diff --git a/.claude/HISTORY.md b/.claude/HISTORY.md index 1c0c8691..0966fae4 100644 --- a/.claude/HISTORY.md +++ b/.claude/HISTORY.md @@ -3199,3 +3199,35 @@ git checkout HEAD -- index.html - **Files:** - `luci-app-metablogizer/root/usr/libexec/rpcd/luci.metablogizer` - `secubox-app-haproxy/files/usr/sbin/haproxyctl` + +40. **ZKP Hamiltonian Cryptographic Library (2026-02-24)** + - Created `zkp-hamiltonian` package implementing Zero-Knowledge Proofs based on Hamiltonian Cycle problem (Blum 1986). + - **Cryptographic Implementation:** + - SHA3-256 commitments via OpenSSL EVP API + - Fiat-Shamir heuristic for NIZK transformation + - Fisher-Yates shuffle for uniform random permutations + - Constant-time memory comparison (timing attack resistant) + - Secure memory zeroing with compiler barrier + - **Library API:** + - `zkp_prove()` - Generate NIZK proof of Hamiltonian cycle knowledge + - `zkp_verify()` - Verify proof (stateless, O(n²)) + - `zkp_generate_graph()` - Generate random graphs with guaranteed Hamiltonian cycle + - `zkp_serialize_*()` / `zkp_deserialize_*()` - Binary serialization (big-endian, portable) + - **CLI Tools:** + - `zkp_keygen` - Generate graph + Hamiltonian cycle (prover secret) + - `zkp_prover` - Create proof from graph + key + - `zkp_verifier` - Verify proof against graph + - **Test Coverage:** + - 41 tests across 4 test suites (crypto, graph, protocol, serialize) + - Completeness, soundness, tamper detection, anti-replay verification + - **Specifications:** + - C99, targets OpenWrt ARM64 (MochaBin Cortex-A72) + - Graph size: 4-50 nodes (configurable MAX_N=50) + - Proof size: ~160KB for n=50 + - **Files:** + - `zkp-hamiltonian/src/{zkp_crypto,zkp_graph,zkp_prove,zkp_verify,zkp_serialize}.c` + - `zkp-hamiltonian/include/{zkp_hamiltonian,zkp_crypto,zkp_graph,zkp_types}.h` + - `zkp-hamiltonian/tools/{zkp_keygen,zkp_prover,zkp_verifier}.c` + - `zkp-hamiltonian/tests/{test_crypto,test_graph,test_protocol,test_serialize}.c` + - `zkp-hamiltonian/CMakeLists.txt` + - **Commit:** `65539368 feat(zkp-hamiltonian): Add Zero-Knowledge Proof library based on Hamiltonian Cycle` diff --git a/.claude/WIP.md b/.claude/WIP.md index 8ec36b07..7ecd875f 100644 --- a/.claude/WIP.md +++ b/.claude/WIP.md @@ -866,6 +866,14 @@ _Last updated: 2026-02-24 (Service Stability Fixes)_ ### Just Completed (2026-02-24) +- **ZKP Hamiltonian Library** — DONE (2026-02-24) + - Zero-Knowledge Proof implementation based on Hamiltonian Cycle (Blum 1986) + - NIZK via Fiat-Shamir heuristic, SHA3-256 commitments (OpenSSL) + - Complete library: prove/verify/serialize + CLI tools (keygen/prover/verifier) + - 41 tests passing: completeness, soundness, tamper detection, anti-replay + - C99 targeting OpenWrt ARM64, CMake build system + - Commit: 65539368 + - **Service Stability & LED Pulse Fix** — DONE (2026-02-24) - CrowdSec autostart: Fixed machine registration mismatch, downloaded GeoLite2-City.mmdb - LED pulse: Fixed HAProxy check to run on host instead of non-existent LXC container diff --git a/package/secubox/luci-app-metablogizer/root/usr/libexec/rpcd/luci.metablogizer b/package/secubox/luci-app-metablogizer/root/usr/libexec/rpcd/luci.metablogizer index db6cfcb0..f03102fc 100755 --- a/package/secubox/luci-app-metablogizer/root/usr/libexec/rpcd/luci.metablogizer +++ b/package/secubox/luci-app-metablogizer/root/usr/libexec/rpcd/luci.metablogizer @@ -101,6 +101,13 @@ reload_haproxy() { [ -d /opt/haproxy/config ] && cp "$src_cfg" /opt/haproxy/config/haproxy.cfg 2>/dev/null fi + # Sync mitmproxy routes from HAProxy config and trigger reload + # This ensures WAF routing is properly configured for new vhosts + if command -v mitmproxyctl >/dev/null 2>&1; then + mitmproxyctl sync-routes >/dev/null 2>&1 + logger -t metablogizer "Synced mitmproxy routes" + fi + # Reload HAProxy if [ -x /etc/init.d/haproxy ]; then /etc/init.d/haproxy reload >/dev/null 2>&1