Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased]

sas_verify_mac/4 now returns {:error, reason} with a binary reason naming the specific failure ("bad_mac" for a MAC mismatch, "bad_tag" for an undecodable tag, "bad_*_utf8" for non-UTF-8 args) instead of the catch-all {:error, :bad_message}. This makes SAS MAC-interop failures diagnosable (tag base64-decode vs an actual MAC mismatch). verify_ed25519/3 is unchanged and still returns {:error, :bad_message}.
Upgraded the bundled vodozemac Rust crate 0.9 → 0.10. The Elixir NIF API is unchanged; internal adaptations to 0.10's breaking changes:
- Olm sessions now use SessionConfig::version_1 (0.10 moved version_2 behind an experimental feature flag and defaults to v1). Existing v2-pickled sessions still unpickle and operate normally — the config travels with each pickle, so no migration is required.
- Account::create_inbound_session now takes a SessionConfig argument.
- Account::create_outbound_session, Session::encrypt, and Curve25519SecretKey::diffie_hellman are now fallible; the NIF returns {:error, ...} (outbound_session_failed / encrypt_failed / ecdh_failed) instead of panicking on the rare contributory-behaviour failure.
- 0.10 makes strict Ed25519 signature verification mandatory (the strict-signatures feature was removed); honestly-generated signatures are unaffected.

Package the precompiled .so inside the tarball with the same suffixed filename rustler_precompiled dlopens at load time (libvodozemac_nif-v<ver>-nif-<nif>-<target>.so). 0.1.4 packed it as the bare cargo output name (libvodozemac_nif.so), so :erl_tar.extract produced a file at the wrong path and @on_load failed with "no such file". 0.1.4 is unusable; consumers must move directly to 0.1.5.

Precompiled NIF artifacts for aarch64-apple-darwin, x86_64-apple-darwin, aarch64-unknown-linux-gnu, x86_64-unknown-linux-gnu, and x86_64-unknown-freebsd. Consumers on these targets no longer need a Rust toolchain on mix deps.get.

Set a User-Agent header on NIF downloads. sr.ht sits behind the go-away anti-scraper proxy, which 403s any request with an empty UA — Erlang's :httpc (used by rustler_precompiled) sends none by default, so 0.1.2/0.1.3 consumers would have hit the proxy.

Initial public release: Olm + Megolm primitives for Matrix end-to-end encryption, built on Element's vodozemac (Rust) via Rustler. Surface covers account / one-time-keys, inbound and outbound Megolm group sessions, Olm pairwise sessions, raw Ed25519
- Curve25519 helpers, and SAS short-authentication-string verification.

Source-only release. Consumers need a Rust toolchain (rustup install stable) on mix deps.get; the NIF compiles from source via Rustler. Precompiled binaries for the four major macOS + Linux targets are scheduled for 0.1.1.
Pickle bytes are wrapped with vodozemac's default zero-key — no confidentiality at rest. Callers must apply their own at-rest encryption until a pickle_key parameter lands in a later release.