Discord DAVE Protocol (E2EE) for voice

[braindigitalis]

DAVE? What? huh?

This mega-PR implements Discord's DAVE protocol.

DAVE is an end-to-end encryption scheme that uses MLS (message layer security). To add support for this we use a fork of libdave (a Discord-made open source library) to which i have changed to our code style and documented.
This also depends on libmlspp, which is a third party dependency from cisco, but is currently only available on GitHub and on vcpkg, as such we have made our own fork. Our own fork of mlspp changes the build scripts, as by default it compiles AND INSTALLS as a shared object libmlspp.so, and also installs libbytes.so, libhpke,so, libmls_vectors.so and libtls_syntax.so. We really do NOT want all these installing alongside dpp and becoming separated requirements so this is linked statically into libdpp.so.

Notes about Discord's libdave and Cisco's mlspp

Note that both libdave and mlspp are significantly smaller libraries in terms of poplarity and userbase than dpp, as the mls protocol is yet to pick up widespread traction beyond innovators at places like cisco, signal, facebook, and google. In time, as mls becomes a more popular protocol (IF it becomes a more popular protocol) we can expect better documentation and support for it from third parties and things like libmlspp ending up in places like apt repositories.

Note that if the user disables voice, libmlspp isnt built at all, and nor is the entire of src/dpp/dave

Important: mlspp is not applicable for our code review. It is a security library and its implementation should be considered blackboxed and left well alone!

Refactoring

I have done significant refactoring of discordvoiceclient.cpp to split it into several separate files - if voice is enabled, everything under src/dpp/voice/enabled is compiled into dpp, else everything in src/dpp/voice/disabled is compiled into dpp; currently, a simple empty stub of discord_voice_client. This makes dpp with voice disabled an extremely streamlined version of the library.

Todo

• MLS negotiation of group
• Sending audio
• Receiving audio
• User join/part of exising MLS group
• Protocol downgrade if last MLS user leaves
• Documentation
• Tidy up and reformat libdave - pay attention to asserts

Code change checklist

• I have ensured that all methods and functions are fully documented using doxygen style comments.
• My code follows the coding style guide.
• I tested that my change works before raising the PR.
• I have ensured that I did not break any existing API calls.
• I have not built my pull request using AI, a static analysis tool or similar without any human oversight.

[Jaskowicz1]

so many new lines I think i'm gonna dream of them tonight.

[Mishura4]

Hard to say what code is new and what was moved, but there are some issues. Congrats on getting the feature working though

[RealTimeChris]

Looks good to me.

[Mishura4]

👍 Eskeetit