codeErrorSleep · mrhuangyong · Jun 2, 2026 · Jun 2, 2026 · Jun 2, 2026 · Jun 2, 2026
diff --git a/docs/superpowers/plans/2026-06-02-config-sync.md b/docs/superpowers/plans/2026-06-02-config-sync.md
diff --git a/docs/superpowers/specs/2026-06-02-config-sync-design.md b/docs/superpowers/specs/2026-06-02-config-sync-design.md
@@ -0,0 +1,245 @@
+# Config Sync Design — DbPaw
+
+## Summary
+
+Add configuration synchronization across devices via S3 or WebDAV, with end-to-end encryption. Supports manual and automatic sync modes with Last-Write-Wins conflict resolution.
+
+## Scope
+
+### Synced Data
+- Database connection configurations (connections table)
+- Saved queries (saved_queries table)
+- AI provider configurations (ai_providers table, excluding conversations/messages)
+- User settings (settings.json via tauri-plugin-store)
+- Keyboard shortcuts (stored in settings)
+
+### NOT Synced
+- AI conversations and messages — device-local, high volume
+- SQL/Redis execution logs — device-local, transient
+- AI master key — per-device encryption key
+- Connection pool state — runtime-only
+
+## Architecture
+
+```
+Frontend (React)
+  SettingsDialog → Sync Tab (SyncSettings.tsx)
+       │
+       ▼ invoke()
+Backend (Rust)
+  SyncManager
+    ├── CryptoEngine (PBKDF2 + AES-256-GCM)
+    ├── Snapshot export/import
+    ├── Change detection (SHA-256 hash)
+    └── Auto-sync timer (tokio interval)
+         │
+         ▼ SyncProvider trait
+    ┌────────┬──────────┐
+    │  S3    │  WebDAV  │
+    └────────┴──────────┘
+```
+
+## SyncProvider Trait
+
+```rust
+#[async_trait]
+pub trait SyncProvider: Send + Sync {
+    async fn test_connection(&self) -> Result<(), String>;
+    async fn put_object(&self, key: &str, data: &[u8]) -> Result<(), String>;
+    async fn get_object(&self, key: &str) -> Result<Option<Vec<u8>>, String>;
+    async fn delete_object(&self, key: &str) -> Result<(), String>;
+}
+```
+
+### S3 Provider
+- Config: endpoint, region, bucket, access_key_id, secret_access_key, path_prefix
+- Uses `reqwest` + manual AWS Signature V4 (no heavy AWS SDK dependency)
+- Remote path: `s3://{bucket}/{path_prefix}sync_snapshot.enc`
+
+### WebDAV Provider
+- Config: server_url, username, password
+- Uses `reqwest` with standard HTTP PUT/GET/DELETE
+- Remote path: `{server_url}/sync_snapshot.enc`
+
+## Encryption
+
+```
+User password → PBKDF2-SHA256 (600k iterations, random 16-byte salt) → AES-256-GCM key
+Plaintext snapshot JSON → AES-256-GCM (random 12-byte nonce) → ciphertext
+
+File format: [16 bytes salt][12 bytes nonce][ciphertext + GCM tag]
+```
+
+- Snapshot includes a `snapshot_hash` (SHA-256 of plaintext) for integrity verification after decryption
+- Wrong password → GCM tag verification fails → user-friendly error
+
+## Snapshot Format
+
+```json
+{
+  "version": 1,
+  "device_id": "uuid",
+  "timestamp": "2026-06-02T10:30:00Z",
+  "snapshot_hash": "sha256-of-plaintext",
+  "data": {
+    "connections": [...],
+    "saved_queries": [...],
+    "ai_providers": [...],
+    "settings": { "key": "value" }
+  }
+}
+```
+
+### Sensitive Field Handling
+- Connection passwords: plaintext inside encrypted snapshot (E2E encryption protects in transit/at rest)
+- AI API Keys: plaintext inside snapshot; on import, re-encrypted with local `ai_master.key`
+- SSH key paths: synced as-is (users may need to verify paths on different OS)
+- Provider credentials (S3 secret key / WebDAV password): stored locally encrypted with `ai_master.key`
+
+## Sync Mode: Hybrid
+
+### Auto Sync (default)
+- App startup → 30s delay (wait for LocalDb init) → first pull
+- Every 5 minutes → hash comparison → push if changed
+- Configurable interval
+- Silent failure on network errors, recorded in `last_sync_result`
+
+### Manual Sync
+- "Sync Now" → pull + push
+- "Force Push" → local overwrites remote
+- "Force Pull" → remote overwrites local
+
+## Conflict Resolution: Last-Write-Wins
+
+```
+Pull remote → compare timestamps:
+  - remote.timestamp > local.timestamp AND remote.device_id != local.device_id → apply remote
+  - otherwise → skip (local is newer or same device)
+```
+
+Applying remote data:
+1. Clear local tables (connections, saved_queries, ai_providers)
+2. Insert remote data
+3. Update settings.json keys
+4. Re-encrypt AI API keys with local `ai_master.key`
+5. Update `last_synced_hash`
+
+## Change Detection
+
+```
+local data → export to JSON → SHA-256 hash → compare with last_synced_hash
+  - different → local has changes → push
+  - same → no changes → skip
+```
+
+`last_synced_hash` stored in `sync_state` table in SQLite.
+
+## Database: sync_state Table
+
+```sql
+CREATE TABLE IF NOT EXISTS sync_state (
+    key TEXT PRIMARY KEY,
+    value TEXT NOT NULL,
+    updated_at TEXT NOT NULL DEFAULT (datetime('now'))
+);
+```
+
+Keys: `device_id`, `sync_config` (JSON, provider params without passwords), `sync_enabled`, `last_synced_hash`, `last_sync_at`, `last_sync_result`, `sync_password_hash` (for verification without storing plaintext)
+
+## Tauri Commands
+
+| Command | Purpose |
+|---------|---------|
+| `sync_test_connection(config)` | Validate provider connectivity |
+| `sync_configure(config, sync_password)` | Save config + first upload |
+| `sync_get_status()` | Return current sync state |
+| `sync_now()` | Manual pull + push |
+| `sync_force_push()` | Local overwrites remote |
+| `sync_force_pull()` | Remote overwrites local |
+| `sync_disable()` | Turn off sync, keep config |
+| `sync_update_password(old, new)` | Re-encrypt with new password |
+
+## Frontend
+
+### New Files
+- `src/components/settings/SyncSettings.tsx` — Sync tab in Settings dialog
+- Type definitions for SyncConfig, SyncStatus, SyncResult
+
+### Modified Files
+- `src/services/api.ts` — Add `syncApi` namespace
+- `src/components/settings/SettingsDialog.tsx` — Add Sync tab
+
+### UI Layout
+- Provider selector dropdown (S3 / WebDAV)
+- Dynamic form fields based on provider
+- Sync password + confirmation inputs
+- Test Connection button with status indicator
+- Auto-sync toggle + interval selector
+- Sync status display (device ID, last sync time, result)
+- Action buttons: Sync Now, Force Push, Force Pull, Disable
+
+## Backend Files
+
+### New Files
+| File | Purpose |
+|------|---------|
+| `src-tauri/src/sync/mod.rs` | Module entry |
+| `src-tauri/src/sync/provider.rs` | SyncProvider trait |
+| `src-tauri/src/sync/crypto.rs` | PBKDF2 + AES-256-GCM |
+| `src-tauri/src/sync/manager.rs` | SyncManager (export/import/timer/hash) |
+| `src-tauri/src/sync/s3.rs` | S3 implementation (reqwest + Sig V4) |
+| `src-tauri/src/sync/webdav.rs` | WebDAV implementation (reqwest) |
+| `src-tauri/src/commands/sync.rs` | Tauri command handlers |
+| `src-tauri/migrations/017_sync_state.sql` | sync_state table migration |
+
+### Modified Files
+| File | Change |
+|------|--------|
+| `src-tauri/src/lib.rs` | Register sync commands, start/stop auto-sync on app lifecycle |
+| `src-tauri/src/state.rs` | Add `sync_manager` to AppState |
+| `src-tauri/src/db/local.rs` | Add sync_state CRUD methods |
+| `src-tauri/Cargo.toml` | Add `sha2`, `hmac`, `pbkdf2` dependencies |
+
+## New Rust Dependencies
+
+```toml
+sha2 = "0.10"
+hmac = "0.12"
+pbkdf2 = "0.12"
+# aes-gcm, reqwest, serde_json, chrono — already present
+```
+
+## Error Prefixes
+
+- `[SYNC_CONFIG_ERROR]` — Invalid configuration
+- `[SYNC_CONNECTION_ERROR]` — Remote connection failure
+- `[SYNC_CRYPTO_ERROR]` — Encryption/decryption failure
+- `[SYNC_MERGE_ERROR]` — Data merge failure
+- `[SYNC_PASSWORD_ERROR]` — Wrong sync password
+
+## Edge Cases
+
+| Scenario | Handling |
+|----------|----------|
+| Remote has no snapshot | First sync, push local data |
+| Fresh install (no local data) | Pull remote data |
+| Wrong sync password | GCM tag verification fails, show error |
+| Remote unreachable | Auto-sync silent fail, record error, no impact on normal usage |
+| App exit during sync | Cancel in-progress sync, don't block exit |
+| Concurrent sync (two windows) | Mutex ensures single operation at a time |
+| Schema version mismatch | Snapshot `version` field check on import |
+| Rapid multi-device edits | Last-Write-Wins may lose intermediate changes (user-accepted tradeoff) |
+
+## Auto-Sync Lifecycle
+
+```
+App startup → LocalDb init complete
+  → SyncManager::new(state)
+  → Read sync_state: enabled?
+    → Yes: delay 30s → pull → start interval timer (5min, configurable)
+    → No: idle
+
+App exit (RunEvent::Exit):
+  → Cancel timer
+  → Don't wait for in-progress sync
+```
diff --git a/src-tauri/Cargo.lock b/src-tauri/Cargo.lock
diff --git a/src-tauri/Cargo.toml b/src-tauri/Cargo.toml
@@ -68,6 +68,11 @@ axum = "0.8"
 tower = "0.5"
 tower-http = "0.6"
 async-stream = "0.3"
+sha2 = "0.10"
+hmac = "0.12"
+pbkdf2 = "0.12"
+hex = "0.4"
+url = "2"
 
 [target.'cfg(windows)'.dependencies]
 tiberius = { version = "0.12", features = ["winauth"] }

diff --git a/src-tauri/migrations/017_sync_state.sql b/src-tauri/migrations/017_sync_state.sql
@@ -0,0 +1,5 @@
+CREATE TABLE IF NOT EXISTS sync_state (
+    key TEXT PRIMARY KEY,
+    value TEXT NOT NULL,
+    updated_at TEXT NOT NULL DEFAULT (datetime('now'))
+);
diff --git a/src-tauri/src/commands/ai.rs b/src-tauri/src/commands/ai.rs
@@ -170,6 +170,7 @@ pub async fn ai_create_provider(
     normalize_provider_form(&mut config, Some("openai"))?;
     let db = get_db(&state).await?;
     let created = db.create_ai_provider(config).await?;
+    state.sync_scheduler.notify_data_changed();
     db.get_ai_provider_public_by_id(created.id).await
 }
 
@@ -192,6 +193,7 @@ pub async fn ai_update_provider(
     normalize_provider_form(&mut config, None)?;
     let db = get_db(&state).await?;
     let updated = db.update_ai_provider(id, config).await?;
+    state.sync_scheduler.notify_data_changed();
     db.get_ai_provider_public_by_id(updated.id).await
 }
 
@@ -209,7 +211,9 @@ pub async fn ai_update_provider_direct(
 #[tauri::command]
 pub async fn ai_delete_provider(state: State<'_, AppState>, id: i64) -> Result<(), String> {
     let db = get_db(&state).await?;
-    db.delete_ai_provider(id).await
+    let result = db.delete_ai_provider(id).await;
+    state.sync_scheduler.notify_data_changed();
+    result
 }
 
 pub async fn ai_delete_provider_direct(state: &AppState, id: i64) -> Result<(), String> {
@@ -220,7 +224,9 @@ pub async fn ai_delete_provider_direct(state: &AppState, id: i64) -> Result<(),
 #[tauri::command]
 pub async fn ai_set_default_provider(state: State<'_, AppState>, id: i64) -> Result<(), String> {
     let db = get_db(&state).await?;
-    db.set_default_ai_provider(id).await
+    let result = db.set_default_ai_provider(id).await;
+    state.sync_scheduler.notify_data_changed();
+    result
 }
 
 pub async fn ai_set_default_provider_direct(state: &AppState, id: i64) -> Result<(), String> {
@@ -235,7 +241,9 @@ pub async fn ai_clear_provider_api_key(
 ) -> Result<(), String> {
     let provider_type = normalize_provider_type(&provider_type)?;
     let db = get_db(&state).await?;
-    db.clear_ai_provider_api_key(&provider_type).await
+    let result = db.clear_ai_provider_api_key(&provider_type).await;
+    state.sync_scheduler.notify_data_changed();
+    result
 }
 
 pub async fn ai_clear_provider_api_key_direct(

diff --git a/src-tauri/src/commands/connection.rs b/src-tauri/src/commands/connection.rs
@@ -647,7 +647,9 @@ pub async fn create_connection(
         lock.clone()
     };
     if let Some(db) = local_db {
-        db.create_connection(form).await
+        let result = db.create_connection(form).await;
+        state.sync_scheduler.notify_data_changed();
+        result
     } else {
         Err("Local DB not initialized".to_string())
     }
@@ -684,7 +686,9 @@ pub async fn update_connection(
         // If connection is updated, we should remove it from pool so next usage reconnects with new config
         state.pool_manager.remove_by_prefix(&id.to_string()).await;
 
-        db.update_connection(id, form).await
+        let result = db.update_connection(id, form).await;
+        state.sync_scheduler.notify_data_changed();
+        result
     } else {
         Err("Local DB not initialized".to_string())
     }
@@ -710,7 +714,9 @@ pub async fn update_connection_direct(
 
 #[tauri::command]
 pub async fn delete_connection(state: State<'_, AppState>, id: i64) -> Result<(), String> {
-    delete_connection_direct(&state, id).await
+    let result = delete_connection_direct(&state, id).await;
+    state.sync_scheduler.notify_data_changed();
+    result
 }
 
 pub async fn delete_connection_direct(state: &AppState, id: i64) -> Result<(), String> {
@@ -1036,7 +1042,9 @@ pub async fn import_connections(
         lock.clone()
     };
     if let Some(db) = local_db {
-        crate::import::import_from_file(&file_path, &db).await
+        let result = crate::import::import_from_file(&file_path, &db).await;
+        state.sync_scheduler.notify_data_changed();
+        result
     } else {
         Err("Local DB not initialized".to_string())
     }