async-matrix 1.1.0 → 1.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 194e89bd46e36b9d5dda162d92386d360044984341effd4bc1b4012e3fe30001
-  data.tar.gz: 223ce9eb16f32334ec2817fb5dbf8ea234dc73b7c668246a8408c26012f1df3d
+  metadata.gz: '044956d2cd8c29c0875733a8245ad009d61dfa59efcfcb7556ba24605f4aa073'
+  data.tar.gz: 917fb89e79e7ae68dc590ae287b612e5e940351601af5532ac2c7b93dafb1a42
 SHA512:
-  metadata.gz: 1fac9d4cf9e5bdbff4817c7924e92160edf5f5f8dfbeee6ccc6080b3a03927e17e81c7f03671069f09a6b064ccd2fe3dada2f663c05c0bb1c2e3b98f1e74bb99
-  data.tar.gz: f5dde0ffde70897beedae255b1e7ece7b4e753036006a119d8b747d0e5a279938b7080e59b455d7a9e20518dcaa6e271629dee29302bc9995daac5c45cef9c8f
+  metadata.gz: 2044815f830d6f47e958a322fe09fad2773a07146d6dd39f5b5474d5c48f8f46a2a96e6c5fa6ebf38d4c11cbf57a305fcdb3ced1e55873d21fd3eff507dc1041
+  data.tar.gz: a1304c33ff1bd07ddf11965ef98f65495a4458b45ec346dff23e0881ed30327009de1fc4cdfee0b1806b384ca0d61893f1efdbeaa657d732a489b32614704d4b

data/ext/async_matrix_e2ee/Cargo.toml

@@ -0,0 +1,26 @@
+[package]
+name = "async_matrix_e2ee"
+version = "0.1.0"
+edition = "2021"
+publish = false
+
+[lib]
+name = "async_matrix_e2ee"
+crate-type = ["cdylib"]
+
+[dependencies]
+magnus = "0.7"
+
+# vodozemac 0.10.0 (2026-04-13), default features (libolm-compat).
+#
+# - 0.10 is the release that fixes the all-zero / non-contributory DH issue from
+#   Soatok's review (the proposed patch was deprecated `since = "0.10.0"`), so we
+#   pin >= 0.10 rather than 0.9.
+# - There is no `strict-signatures` feature in 0.10 (it existed pre-0.10; the
+#   related signature-verification hardening was resolved upstream).
+# - There is no `fuzzing` Cargo feature: vodozemac's MAC/signature bypass is
+#   gated behind `#[cfg(fuzzing)]`, only set by `cargo fuzz`
+#   (RUSTFLAGS=--cfg fuzzing). A normal `cargo build`/`rake compile` never
+#   enables it. Never build production artifacts with `cargo fuzz`.
+[dependencies.vodozemac]
+version = "0.10"

data/ext/async_matrix_e2ee/extconf.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+require "mkmf"
+require "rb_sys/mkmf"
+
+# Builds the Rust crate in this directory and produces async_matrix_e2ee.so.
+# The crate's #[magnus::init] defines the classes under Async::Matrix::E2EE.
+create_rust_makefile("async_matrix_e2ee")

data/ext/async_matrix_e2ee/src/lib.rs

@@ -0,0 +1,326 @@
+//! Ruby bindings for vodozemac (Matrix Olm/Megolm), via magnus.
+//!
+//! This is the Ruby analogue of matrix-nio/vodozemac-python (which uses PyO3).
+//! It exposes vodozemac's Account / Session (Olm) and GroupSession /
+//! InboundGroupSession (Megolm) under the `Async::Matrix::E2EE` module.
+//!
+//! The API is deliberately base64-string / integer centric rather than passing
+//! wrapped key objects around: Matrix moves keys and ciphertext as base64
+//! strings inside JSON, so a string API drops straight into the protocol layer
+//! and keeps the magnus surface small.
+
+use std::cell::RefCell;
+use std::collections::HashMap;
+
+use magnus::{function, method, prelude::*, Error, Ruby};
+
+use vodozemac::{base64_decode, base64_encode, Curve25519PublicKey, Ed25519PublicKey, Ed25519Signature};
+use vodozemac::olm::{
+    Account as OlmAccount, AccountPickle, OlmMessage, PreKeyMessage, Session as OlmSession,
+    SessionConfig as OlmSessionConfig, SessionPickle,
+};
+use vodozemac::megolm::{
+    GroupSession as MegolmGroupSession, GroupSessionPickle, InboundGroupSession as MegolmInbound,
+    InboundGroupSessionPickle, MegolmMessage, SessionConfig as MegolmSessionConfig, SessionKey,
+};
+
+// --- helpers ---------------------------------------------------------------
+
+fn rt_err<E: std::fmt::Display>(e: E) -> Error {
+    Error::new(magnus::exception::runtime_error(), e.to_string())
+}
+
+fn key32(label: &str, bytes: &[u8]) -> Result<[u8; 32], Error> {
+    bytes
+        .try_into()
+        .map_err(|_| rt_err(format!("{label} must be 32 bytes, got {}", bytes.len())))
+}
+
+// --- Account ---------------------------------------------------------------
+
+#[magnus::wrap(class = "Async::Matrix::E2EE::Account", free_immediately, size)]
+struct Account(RefCell<OlmAccount>);
+
+impl Account {
+    fn new() -> Self {
+        Account(RefCell::new(OlmAccount::new()))
+    }
+
+    fn from_pickle(pickle: String, pickle_key: String) -> Result<Self, Error> {
+        let key = key32("pickle_key", pickle_key.as_bytes())?;
+        let p = AccountPickle::from_encrypted(&pickle, &key).map_err(rt_err)?;
+        Ok(Account(RefCell::new(OlmAccount::from_pickle(p))))
+    }
+
+    fn pickle(&self, pickle_key: String) -> Result<String, Error> {
+        let key = key32("pickle_key", pickle_key.as_bytes())?;
+        Ok(self.0.borrow().pickle().encrypt(&key))
+    }
+
+    fn ed25519_key(&self) -> String {
+        self.0.borrow().ed25519_key().to_base64()
+    }
+
+    fn curve25519_key(&self) -> String {
+        self.0.borrow().curve25519_key().to_base64()
+    }
+
+    fn sign(&self, message: String) -> String {
+        self.0.borrow().sign(message.as_bytes()).to_base64()
+    }
+
+    fn one_time_keys(&self) -> HashMap<String, String> {
+        self.0
+            .borrow()
+            .one_time_keys()
+            .into_iter()
+            .map(|(k, v)| (k.to_base64(), v.to_base64()))
+            .collect()
+    }
+
+    fn max_number_of_one_time_keys(&self) -> usize {
+        self.0.borrow().max_number_of_one_time_keys()
+    }
+
+    fn generate_one_time_keys(&self, count: usize) {
+        self.0.borrow_mut().generate_one_time_keys(count);
+    }
+
+    fn fallback_key(&self) -> HashMap<String, String> {
+        self.0
+            .borrow()
+            .fallback_key()
+            .into_iter()
+            .map(|(k, v)| (k.to_base64(), v.to_base64()))
+            .collect()
+    }
+
+    fn generate_fallback_key(&self) {
+        self.0.borrow_mut().generate_fallback_key();
+    }
+
+    fn mark_keys_as_published(&self) {
+        self.0.borrow_mut().mark_keys_as_published();
+    }
+
+    /// Returns a Session for sending to a peer identified by their identity and
+    /// one-time keys (both base64).
+    fn create_outbound_session(
+        &self,
+        identity_key: String,
+        one_time_key: String,
+    ) -> Result<Session, Error> {
+        let ik = Curve25519PublicKey::from_base64(&identity_key).map_err(rt_err)?;
+        let otk = Curve25519PublicKey::from_base64(&one_time_key).map_err(rt_err)?;
+        let session = self
+            .0
+            .borrow()
+            .create_outbound_session(OlmSessionConfig::version_1(), ik, otk)
+            .map_err(rt_err)?;
+        Ok(Session(RefCell::new(session)))
+    }
+
+    /// Establishes an inbound Session from a received pre-key message (base64
+    /// body, as carried in an m.room.encrypted olm `body`). Returns
+    /// `[session, plaintext]`.
+    fn create_inbound_session(
+        &self,
+        identity_key: String,
+        prekey_message_body: String,
+    ) -> Result<(Session, String), Error> {
+        let ik = Curve25519PublicKey::from_base64(&identity_key).map_err(rt_err)?;
+        let prekey = PreKeyMessage::from_base64(&prekey_message_body).map_err(rt_err)?;
+        let result = self
+            .0
+            .borrow_mut()
+            .create_inbound_session(OlmSessionConfig::version_1(), ik, &prekey)
+            .map_err(rt_err)?;
+        let plaintext = String::from_utf8(result.plaintext).map_err(rt_err)?;
+        Ok((Session(RefCell::new(result.session)), plaintext))
+    }
+}
+
+// --- Session (Olm 1:1) -----------------------------------------------------
+
+#[magnus::wrap(class = "Async::Matrix::E2EE::Session", free_immediately, size)]
+struct Session(RefCell<OlmSession>);
+
+impl Session {
+    fn session_id(&self) -> String {
+        self.0.borrow().session_id()
+    }
+
+    fn pickle(&self, pickle_key: String) -> Result<String, Error> {
+        let key = key32("pickle_key", pickle_key.as_bytes())?;
+        Ok(self.0.borrow().pickle().encrypt(&key))
+    }
+
+    fn from_pickle(pickle: String, pickle_key: String) -> Result<Self, Error> {
+        let key = key32("pickle_key", pickle_key.as_bytes())?;
+        let p = SessionPickle::from_encrypted(&pickle, &key).map_err(rt_err)?;
+        Ok(Session(RefCell::new(OlmSession::from_pickle(p))))
+    }
+
+    /// Encrypts plaintext; returns `[message_type, body_base64]` matching the
+    /// Matrix olm ciphertext shape.
+    fn encrypt(&self, plaintext: String) -> Result<(usize, String), Error> {
+        let message = self.0.borrow_mut().encrypt(plaintext.as_bytes()).map_err(rt_err)?;
+        let (mtype, ciphertext) = message.to_parts();
+        Ok((mtype, base64_encode(ciphertext)))
+    }
+
+    /// Decrypts an olm message given its type (0 = pre-key, 1 = normal) and
+    /// base64 body.
+    fn decrypt(&self, message_type: usize, body: String) -> Result<String, Error> {
+        let ciphertext = base64_decode(&body).map_err(rt_err)?;
+        let message = OlmMessage::from_parts(message_type, &ciphertext).map_err(rt_err)?;
+        let plaintext = self.0.borrow_mut().decrypt(&message).map_err(rt_err)?;
+        String::from_utf8(plaintext).map_err(rt_err)
+    }
+}
+
+// --- GroupSession (Megolm outbound) ---------------------------------------
+
+#[magnus::wrap(class = "Async::Matrix::E2EE::GroupSession", free_immediately, size)]
+struct GroupSession(RefCell<MegolmGroupSession>);
+
+impl GroupSession {
+    fn new() -> Self {
+        GroupSession(RefCell::new(MegolmGroupSession::new(MegolmSessionConfig::version_1())))
+    }
+
+    fn session_id(&self) -> String {
+        self.0.borrow().session_id()
+    }
+
+    fn message_index(&self) -> u32 {
+        self.0.borrow().message_index()
+    }
+
+    /// The session key (base64) to share with recipients via m.room_key.
+    fn session_key(&self) -> String {
+        self.0.borrow().session_key().to_base64()
+    }
+
+    /// Encrypts plaintext, returning the megolm message as base64.
+    fn encrypt(&self, plaintext: String) -> String {
+        self.0.borrow_mut().encrypt(plaintext.as_bytes()).to_base64()
+    }
+
+    fn pickle(&self, pickle_key: String) -> Result<String, Error> {
+        let key = key32("pickle_key", pickle_key.as_bytes())?;
+        Ok(self.0.borrow().pickle().encrypt(&key))
+    }
+
+    fn from_pickle(pickle: String, pickle_key: String) -> Result<Self, Error> {
+        let key = key32("pickle_key", pickle_key.as_bytes())?;
+        let p = GroupSessionPickle::from_encrypted(&pickle, &key).map_err(rt_err)?;
+        Ok(GroupSession(RefCell::new(MegolmGroupSession::from_pickle(p))))
+    }
+}
+
+// --- InboundGroupSession (Megolm inbound) ---------------------------------
+
+#[magnus::wrap(class = "Async::Matrix::E2EE::InboundGroupSession", free_immediately, size)]
+struct InboundGroupSession(RefCell<MegolmInbound>);
+
+impl InboundGroupSession {
+    /// Build from a base64 session key received in an m.room_key event.
+    fn new(session_key: String) -> Result<Self, Error> {
+        let key = SessionKey::from_base64(&session_key).map_err(rt_err)?;
+        Ok(InboundGroupSession(RefCell::new(MegolmInbound::new(
+            &key,
+            MegolmSessionConfig::version_1(),
+        ))))
+    }
+
+    fn session_id(&self) -> String {
+        self.0.borrow().session_id()
+    }
+
+    fn first_known_index(&self) -> u32 {
+        self.0.borrow().first_known_index()
+    }
+
+    /// Decrypts a base64 megolm message; returns `[plaintext, message_index]`.
+    fn decrypt(&self, message: String) -> Result<(String, u32), Error> {
+        let msg = MegolmMessage::from_base64(&message).map_err(rt_err)?;
+        let decrypted = self.0.borrow_mut().decrypt(&msg).map_err(rt_err)?;
+        let plaintext = String::from_utf8(decrypted.plaintext).map_err(rt_err)?;
+        Ok((plaintext, decrypted.message_index))
+    }
+
+    fn pickle(&self, pickle_key: String) -> Result<String, Error> {
+        let key = key32("pickle_key", pickle_key.as_bytes())?;
+        Ok(self.0.borrow().pickle().encrypt(&key))
+    }
+
+    fn from_pickle(pickle: String, pickle_key: String) -> Result<Self, Error> {
+        let key = key32("pickle_key", pickle_key.as_bytes())?;
+        let p = InboundGroupSessionPickle::from_encrypted(&pickle, &key).map_err(rt_err)?;
+        Ok(InboundGroupSession(RefCell::new(MegolmInbound::from_pickle(p))))
+    }
+}
+
+// --- module-level functions ------------------------------------------------
+
+/// Verify an ed25519 signature. `key` and `signature` are base64; returns bool.
+fn verify_signature(key: String, message: String, signature: String) -> Result<bool, Error> {
+    let public_key = Ed25519PublicKey::from_base64(&key).map_err(rt_err)?;
+    let sig = Ed25519Signature::from_base64(&signature).map_err(rt_err)?;
+    Ok(public_key.verify(message.as_bytes(), &sig).is_ok())
+}
+
+// --- init ------------------------------------------------------------------
+
+#[magnus::init]
+fn init(ruby: &Ruby) -> Result<(), Error> {
+    let namespace = ruby.define_module("Async")?.define_module("Matrix")?.define_module("E2EE")?;
+
+    let account = namespace.define_class("Account", ruby.class_object())?;
+    account.define_singleton_method("new", function!(Account::new, 0))?;
+    account.define_singleton_method("from_pickle", function!(Account::from_pickle, 2))?;
+    account.define_method("pickle", method!(Account::pickle, 1))?;
+    account.define_method("ed25519_key", method!(Account::ed25519_key, 0))?;
+    account.define_method("curve25519_key", method!(Account::curve25519_key, 0))?;
+    account.define_method("sign", method!(Account::sign, 1))?;
+    account.define_method("one_time_keys", method!(Account::one_time_keys, 0))?;
+    account.define_method(
+        "max_number_of_one_time_keys",
+        method!(Account::max_number_of_one_time_keys, 0),
+    )?;
+    account.define_method("generate_one_time_keys", method!(Account::generate_one_time_keys, 1))?;
+    account.define_method("fallback_key", method!(Account::fallback_key, 0))?;
+    account.define_method("generate_fallback_key", method!(Account::generate_fallback_key, 0))?;
+    account.define_method("mark_keys_as_published", method!(Account::mark_keys_as_published, 0))?;
+    account.define_method("create_outbound_session", method!(Account::create_outbound_session, 2))?;
+    account.define_method("create_inbound_session", method!(Account::create_inbound_session, 2))?;
+
+    let session = namespace.define_class("Session", ruby.class_object())?;
+    session.define_singleton_method("from_pickle", function!(Session::from_pickle, 2))?;
+    session.define_method("session_id", method!(Session::session_id, 0))?;
+    session.define_method("pickle", method!(Session::pickle, 1))?;
+    session.define_method("encrypt", method!(Session::encrypt, 1))?;
+    session.define_method("decrypt", method!(Session::decrypt, 2))?;
+
+    let group = namespace.define_class("GroupSession", ruby.class_object())?;
+    group.define_singleton_method("new", function!(GroupSession::new, 0))?;
+    group.define_singleton_method("from_pickle", function!(GroupSession::from_pickle, 2))?;
+    group.define_method("session_id", method!(GroupSession::session_id, 0))?;
+    group.define_method("message_index", method!(GroupSession::message_index, 0))?;
+    group.define_method("session_key", method!(GroupSession::session_key, 0))?;
+    group.define_method("encrypt", method!(GroupSession::encrypt, 1))?;
+    group.define_method("pickle", method!(GroupSession::pickle, 1))?;
+
+    let inbound = namespace.define_class("InboundGroupSession", ruby.class_object())?;
+    inbound.define_singleton_method("new", function!(InboundGroupSession::new, 1))?;
+    inbound.define_singleton_method("from_pickle", function!(InboundGroupSession::from_pickle, 2))?;
+    inbound.define_method("session_id", method!(InboundGroupSession::session_id, 0))?;
+    inbound.define_method("first_known_index", method!(InboundGroupSession::first_known_index, 0))?;
+    inbound.define_method("decrypt", method!(InboundGroupSession::decrypt, 1))?;
+    inbound.define_method("pickle", method!(InboundGroupSession::pickle, 1))?;
+
+    namespace.define_module_function("verify_signature", function!(verify_signature, 3))?;
+
+    Ok(())
+}

data/lib/async/matrix/api/chain.rb

@@ -132,11 +132,12 @@ module Async
 
           path = "/" + segments.map { |s| _encode(s) }.join("/")
 
+          if query && !query.empty?
+            qs = query.map { |k, v| "#{_encode(k.to_s)}=#{_encode(v.to_s)}" }.join("&")
+            path = "#{path}?#{qs}"
+          end
+
           if _binary_route?(segments)
-            if query && !query.empty?
-              qs = query.map { |k, v| "#{_encode(k.to_s)}=#{_encode(v.to_s)}" }.join("&")
-              path = "#{path}?#{qs}"
-            end
             case method
             when "GET"
               @client.media_client.download(path)
@@ -149,10 +150,6 @@ module Async
             retry_opts = max_retries ? {max_retries: max_retries} : {}
             case method
             when "GET"
-              if query && !query.empty?
-                qs = query.map { |k, v| "#{_encode(k.to_s)}=#{_encode(v.to_s)}" }.join("&")
-                path = "#{path}?#{qs}"
-              end
               @client.get(path, **retry_opts)
             when "POST"
               @client.post(path, body || {}, **retry_opts)

data/lib/async/matrix/e2ee.rb

@@ -0,0 +1,85 @@
+# frozen_string_literal: true
+
+# Released under the Apache License, Version 2.0.
+# Copyright, 2026, by General Intelligence Systems.
+
+# Loads the native vodozemac binding (ext/async_matrix_e2ee) and namespaces the
+# Olm/Megolm primitives under Async::Matrix::E2EE.
+#
+# The native classes (Account, Session, GroupSession, InboundGroupSession) and
+# the module function verify_signature are defined by the Rust #[magnus::init].
+# This file only locates and requires the compiled object.
+#
+#   account = Async::Matrix::E2EE::Account.new
+#   account.curve25519_key            # => base64 string
+#   group = Async::Matrix::E2EE::GroupSession.new
+#   msg   = group.encrypt("hello")    # => base64 megolm message
+#   inbound = Async::Matrix::E2EE::InboundGroupSession.new(group.session_key)
+#   inbound.decrypt(msg)              # => ["hello", 0]
+
+module Async
+  module Matrix
+    module E2EE
+    end
+  end
+end
+
+# rake-compiler installs the shared object alongside this file.
+require_relative "async_matrix_e2ee"
+
+test do
+  describe "Async::Matrix::E2EE" do
+    it "exposes account identity keys as base64" do
+      account = Async::Matrix::E2EE::Account.new
+      account.curve25519_key.should.be.kind_of String
+      account.ed25519_key.should.be.kind_of String
+      account.curve25519_key.length.should.be > 0
+    end
+
+    it "round-trips a megolm group message" do
+      group   = Async::Matrix::E2EE::GroupSession.new
+      inbound = Async::Matrix::E2EE::InboundGroupSession.new(group.session_key)
+
+      message = group.encrypt("hello world")
+      plaintext, index = inbound.decrypt(message)
+
+      plaintext.should == "hello world"
+      index.should == 0
+      inbound.session_id.should == group.session_id
+    end
+
+    it "round-trips an olm 1:1 message" do
+      alice = Async::Matrix::E2EE::Account.new
+      bob   = Async::Matrix::E2EE::Account.new
+      bob.generate_one_time_keys(1)
+      bob_otk = bob.one_time_keys.values.first
+
+      outbound = alice.create_outbound_session(bob.curve25519_key, bob_otk)
+      type, body = outbound.encrypt("yo g")
+      type.should == 0 # pre-key message
+
+      session, plaintext = bob.create_inbound_session(alice.curve25519_key, body)
+      plaintext.should == "yo g"
+
+      reply_type, reply_body = session.encrypt("hello back")
+      outbound.decrypt(reply_type, reply_body).should == "hello back"
+    end
+
+    it "verifies a valid ed25519 signature and rejects a bad one" do
+      account   = Async::Matrix::E2EE::Account.new
+      signature = account.sign("payload")
+
+      Async::Matrix::E2EE.verify_signature(account.ed25519_key, "payload", signature).should == true
+      Async::Matrix::E2EE.verify_signature(account.ed25519_key, "tampered", signature).should == false
+    end
+
+    it "survives a pickle round-trip" do
+      key   = "0" * 32
+      group = Async::Matrix::E2EE::GroupSession.new
+      pickled = group.pickle(key)
+
+      restored = Async::Matrix::E2EE::GroupSession.from_pickle(pickled, key)
+      restored.session_id.should == group.session_id
+    end
+  end
+end

data/lib/async/matrix/version.rb

@@ -5,6 +5,6 @@
 
 module Async
 	module Matrix
-    VERSION = "1.1.0"
+    VERSION = "1.2.0"
 	end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: async-matrix
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.2.0
 platform: ruby
 authors:
 - Nathan Kidd
@@ -107,6 +107,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.2'
+- !ruby/object:Gem::Dependency
+  name: rb_sys
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
 - !ruby/object:Gem::Dependency
   name: falcon
   requirement: !ruby/object:Gem::Requirement
@@ -149,12 +163,27 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake-compiler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.2'
 description: Async-native Matrix protocol primitives built on the Socketry async ecosystem.
   Provides well-known discovery, event notification, and application service models.
 email:
 - nathankidd@hey.com
 executables: []
-extensions: []
+extensions:
+- ext/async_matrix_e2ee/extconf.rb
 extra_rdoc_files: []
 files:
 - LICENSE
@@ -455,6 +484,9 @@ files:
 - data/matrix-spec/event-schemas/schema/m.sticker.yaml
 - data/matrix-spec/event-schemas/schema/m.tag.yaml
 - data/matrix-spec/event-schemas/schema/m.typing.yaml
+- ext/async_matrix_e2ee/Cargo.toml
+- ext/async_matrix_e2ee/extconf.rb
+- ext/async_matrix_e2ee/src/lib.rs
 - lib/async/discord.rb
 - lib/async/discord/api.rb
 - lib/async/discord/api/path_tree.rb
@@ -511,6 +543,7 @@ files:
 - lib/async/matrix/client.rb
 - lib/async/matrix/connection.rb
 - lib/async/matrix/double_puppet_client.rb
+- lib/async/matrix/e2ee.rb
 - lib/async/matrix/endpoint.rb
 - lib/async/matrix/error.rb
 - lib/async/matrix/media_client.rb