Internal developer documentation for the Se7enFriends .NET MAUI 10 platform. Privacy-first, P2P encrypted messaging. All documentation scraped live from source.
Se7enDocs_Export.ps1
Per-method purpose, caller contracts, SyncAction linkages, policy keys, and workflow membership.
Every SyncAction: domain, handler, payload type, placement, business process, success path, sequence diagrams.
ISe7enModel classes and Se7enEnum types with full property tables and cross-linked tooltips.
IHealthCheckable components by tier, full initialisation sequence, Mermaid boot pipeline diagram.
Crypto, transport, and sync service implementations with category grouping, lifecycle tags, and per-method docs.
Every annotated process step across all orchestrators — phases, implementation status, subprocess links, and per-process sequence diagrams.
Human narrative layer — ELI5 phase breakdowns, design decisions, two-device sequence diagrams, and the WHY behind each process.
Cross-domain policy matrix — see every setting, where it's overridden across domains, resolver strategies, and full per-setting detail.
ViewModels, Views, and Components with process entry point badges, orchestrator bindings, and cross-links to the process flows they participate in.
SHA256(TrueRK + "|" + peerId), base64, first 32 chars. Must match identically in DirectConnection, AddressBook (E1), and PeerConnection. AAD for session traffic = sessionId bytes.
Base64(SHA256(min(myC,peer.C) + "|" + max(myC,peer.C))) -- order-independent, co-derived. Neither peer can forge it alone. RkContrib tag format: rkcontrib:{base64}.
Must use BootstrapFrame wrapping -- NOT PrepareOutboundAsync. Inbound source port is ephemeral; endpoint lookup always fails. BootstrapFrame carries SenderPublicKey in the clear; receiver derives BootstrapRK without lookup.
Everything flows through SyncQueue -- no direct orchestrator-to-storage writes. Relay call is the authority; local mirror fires only on relay Success. Local failure is non-fatal (logged Warning only).
PrepareForSyncAsync is the approval decision point. Check wrapped.Domain == Domain.ConsentAndApproval -- do not inspect IsWrapper. Caller must enqueue result AND await WaitForResultAsync on wrapper ID.
Guardian-aware policy gates protect minors at every sync step. RequireGuardianApproval flows through ConsentAndApprovalDomainOrchestrator. GuardianApprovalFlow applies across Trust, AddressBook, and Messaging.
Session traffic AAD = sessionId bytes. RK traffic AAD = peerId / recipientUserId bytes. BootstrapFrame AAD = localProfileUserId bytes (recipient). Never mix AAD contexts.
RcsDomainOrchestrator endpoint uses LAN IP from network interfaces -- NOT relay-observed IP. PmsDomainOrchestrator: ILogIdentifiable NOT implemented, Name = "PmsOrchestrator".
https://docs.se7enfriends.app/OrchestratorMethods.csv
OrchestratorMethods.csv · SyncActionDescriptors.csv · PolicySettings.csv · ModelShapes.csv · ServiceShapes.csv · UiShapes.csv · healthcheckables.csv · ProcessFlows.csv · WorkflowDocs.csv · devlog.csv · Workflows/*.md
git push. Run Se7enDocs_Export.ps1, wait 30s, start session.