locked mode (subscriber lists encrypted at rest)

STUB SPECS:

channel mode:

• channel admins can request a locked channel at inception, or make an unlocked channel locked by sending the "LOCK" command

key material:

• each locked channel has a (libsodium) public/private keypair
• all subscriber phone numbers are encrypted to the channel's public key
• the channel's private key is stored on the server encrypted to a shared secret that only channel admins possess
• the secret is generated when the channel is created (or converted to a locked channel) and sent to the channel admins via a signal message (either in the welcome message, or in a one-time-only message upon upgrade to locked status)
• to retrieve the secret, an admin must look in their signal message history
• if they ever lose this secret, they will be unable to unlock the channel (but they can ask another admin for it!)

message flow:

• if an admin tries to send a message on a locked channel, they receive a message that says: "please provide your password to unlock this channel"
• they then respond with the shared secret
• the server reads the shared secret and uses it to decrypt the channel's private key
  • the private key is stored in memory but left encrypted on disk
  • the shared secret is deleted from memory as soon as it is used to decrypt the private key
• signalboost responds to the user with a "channel unlocked!" message
  • "unlocking the channel" decrypts the private key so that the session can decrypt user phone numbers when sending messages
  • user phone numbers themselves are only decrypted ephemerally in memory when sending a message, and remain stored encrypted on disk at all times
• the channel remains unlocked until no message has been sent on the channel for N (5?) minutes, at which point the decrypted version of the user's private key is deleted from memory
• if the user tries to send a message again, they receive a "channel locked" response, and must begin the cycle again