# pvtcoms — Domain Glossary (CONTEXT.md)

Shared vocabulary so SR titles, PRDs, tests, and code stay consistent. Update inline as terms resolve.

| Term | Meaning |
|---|---|
| **Core** | The shared Rust crate (crypto, transport, protocol state, storage) exposed via UniFFI. |
| **Identity** | A user's keypair (`Ed25519 + ML-DSA-65` long-term identity key). No phone/email. One per device in v1. |
| **Handshake** | The hybrid `X25519 + ML-KEM-768` (PQXDH-style) initial key agreement. |
| **Ratchet** | Double Ratchet session providing per-message keys, forward secrecy, post-compromise security. |
| **Mailbox** | Oblivious store-and-forward queue addressed by a rotating token; relay sees only opaque token + padded blob. |
| **Rendezvous token** | `HMAC(shared_secret, epoch)` — the rotating address two contacts derive to find each other. |
| **Invite** | Single-use link/QR carrying a rendezvous address + ephemeral public key (never private keys); locks on first redeem. |
| **SAS** | Short Authentication String — out-of-band fingerprint compared over a second channel to detect first-contact MITM. |
| **Trust provenance** | A contact's verification state: `unverified` / `sas-verified` / `scanned` / `introduced-by-X` / `key-changed`. |
| **Pull-not-push** | Delivery model: the recipient's device polls its mailbox; nothing detects presence. No server push. |
| **Transport** | The anonymity layer. v1 = Tor via `arti`. Bound to an identity/profile, never per-contact. |
| **Profile** | An identity with a fixed transport posture (Anonymous = Tor-only; Direct-capable is a v2 separate identity). |
| **Oblivious** | A relay/mailbox that cannot read content, sender, recipient, or link traffic across rotations. |
| **PoW gate** | Hashcash proof-of-work required to deposit into a mailbox — anti-spam without identity. |
| **Ephemeral / disappearing** | Messages with a TTL; deleted locally on expiry. Default on. |
| **Walking skeleton (M0)** | Two Rust CLIs exchanging a string over a Tor `.onion`, no crypto — proves the pipe. |
| **SR-ID** | Service Request ID in `BACKLOG.md` (e.g. `SR-001`). Every request is captured before coding. |