122 lines
4.8 KiB
Markdown
122 lines
4.8 KiB
Markdown
# Send Connector Preflight
|
|
|
|
Date: 2026-07-10
|
|
Node: R6a / C31 non-mutating send connector preflight
|
|
|
|
## Goal
|
|
|
|
Confirm, without sending/clicking/typing/uploading/hooking/capturing network traffic, whether the selected B-route send connector can continue and whether the A-route UI fallback can classify the necessary controls and offline blocker state.
|
|
|
|
## Implemented helper coverage
|
|
|
|
`ISphereWinHelper` is bumped to `0.4.0` and adds two read-only helper operations:
|
|
|
|
| op | Purpose | Side effects |
|
|
| --- | --- | --- |
|
|
| `probe_send_entrypoints` | Inspect copied/installed binaries for text/file send entrypoint metadata. | none |
|
|
| `probe_send_uia_controls` | Classify UIA controls for search, receive pane, send editor, send button, file menu, and offline blocker. | none |
|
|
|
|
Both operations return a `safety` object with these booleans set to `false`: `sent_message`, `sent_file`, `uploaded_file`, `clicked_ui`, `typed_text`, `captured_network`, `attached_hook`, and `modified_client_data`.
|
|
|
|
The live recorder now writes these additional files when run in an online iSphere environment:
|
|
|
|
```text
|
|
send_entrypoints_preflight.json
|
|
send_uia_controls_preflight.json
|
|
```
|
|
|
|
## B-route entrypoint preflight result
|
|
|
|
Manual metadata probe against the copied install family:
|
|
|
|
```text
|
|
runs/offline-evidence-intake/zyl-qqfile-20260709/extracted/c28-send-candidates/zyl/Impp
|
|
```
|
|
|
|
reported:
|
|
|
|
```json
|
|
{
|
|
"entrypoint_count": 7,
|
|
"available_count": 7,
|
|
"required_count": 5,
|
|
"required_available_count": 5,
|
|
"all_required_available": true,
|
|
"b_route_entrypoint_preflight": "pass"
|
|
}
|
|
```
|
|
|
|
Confirmed candidates:
|
|
|
|
| Capability | Candidate | Evidence |
|
|
| --- | --- | --- |
|
|
| text send | `AppContextManager.SendTxtMessageByJid` | method name and `AppContextManager` type-name metadata present in `IMPlatformClient.exe`; IL evidence in the C28 snapshot shows the class/method body |
|
|
| text send | `MessageScheduling.SendChatMessage` | reflection method found in `IMPlatformClient.exe` |
|
|
| text send | `com.vision.smack.Chat.SendMessage` | reflection method found in `smack.dll` |
|
|
| file send/upload | `IMPP.Service.BLL.FileTransfer.FileUpload` | reflection method found in `IMPP.Service.dll` |
|
|
| file send/upload | `IMPP.Service.BLL.FileTransfer.AsynFileUpload` | reflection method found in `IMPP.Service.dll` |
|
|
| file send | `IMPP.Client.OffLineFileSend.sendFile` | reflection method found in `IMPlatformClient.exe` |
|
|
| file send | `com.vision.smack.Chat.sendFileMessage` | reflection method found in `smack.dll` |
|
|
|
|
Note: `AppContextManager.SendTxtMessageByJid` is treated as metadata-confirmed because .NET reflection did not resolve that type in the helper process, while the IL snapshot contains the exact class and method and the binary string scan finds the method and short type name. This is enough for R6a preflight, not enough for production invocation.
|
|
|
|
## A-route UIA preflight result
|
|
|
|
The helper classifier detects these route facts from a UIA tree:
|
|
|
|
- `has_search_edit`
|
|
- `has_receive_document`
|
|
- `has_send_editor`
|
|
- `has_send_button`
|
|
- `has_file_menu`
|
|
- `offline_blocker_visible`
|
|
- `send_button_enabled`
|
|
- `route_hint`
|
|
|
|
Synthetic WinForms verification returned:
|
|
|
|
```json
|
|
{
|
|
"synthetic_send_uia_route_hint": "A_ROUTE_OFFLINE_BLOCKED"
|
|
}
|
|
```
|
|
|
|
R5b returned live-probe evidence already showed real-window selector candidates for `skinAlphaTxt`, `rtbSendMessage`, `btnSend`, and the file-send menu, plus the offline-send blocker text. The new helper op turns that evidence into repeatable classifier output for the next live package.
|
|
|
|
## Verification
|
|
|
|
Passing local verification:
|
|
|
|
```powershell
|
|
powershell -NoProfile -ExecutionPolicy Bypass -File scripts\build-win-helper.ps1
|
|
powershell -NoProfile -ExecutionPolicy Bypass -File scripts\verify-win-helper.ps1 -SkipBuild
|
|
```
|
|
|
|
Observed helper smoke output:
|
|
|
|
```json
|
|
{
|
|
"ok": true,
|
|
"helper_version": "0.4.0",
|
|
"send_entrypoint_probe_mode": "read_only_send_entrypoint_metadata",
|
|
"synthetic_send_uia_route_hint": "A_ROUTE_OFFLINE_BLOCKED",
|
|
"uia_available": true
|
|
}
|
|
```
|
|
|
|
## Decision
|
|
|
|
R6a passes as a non-mutating preflight:
|
|
|
|
- B-route entrypoint metadata is available enough to continue to the next non-production B-route step.
|
|
- A-route controls can be classified as a fallback and can explicitly report offline-blocked state.
|
|
- Production `isphere_send_message` and `isphere_send_file` remain blocked.
|
|
|
|
## Next implementation node
|
|
|
|
R6b B-route preview/dry-run contract is complete. `isphere_send_message` now plans sends, validates content SHA256 and idempotency key, writes redacted audit metadata, and blocks production.
|
|
|
|
Next node: **R6c online sandbox-send evidence gate**.
|
|
|
|
R6c should collect or prepare the one approved sandbox-send evidence package needed before production can be exposed. It must still prove success/ack or sent-record evidence and duplicate idempotency protection before any production send path is enabled.
|