SQLCipher integration with API for storing Session Pro revocations and account seed #74

Doy-lee · 2026-01-08T23:49:15Z

This introduces SQLCipher, building on from https://github.com/mpretty-cyro/libsession-util/tree/feature/initial-database# The database is exposed under the session::database::Connection interface and we also in addition to that introduce a overarching managing class dubbed session::core::Core that manages requests going into the database, caching queries before insertion and returning results from caches instead of the DB if it hasn't been invalidated yet.

The intended usage pattern of the new code looks something like this:

  #include <sodium/randombytes.h>
  #include <session/core.hpp>

  int main() {
    session::core::Core core = {};

    // Optionally create/open the DB to persist state to. If this step is skipped the core will only
    // maintain libsession state (like the user's long term seed or the pro revocation list) in
    // runtime memory and will be lost on shutdown. Persisting user state is then left to the
    // integrating application's discretion.
    try {
      // Generate the encryption key for the DB (if you had a pre-existing DB this is where you
      // would load the key to pass in).
      session::cleared_array<48> db_enc_key = {};
      randombytes_buf(db_enc_key.data(), db_enc_key.size());

      core.open_db(":memory:", db_enc_key);
    } catch (const std::exception& e) {
      // ... error handling
    }

    // Update the revocation list stored in Core (if the DB was opened successfully, this will also
    // persist the revocation list to the DB for example).
    //
    // In a production application you would sleep on an event loop responsible for dispatching and
    // receiving the revocation list queries and call this function to update the revocation list
    // that is cached and the DB
    if (core.pro_update_revocations(...)) { ... }

    // Interfacing code calls this API to check if the specific proof in question is revoked or not
    if (core.pro_proof_is_revoked(...)) { ... }
  }

…r from the backend

Pre-empting the idea that libsession should start managing state on behalf of the caller by first having a runtime cache of the Session Pro revocation list that backs up to the DB on update.

Alongside upgrading from 4.6.1 to 4.12 there are a few new changes to some of the conventions followed by SQLCipher which are summarised as follows: - SQLCipher now generates a libsqlite3.a instead of libsqlcipher.a - The include directory mirrors sqlite3 layout so #include <sqlcipher/sqlite3.h> turns into #include <sqlite3.h> - tcl is no longer required as a dependency which was previously used to create the amalgamated SQLite source file (they now have an internal tool jimsh0 to create this if tcl's missing). - Some SQLCipher ./configure options are updated - --with-pic does not exist anymore - --enable-fts5 was updated to --fts5 - --with-tempstore=3 (or =always) was added - -DSQLITE_EXTRA_INIT=sqlcipher_extra_init and -DSQLITE_EXTRA_SHUTDOWN=sqlcipher_extra_shutdown are new defines that must be set

…_CRYPTO_COMMONCRYPTO

…vided by libsession Initially these changes were stored as a separate database library and it was tempting to put everything into the crypto library but from the architecture aspect this didn't seem right. The crypto library contains all the low-level primitives to talk on the Session Protocol. These new changes include a database and a manager for libsession state which exclusively uses the primitives and tooling provided by libsession that merging it into the low-level cryptography didn't seem right. In essence this is more the service layer that provides, _additional_ services for applications to use to book-keep the libsession state such as - persistent storage, i.e. the database - caching of the runtime state of libsession i.e. the core

…it from doing -lFramework

… xbuild

…or OpenSSL

…oid builds Whilst we can use the new android targets for the ./Configure tool that openssl has, this has issues in that it doesn't support the clang NDK toolchain, it still defaults to gcc and there doesn't seem to be a way to override this without setting CC/AR/CXX/RANLIB e.t.c. Oxen-core can statically build openssl already without issues so we're going to revert back to what it's doing and KISS.

… OpenSSL

Doy-lee and others added 29 commits January 5, 2026 11:14

Add blinded community session encrypt functions

a89e85e

Added SQLCipher dependency, started testing database access

44d5e33

Merge in wip-SQLite branch

e1b27e0

Update pre-requisite dependencies line

cd32d82

Remove defines from database.cpp, use target_compile_definitions

7717345

Add pro revocation add/get/delete from SQL DB APIs

780881d

Make pro backend server tests off by default, specify URL to let it run

696850f

Bundle the revocation ticket with the get/setter as they come togethe…

ff5c229

…r from the backend

Introuce managed libsession context to maintain runtime state

d31ecb8

Pre-empting the idea that libsession should start managing state on behalf of the caller by first having a runtime cache of the Session Pro revocation list that backs up to the DB on update.

Add C interface for database connections

c8d2d78

Add C api for libsession core context

d65dceb

Document the role of core.hpp and connection.hpp

edbd925

Add connection close to CPP db layer

2a502ce

Allow storing of private keys into the DB

2a90ebd

Separate pro backend dev server tests from the main test block

9fb8926

Fix pro backend tests not being skipped if server URL is not specified

277d4d7

Add open DB to core API which restores state from DB

0404f95

Update readme build instructions

78ac664

Add locking to Core APIs and update usage guide

483259c

Linting

8d0bdb3

Move types.cpp into the util layer where it belongs

aa0cd00

Bump Core placement new buffer to atleast 184b for debian sid

bd0d95e

Copy the frameworks to link to verbatim to avoid fixing CMake crap

bc5f73c

SQLCipher v4.12.0 checks for SQLCIPHER_CRYPTO_CC instead of SQLCIPHER…

378c514

…_CRYPTO_COMMONCRYPTO

Bump core opaque placement new buffer to 208b for apple clang

453aca5

Explicitly delimit the sqlcipher_link_libs for Apple to try and stop …

70aea95

…it from doing -lFramework

Fix build when database is disabled

6dd40d6

Doy-lee force-pushed the doyle-pro-with-sqlite branch from 628d31e to 7efbb76 Compare January 9, 2026 05:36

Doy-lee added 6 commits January 13, 2026 15:30

Add Android's liblog required for SQLite/cipher

c12cf96

Specify NDK sysroot for OpenSSL

8ce54e1

TEST: Try removing WIN32 guard for OpenSSL for the static windows x64…

83b508a

… xbuild

Specify NDK sysroot before config options for OpenSSL

1753038

Use updated method to pass toolchain for MINGW re: NOTES-WINDOWS.md f…

7a14966

…or OpenSSL

Switch to the modern Configure tool for OpenSSL

5108ca8

Doy-lee force-pushed the doyle-pro-with-sqlite branch 2 times, most recently from efe9c66 to a3064d3 Compare January 13, 2026 06:59

Specify correct android target for OpenSSL Configure

64a9894

Doy-lee force-pushed the doyle-pro-with-sqlite branch from a3064d3 to 64a9894 Compare January 13, 2026 07:07

Doy-lee added 5 commits January 13, 2026 18:19

Switch to arm target for armeabi

09086ba

TEMP: Test arm64 for 32 bit OpenSSL hack

de9f44b

Cross-compile-prefix for mingw breaks ccache hijacking

f2945f6

Ensure ws2_32 crypt32 is available for mingw

4490bfb

Specify the exact library to build for sqlcipher

718d0a1

Doy-lee force-pushed the doyle-pro-with-sqlite branch from a35144e to ea1ddb7 Compare January 13, 2026 08:54

Add work-around for sqlite3.exe being built on windows

15e824d

Doy-lee force-pushed the doyle-pro-with-sqlite branch from ea1ddb7 to 15e824d Compare January 13, 2026 09:16

Doy-lee added 5 commits January 14, 2026 10:10

Ensure WINDRES is set for mingw OpenSSL cross compile

9d6a28a

OpenSSL uses RC= for Win32 resource compiler, set the NDK sysroot for…

d419c7a

… OpenSSL

Specify the correct sysroot for the android NDK toolchain in OpenSSL

bc7279d

Help OpenSSL android static vbuild find asm/types.h

5871b2c

Doy-lee force-pushed the doyle-pro-with-sqlite branch from 9b41cad to 5871b2c Compare January 14, 2026 04:11

Doy-lee added 2 commits January 14, 2026 15:16

TEMP: Apple triple check

5c7caac

Apple does not need to build OpenSSL so skip it entirely

6d46c40

Doy-lee force-pushed the doyle-pro-with-sqlite branch 2 times, most recently from b3b4484 to 3be2126 Compare January 14, 2026 06:28

Use apple arch flags from oxen-libquic staticbuild

8673e75

Doy-lee force-pushed the doyle-pro-with-sqlite branch from 3be2126 to 8673e75 Compare January 14, 2026 06:38

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

SQLCipher integration with API for storing Session Pro revocations and account seed #74

SQLCipher integration with API for storing Session Pro revocations and account seed #74

Uh oh!

Doy-lee commented Jan 8, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

SQLCipher integration with API for storing Session Pro revocations and account seed #74

Are you sure you want to change the base?

SQLCipher integration with API for storing Session Pro revocations and account seed #74

Uh oh!

Conversation

Doy-lee commented Jan 8, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants