From 7adeebfe05cc3fb9c4a7b4846ed4b617a8d06c69 Mon Sep 17 00:00:00 2001
From: Christian Gick <service@agiliton.eu>
Date: Sun, 22 Feb 2026 11:46:32 +0200
Subject: [PATCH] fix(voice): restore set_shared_key fallback +
 failure_tolerance=10 from working commit e3ede3f
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The confirmed-working Feb 21 commit (e3ede3f) used:
- kp.set_shared_key(caller_key) as fallback for incoming audio decryption
- failure_tolerance=10 (not -1) so DEC_FAILED state changes are visible

Per-participant kp.set_key() alone is insufficient — the patched Rust FFI
appears to fall back to shared_key for incoming track decryption.
failure_tolerance=-1 was masking the DEC_FAILED state making diagnosis hard.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 voice.py | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/voice.py b/voice.py
index 696d54d..deb89cb 100644
--- a/voice.py
+++ b/voice.py
@@ -94,7 +94,7 @@ def _build_e2ee_options() -> rtc.E2EEOptions:
         shared_key=b"",  # empty = per-participant mode
         ratchet_window_size=10,
         ratchet_salt=b"LKFrameEncryptionKey",
-        failure_tolerance=-1,
+        failure_tolerance=10,
         key_ring_size=256,
         key_derivation_function=KDF_HKDF,  # Rust FFI applies HKDF; we pass raw base keys
     )
@@ -145,6 +145,12 @@ class VoiceSession:
                         kp.set_key(p.identity, key, index)
                         logger.info("Live-updated caller raw key[%d] for LK identity %s",
                                     index, p.identity)
+                # Also update shared_key fallback — FFI may use this for incoming decryption.
+                try:
+                    kp.set_shared_key(key, index)
+                    logger.info("Live-updated shared_key fallback[%d]", index)
+                except Exception:
+                    pass
             except Exception as e:
                 logger.warning("Failed to live-update caller key: %s", e)
 
@@ -358,6 +364,18 @@ class VoiceSession:
             elif not remote_identity:
                 logger.warning("No remote participant found — caller keys not set")
 
+            # Fallback: also set shared_key to the most recent caller key.
+            # In the patched Rust FFI, per-participant decryption may fall back to shared_key
+            # for incoming audio. This was confirmed working in e3ede3f (Feb 21 19:40 UTC).
+            if self._caller_key:
+                try:
+                    max_idx = max(self._caller_all_keys.keys()) if self._caller_all_keys else 0
+                    kp.set_shared_key(self._caller_key, max_idx)
+                    logger.info("Set shared_key fallback to caller key[%d] (%d bytes)",
+                                max_idx, len(self._caller_key))
+                except Exception as e:
+                    logger.warning("Failed to set shared_key fallback: %s", e)
+
             if remote_identity:
                 logger.info("Linking to remote participant: %s", remote_identity)