Changelog

BIP39 12-word mnemonic-based master password recovery system that allows

users to regain access to their encrypted data without a full data wipe.

Rust core:

• privstack-crypto: RecoveryBlob type with create/open/reencrypt functions

that encrypt the master key with a mnemonic-derived key

• privstack-vault: setup_recovery(), has_recovery(), and

reset_password_with_recovery() methods on Vault and VaultManager, with

full re-encryption of all vault blobs on password reset

• privstack-ffi: Three new FFI functions (setup_recovery, has_recovery,

reset_with_recovery) with error codes RecoveryNotConfigured=34 and

InvalidRecoveryMnemonic=35, including entity_store and blob_store

re-encryption

C# desktop:

• Native bindings: P/Invoke declarations, IAuthService interface methods,

and PrivStackService implementations for all three recovery operations

• EmergencyKitPdfService: QuestPDF-based A4 PDF generator with numbered

word grid, security warnings, and recovery instructions

• Setup wizard: New EmergencyKit step after Password for new installs,

displaying recovery words and requiring PDF download before proceeding

• Recovery flow: Two-step RecoveryViewModel (enter 12 words, set new

password) with RecoveryView, wired into UnlockViewModel and App.axaml.cs

navigation. Unlock screen shows conditional recovery link when configured

• Settings: Emergency Kit section in Security expander showing status

indicator, generate/regenerate button, word display, and PDF download

Cloud sync engine now encrypts/decrypts batches per-entity using a

thread-safe DekRegistry (Arc<RwLock<HashMap<String, DerivedKey>>>).

The sync engine groups outbox events by entity_id and encrypts each

group with the entity's DEK via ChaCha20-Poly1305. Per-entity cursor

tracking replaces the single cursor_position.

FFI auth.rs now persists passphrase-encrypted and mnemonic-encrypted

private keys to S3 during setup_passphrase, and retrieves them during

enter_passphrase and recover_from_mnemonic. This uses workspace-scoped

STS credentials obtained from the API's list_workspaces endpoint.

Added recovery_key_s3_key() helper to compaction.rs for the mnemonic

backup storage path. PrivStackHandle gains cloud_dek_registry and

cloud_active_workspace fields for FFI state management.

New capability interface for plugins that support per-entity sharing via PrivStack Cloud. Declares ShareableEntityTypes, IsExcludedFromSharing (default false), GetEntityTitle, and GetEntityType. Follows established capability registration pattern (Host.Capabilities.Register in OnInitializeAsync). SDK version bumped to 1.26.0 for new public API surface.

Phase 6 of the Cloud Sync Implementation Plan. Adds the .NET desktop integration layer for S3-backed cloud sync:

• CloudSyncModels.cs: DTOs for CloudSyncStatus, CloudQuota, CloudWorkspaceInfo, CloudAuthTokens, CloudShareInfo, SharedWithMeInfo, CloudDeviceInfo, and SyncTier enum
• PrivStackError.cs: Added error codes 28-33 (InvalidArgument, CloudSyncError, QuotaExceeded, ShareDenied, EnvelopeError, CloudAuthError) matching Rust FFI enum
• NativeLibrary.cs: 27 P/Invoke declarations for all privstack_cloudsync_* FFI exports (auth, key management, workspaces, sync engine, sharing, devices)
• ICloudSyncService.cs: Interface abstracting the cloud sync FFI surface for DI and testability
• CloudSyncService.cs: FFI wrapper implementing ICloudSyncService with DeserializeAndFree/MarshalAndFree helpers, lifecycle hooks (FlushIfSyncing on shutdown), and IDisposable cleanup
• Workspace.cs: Added SyncTier and CloudWorkspaceId properties
• ServiceRegistration.cs: Registered ICloudSyncService → CloudSyncService singleton

New crate with 12 modules: API client (JWT auth, token refresh on 401),

S3 transport (STS credentials, upload/download), credential manager

(auto-refresh), adaptive outbox (solo 60s / collab 5s flush modes),

sync engine (tokio::select event loop), envelope manager (DEK sharing

orchestration), compaction (snapshot generation, >50 batch threshold),

sharing workflow (create/accept/revoke/cascade), blob sync (encrypted

upload/download with quota tracking), config, types, and error handling.

Dependencies: aws-sdk-s3, aws-sdk-sts, reqwest, crypto_box, sha2.