Skip to content

feat(e2ee): support e2ee#631

Open
okxiaoliang4 wants to merge 4 commits intolivekit:mainfrom
okxiaoliang4:hotfix/e2ee
Open

feat(e2ee): support e2ee#631
okxiaoliang4 wants to merge 4 commits intolivekit:mainfrom
okxiaoliang4:hotfix/e2ee

Conversation

@okxiaoliang4
Copy link
Copy Markdown

@okxiaoliang4 okxiaoliang4 commented Mar 31, 2026

Update KeyProvider and FrameCryptor to include trackSid and modify setKey method

@changeset-bot
Copy link
Copy Markdown

changeset-bot bot commented Mar 31, 2026
edited
Loading

⚠️ No Changeset found

Latest commit: d448aa8

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@CLAassistant
Copy link
Copy Markdown

CLAassistant commented Mar 31, 2026

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

devin-ai-integration[bot]
devin-ai-integration bot reviewed Mar 31, 2026
View reviewed changes
Copy link
Copy Markdown

@devin-ai-integration devin-ai-integration bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

✅ Devin Review: No Issues Found

Devin Review analyzed this PR and found no potential bugs to report.

View in Devin Review to see 3 additional findings.

Open in Devin Review

Copilot AI review requested due to automatic review settings April 2, 2026 05:10
Copilot AI reviewed Apr 2, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the Node RTC SDK’s E2EE integration to match newer @livekit/rtc-ffi-bindings APIs, including per-track cryptor identification (trackSid) and updated key-setting behavior.

Changes:

  • Bump @livekit/rtc-ffi-bindings from 0.12.46-dev.8 to 0.12.52 (and update the lockfile accordingly).
  • Update FrameCryptor to carry trackSid and include it in relevant FFI requests.
  • Change KeyProvider.setKey to require the raw key bytes, and add convenience wrappers on E2EEManager.

Reviewed changes

Copilot reviewed 2 out of 3 changed files in this pull request and generated 3 comments.

File Description
pnpm-lock.yaml Locks the repo to @livekit/rtc-ffi-bindings@0.12.52 (all platform packages updated).
packages/livekit-rtc/src/e2ee.ts Updates E2EE request shapes (adds trackSid, changes setKey signature, adds manager wrappers).
packages/livekit-rtc/package.json Pins @livekit/rtc-ffi-bindings dependency to 0.12.52.
Files not reviewed (1)
  • pnpm-lock.yaml: Language not supported
Comments suppressed due to low confidence (1)

packages/livekit-rtc/src/e2ee.ts:41

  • DEFAULT_RATCHET_WINDOW_SIZE is changed, but KeyProviderOptions (including ratchetWindowSize, ratchetSalt, and failureTolerance) is currently only stored on KeyProvider and never used to configure the underlying FFI. If the intent is to change ratchet behavior, this file should pass these options into an initialization/config request; otherwise the default values here are effectively dead configuration and can be misleading.
const DEFAULT_RATCHET_SALT = new TextEncoder().encode('LKFrameEncryptionKey');
const DEFAULT_RATCHET_WINDOW_SIZE = 10;
const DEFAULT_FAILURE_TOLERANCE = -1;

export interface KeyProviderOptions {
  sharedKey?: Uint8Array;
  ratchetSalt?: Uint8Array;
  ratchetWindowSize?: number;
  failureTolerance?: number;
}

export const defaultKeyProviderOptions: KeyProviderOptions = {
  ratchetSalt: DEFAULT_RATCHET_SALT,
  ratchetWindowSize: DEFAULT_RATCHET_WINDOW_SIZE,
  failureTolerance: DEFAULT_FAILURE_TOLERANCE,

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

packages/livekit-rtc/src/e2ee.ts
Comment on lines +126 to 135
setKey(participantIdentity: string, key: Uint8Array, keyIndex: number) {
const req = new E2eeRequest({
roomHandle: this.roomHandle,
message: {
case: 'setKey',
value: new SetKeyRequest({
keyIndex: keyIndex,
participantIdentity: participantIdentity,
key,
}),
Copy link

Copilot AI Apr 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

KeyProvider.setKey is a breaking change for consumers (this class is exported from src/index.ts), since it now requires a Uint8Array key parameter and changes the method signature/semantics. Consider providing an overload/backwards-compatible alternative (or a new method name) and/or documenting the migration path so downstream users don’t unexpectedly break on upgrade.

Copilot uses AI. Check for mistakes.
packages/livekit-rtc/src/e2ee.ts
Comment on lines 213 to 246
setEnabled(enabled: boolean) {
this.enabled = enabled;
const req = new E2eeRequest({
roomHandle: this.roomHandle,
message: {
case: 'cryptorSetEnabled',
value: new FrameCryptorSetEnabledRequest({
participantIdentity: this.participantIdentity,
trackSid: this.trackSid,
enabled: this.enabled,
}),
},
});

FfiClient.instance.request({
message: {
case: 'e2ee',
value: req,
},
});
}

setKeyIndex(keyIndex: number) {
this.keyIndex = keyIndex;
const req = new E2eeRequest({
roomHandle: this.roomHandle,
message: {
case: 'cryptorSetKeyIndex',
value: new FrameCryptorSetKeyIndexRequest({
participantIdentity: this.participantIdentity,
trackSid: this.trackSid,
keyIndex: this.keyIndex,
}),
},
Copy link

Copilot AI Apr 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There’s no test coverage around the new/changed E2EE request payloads (notably trackSid being included in cryptorSetEnabled/cryptorSetKeyIndex). Since this package already uses Vitest for unit tests, consider adding a small unit test that stubs globalThis._ffiClientInstance and asserts the constructed E2eeRequest includes trackSid (and the expected values) to prevent regressions.

Copilot uses AI. Check for mistakes.
packages/livekit-rtc/package.json
Comment on lines 33 to 38
"@datastructures-js/deque": "1.0.8",
"@livekit/mutex": "^1.0.0",
"@livekit/typed-emitter": "^3.0.0",
"@livekit/rtc-ffi-bindings": "0.12.46-dev.8",
"@livekit/rtc-ffi-bindings": "0.12.52",
"pino": "^9.0.0",
"pino-pretty": "^13.0.0"
Copy link

Copilot AI Apr 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR changes exported public APIs in e2ee.ts (e.g., KeyProvider.setKey signature) but packages/livekit-rtc’s package version isn’t updated here. If this package follows semver, consider bumping the version (and/or adding release notes) to reflect the breaking API change for downstream users.

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@devin-ai-integration devin-ai-integration[bot] devin-ai-integration[bot] left review comments

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@okxiaoliang4 @CLAassistant