# v2 Secure Session Core — Applicable Standards

The following standards from `.claude/standards/` apply to this feature.

## security/credential-handling

No hardcoded credentials — JWT secret and the integration/agent keys come from env/SOPS only.
Argon2id for passwords (keep). **Per-agent keys and viewer tokens are hashed at rest and short-lived;
log every auth attempt (success and failure).** Directly governs Tasks 2–4 (the whole point of the phase).

Source: `.claude/standards/security/credential-handling.md`

## api/response-format

RESTful plural nouns, kebab-case multi-word segments (`/viewer-token`), a consistent error envelope
(`{ detail, error_code, status_code }` — and do NOT leak raw `e.to_string()`, the audit's Pass B finding),
pagination where lists grow, **idempotent sqlx migrations**. Governs the new endpoints in Tasks 2/4.

Source: `.claude/standards/api/response-format.md`

## gururmm/sqlx-migrations

Never manually pre-apply migrations; use `CREATE TABLE IF NOT EXISTS` / `ADD COLUMN IF NOT EXISTS`; let
the server apply its own migrations on startup and record them in `_sqlx_migrations`. Governs Task 1
(the v2 schema). (GC is PostgreSQL like RMM, so RMM's checksum/INET lessons transfer.)

Source: `.claude/standards/gururmm/sqlx-migrations.md`

## gururmm/platform-parity

Agent features must not silently no-op on a platform — a no-op without a `// TODO(platform): <os>` stub is
a bug. GC's agent is Windows-first, so this mostly governs the **raw+Zstd codec fallback** (Task 7 — the
Win7/no-HW path must work, not silently produce nothing) and any server code that branches on OS.

Source: `.claude/standards/gururmm/platform-parity.md`

## conventions/naming

Rust `snake_case` functions/vars, `PascalCase` types; **protobuf `PascalCase` messages / `snake_case`
fields**; database `snake_case` tables/columns. Governs the new proto messages (Task 5/7), the
`connect_agent_keys` schema (Task 1), and all new Rust.

Source: `.claude/standards/conventions/naming.md`

## conventions/no-emojis

Never use emojis in code, comments, logs, commit messages, or output — ASCII markers only
(`[OK]`/`[ERROR]`/`[WARNING]`/`[INFO]`). Applies to everything written this phase.

Source: `.claude/standards/conventions/no-emojis.md`

## git/commit-style

Conventional commit types (`feat:`/`fix:`/`docs:`/`refactor:`), `Co-Authored-By` trailer on Claude
commits, never commit secrets or build artifacts. Governs Task 0 and every task commit. (Conventional
commits also drive GC's auto-versioning per SPEC-001 §3.)

Source: `.claude/standards/git/commit-style.md`