docs(e2ee): update roadmap — Sprint 4 complete

- 4.1.2: Swift Keychain key derivation ✓ - 4.2.2: Kotlin SecureStore key derivation ✓ - 4.3: @bytelyst/client-encrypt (22 tests) ✓ - 4.4.1: @bytelyst/secure-storage-web (16 tests) ✓ - 4.5: FlowMonk tasks.description encrypted (211 tests) ✓ - Only 4.4.2 (auth-client migration) deferred to Sprint 5
2026-03-21 11:23:26 -07:00 · 2026-03-21 11:23:26 -07:00 · d11f84da5f
commit d11f84da5f
parent ce08587680
1 changed files with 25 additions and 20 deletions
--- a/docs/devops/END_TO_END_ENCRYPTION_ROADMAP.md
+++ b/docs/devops/END_TO_END_ENCRYPTION_ROADMAP.md
@ -1,7 +1,7 @@
 # ByteLyst — End-to-End Encryption Implementation Roadmap

 > **Purpose:** Phased implementation plan for encryption across the ByteLyst ecosystem.  
-> **Status:** Phase 1 + Sprint 3 + Sprint 4.1/4.2 COMPLETE — 6 backends + native SDKs  
+> **Status:** Phase 1 + Phase 2 (Sprint 3 + Sprint 4) COMPLETE — 7 backends + native SDKs + client-encrypt + secure-storage-web  
 > **Author:** AI Architecture Review  
 > **Last updated:** 2026-07-12  
 > **Design doc:** [`END_TO_END_ENCRYPTION_DESIGN.md`](END_TO_END_ENCRYPTION_DESIGN.md)
@ -284,7 +284,9 @@ Week 1-2     Week 3-4     Week 5-6     Week 7-8     Week 9-10    Week 11-14
  - `BLEncryptedField` Codable struct + `BLFieldEncrypt` enum (CryptoKit AES-256-GCM)
  - encrypt/decrypt, AAD support, generateKey, keyFromHex, isEncrypted
  - Data hex helpers (hexString, init?(hexString:))
- [ ] **4.1.2** Key derivation from Keychain-stored secret
+- [x] **4.1.2** Key derivation from Keychain-stored secret
+  - getOrCreateKey(service:account:), loadKey(), deleteKey()
+  - Generates AES-256 key, persists as hex in BLKeychain
 - [x] **4.1.3** Unit tests (XCTest) — 22 tests in BLFieldEncryptTests.swift

 **Commit:** `feat(swift-sdk): add BLFieldEncrypt for client-side AES-256-GCM encryption`
@ -295,32 +297,32 @@ Week 1-2     Week 3-4     Week 5-6     Week 7-8     Week 9-10    Week 11-14
  - `BLEncryptedField` data class + `BLFieldEncrypt` object (javax.crypto AES-256-GCM)
  - encrypt/decrypt, AAD support, generateKey, keyFromHex, isEncrypted
  - ByteArray/String hex extension functions
- [ ] **4.2.2** Key derivation from BLSecureStore
+- [x] **4.2.2** Key derivation from BLSecureStore
+  - getOrCreateKey(store:account:), loadKey(), deleteKey()
+  - Generates AES-256 key, persists as hex in EncryptedSharedPreferences
 - [x] **4.2.3** Unit tests (JUnit5) — 21/21 passing in BLFieldEncryptTest.kt

 **Commit:** `feat(kotlin-sdk): add BLFieldEncrypt for client-side AES-256-GCM encryption`

 #### 4.3 TypeScript Client Package — `@bytelyst/client-encrypt`

- [ ] **4.3.1** Create `packages/client-encrypt/` for browser + React Native
-  ```typescript
-  // Uses Web Crypto API (SubtleCrypto) — works in browsers and React Native
-  export function encryptField(plaintext: string, key: CryptoKey): Promise<EncryptedField>;
-  export function decryptField(field: EncryptedField, key: CryptoKey): Promise<string>;
-  export function deriveKey(passphrase: string, salt: Uint8Array): Promise<CryptoKey>;
-  ```
- [ ] **4.3.2** PBKDF2 key derivation for web (600,000 iterations)
- [ ] **4.3.3** Tests with vitest + happy-dom
+- [x] **4.3.1** Create `packages/client-encrypt/` for browser + React Native
+  - AES-256-GCM via SubtleCrypto, wire-compatible EncryptedField
+  - encryptField, decryptField, generateKey, keyFromHex, keyToHex
+  - isEncryptedField type guard, toHex/fromHex hex helpers
+- [x] **4.3.2** PBKDF2 key derivation for web (600,000 iterations per OWASP 2023)
+- [x] **4.3.3** 22 Vitest tests, all passing

 **Commit:** `feat(client-encrypt): create @bytelyst/client-encrypt for browser/RN encryption`

 #### 4.4 Web Secure Storage

- [ ] **4.4.1** Create `@bytelyst/secure-storage-web` package
-  - IndexedDB-backed storage with `SubtleCrypto` non-extractable AES key
-  - API: `secureGet(key)`, `secureSet(key, value)`, `secureDelete(key)`, `secureClear()`
-  - Key is generated once, stored as non-extractable CryptoKey in IndexedDB
-  - Falls back to `localStorage` if `SubtleCrypto` unavailable
+- [x] **4.4.1** Create `@bytelyst/secure-storage-web` package
+  - IndexedDB-backed storage with non-extractable AES-256-GCM CryptoKey
+  - API: set, get, delete, clear, has, keys — all async
+  - Namespace isolation for multi-app usage
+  - Falls back to localStorage when SubtleCrypto unavailable
+  - 16 Vitest tests (fake-indexeddb), all passing

 - [ ] **4.4.2** Migrate auth tokens from `localStorage` to secure storage in all web apps
  - Update `@bytelyst/auth-client` to use secure storage
@ -330,12 +332,15 @@ Week 1-2     Week 3-4     Week 5-6     Week 7-8     Week 9-10    Week 11-14

 #### 4.5 FlowMonk Backend (port 4017)

- [ ] **4.5.1** Add dependency + encrypt `tasks.description` field
- [ ] **4.5.2** Update tests
+- [x] **4.5.1** Add dependency + encrypt `tasks.description` field
+  - field-encrypt singleton (flowmonk-mek), config env vars
+  - Encrypt on create/update, decrypt on read/list
+  - Backward-compatible via isEncryptedField guard
+- [x] **4.5.2** 211/211 tests passing

 **Commit:** `feat(flowmonk): encrypt task notes`

-**Sprint 4 deliverable:** All native SDKs have encryption primitives. Web secure storage. 7 backends encrypted.
+**Sprint 4 deliverable:** All native SDKs have encryption primitives. Web secure storage created. 7 backends encrypted (6 prior + FlowMonk). Only 4.4.2 (auth-client migration) deferred to Sprint 5.

 ---