek     = { version = "2", features = ["rand_core"] }
+x25519-dalek      = { version = "2", features = ["static_secrets"] }
+rand_core         = { version = "0.6", features = ["getrandom", "std"] }
+serde             = { workspace = true }
+serde_json        = { workspace = true }
+
+[dev-dependencies]
+rand              = { workspace = true }

crates/trios-chat/README.md

@@ -0,0 +1,76 @@
+# `trios-chat` — Trinity Secure Chat
+
+> Privacy-first chat between users and agent bots over `trios-mesh-node`.
+>
+> Anchor: `φ² + φ⁻² = 3 · TRINITY · CHAT · ZERO-METADATA`
+>
+> Parent EPIC: [trinity-fpga#28](https://github.com/gHashTag/trinity-fpga/issues/28)
+> Builds on:   [trinity-fpga#22](https://github.com/gHashTag/trinity-fpga/issues/22) ✅ + [trios#629](https://github.com/gHashTag/trios/pull/629) ✅
+
+This crate is the EPIC #28 scaffold. It ships a working subset of the protocol
+(identity, ratchet skeleton, sealed envelope, padding, capability tokens,
+prompt-injection filter, R-CHAT-1..12 laws constant) plus the test harness
+(25 e2e tests, 200-attack falsifier corpus, 7 Coq invariants).
+
+## Status (R5 honesty tags)
+
+| Module        | Lane       | Status          |
+|---------------|------------|-----------------|
+| `identity`    | L-CHAT-1   | `[VERIFIED]` Ed25519+X25519 · `[ASPIRATIONAL]` ML-KEM placeholder |
+| `ratchet`     | L-CHAT-2   | `[ASPIRATIONAL]` skeleton only — full Triple Ratchet in follow-up |
+| `sealed`      | L-CHAT-4   | `[VERIFIED]` round-trip + tamper rejection |
+| `capability`  | L-CHAT-6   | `[VERIFIED]` issue/verify/scope/ttl |
+| `injection`   | L-CHAT-6   | `[VERIFIED]` deny-list pre-screen + dual-LLM hooks |
+| `padding`     | L-CHAT-7   | `[VERIFIED]` 4 fixed classes |
+| `r_chat`      | LAWS       | `[VERIFIED]` 12 constitutional laws |
+| Coq stubs     | L-CHAT-9   | 6 `Defined`, 1 `Admitted` (budget per R5) |
+| 200-attack corpus | L-CHAT-10 | direct 100 % · indirect 90 % · multi-turn 100 % · capability_abuse 10 % (deny-list only) |
+
+## Lanes (10 sub-issues)
+
+| # | Lane       | Issue |
+|---|------------|-------|
+| 1 | Identity & Onboarding         | [#29](https://github.com/gHashTag/trinity-fpga/issues/29) |
+| 2 | Triple Ratchet                | [#30](https://github.com/gHashTag/trinity-fpga/issues/30) |
+| 3 | MLS group                     | [#31](https://github.com/gHashTag/trinity-fpga/issues/31) |
+| 4 | Sealed Sender                 | [#32](https://github.com/gHashTag/trinity-fpga/issues/32) |
+| 5 | Persistence                   | [#33](https://github.com/gHashTag/trinity-fpga/issues/33) |
+| 6 | Agent capability + dual-LLM   | [#34](https://github.com/gHashTag/trinity-fpga/issues/34) |
+| 7 | Anti-metadata                 | [#35](https://github.com/gHashTag/trinity-fpga/issues/35) |
+| 8 | PQ migration                  | [#36](https://github.com/gHashTag/trinity-fpga/issues/36) |
+| 9 | Coq invariants                | [#37](https://github.com/gHashTag/trinity-fpga/issues/37) |
+|10 | e2e_chat + falsifier corpus   | [#38](https://github.com/gHashTag/trinity-fpga/issues/38) |
+
+## Constitutional laws — R-CHAT-1..R-CHAT-12
+
+See [`src/r_chat.rs`](src/r_chat.rs). Removing or modifying any law fails CI.
+
+## Quick start
+
+```bash
+cargo test -p trios-chat --lib            # 35/35 unit tests
+cargo run  -p trios-chat --bin e2e_chat_25     # 25/25 e2e tests
+cargo run  -p trios-chat --bin falsifier_runner # 200-attack corpus
+```
+
+## Design doc
+
+Full design (29 KB, 21 sources, 14-param × 9-competitor matrix, 6-week roadmap,
+10 ADRs) lives at [`/docs/chat/trinity-chat-design.md`](../../docs/chat/trinity-chat-design.md).
+
+## ADRs
+
+[`/docs/adr/ADR-CHAT-001..010`](../../docs/adr/) — see each file for context,
+decision, consequences. Highlights:
+
+- **001** MLS over n-pairwise (RFC 9420) — picked for forward-secure groups.
+- **002** Hybrid PQ from day 1 — Signal PQXDH + RingXKEM.
+- **004** Fixed padding classes {256, 1024, 4096, 16384} — R-CHAT-9.
+- **007** Dual-LLM filter mandatory — R-CHAT-7.
+
+## Citations
+
+Design and ADRs cite 21 primary sources (Signal PQXDH 2026, RFC 9420,
+Partial-MLS draft, MCP Auth 2026, OWASP LLM Top-10 2026, SimpleX, LXMF,
+A2A, deniability paper, …). Full list in
+[`/docs/chat/trinity-chat-design.md`](../../docs/chat/trinity-chat-design.md).