samehabouelsaad/sal-modular
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
13945a8725
sal-modular/docs/user_stories.md
Sameh Abouelsaad 13945a8725 feat: Add WASM support and browser extension infrastructure 
- Add WASM build target and dependencies for all crates.
- Implement IndexedDB-based persistent storage for WASM.
- Create browser extension infrastructure (UI, scripting, etc.).
- Integrate Rhai scripting engine for secure automation.
- Implement user stories and documentation for the extension.
2025-05-16 15:31:53 +03:00

2.4 KiB
Raw Blame History

User Stories: Modular Cryptographic Extension & Scripting

As a User, I want to...

Session & Key Management

  • Create a new encrypted keyspace with a password so that only I can access my secrets.
  • Unlock an existing keyspace by entering my password.
  • Create, select, and manage multiple keypairs within a keyspace.
  • Clearly see which keyspace and keypair are currently active in my session.

Cryptographic Operations

  • Sign and verify messages using my selected keypair.
  • Encrypt and decrypt messages or files using asymmetric cryptography (public/private keypair).
  • Encrypt and decrypt messages or files using symmetric encryption (derived from my keyspace password).
  • Export or back up my keypairs securely.

EVM Client Actions

  • Connect to an Ethereum provider and check my account balance.
  • Send transactions using my selected keypair.

Scripting (Rhai)

  • Paste or write a Rhai script into the extension UI and execute it securely.
  • Approve or deny each script execution, with a clear understanding of what the script will access (e.g., signing, sending transactions).
  • See script logs/output in the extension UI.

Security & Permissions

  • Be prompted for approval before any script can access my keypair or perform sensitive operations.
  • See a clear audit trail/log of all cryptographic and scripting actions performed in my session.

WebSocket Integration (Future)

  • Connect to a server using my keypair's public key and receive Rhai scripts from the server.
  • Review and approve/reject incoming scripts, with clear metadata (title, description, tags).
  • For remote scripts, sign the script hash and send my signature to the server as consent.
  • For local scripts, execute them in the extension and have the results reported back to the server.

UI/UX

  • Use a fast, modern, and intuitive extension interface, with dark mode support.
  • Always know the current security state (locked/unlocked, connected/disconnected, etc.).

As a Developer, I want to...

  • Expose all vault and EVM client APIs to WASM so they are callable from JavaScript/TypeScript.
  • Provide ergonomic Rust-to-Rhai bindings for all key cryptographic and EVM actions.
  • Ensure clear error reporting and logging for all extension and scripting operations.
  • Write tests for both WASM and native environments.
  • Easily add new cryptographic algorithms, providers, or scripting APIs as the system evolves.