Commit bef3d92
feat: golden-standard a11y, mobile, pedagogy, perf & security pass
Re-applies the full multi-agent audit fixes (45 verified findings):
Accessibility (measured Lighthouse 100):
- role=status live regions; non-live transcripts so results aren't re-read
- dedicated --accent-text / --on-accent tokens fix light-theme AA contrast
- thead/tbody + scope=row tables; sr-only labels; diff highlight
- forced-colors support; focus-visible coverage; skip link to <main>
Mobile:
- 44px touch targets (coarse pointer), 16px inputs (no iOS zoom)
- safe-area insets, 100dvh, signer-grid capped on small screens
- narrow-screen header guard
Pedagogy / UX:
- explicit G_T equality reveal with MATCH/NO-MATCH in sign/verify + aggregate
- live rogue-key forgery + Proof-of-Possession defense (Section D)
- onboarding step hints, Reset buttons, message-change invalidation
- honest deterministic pairing-count metric (2n vs 2)
Performance (FCP 0.8s, LCP 1.0s, CLS 0):
- lazy dynamic import of @noble/curves (code-split, 93kB -> 35kB main)
- chunked async keygen/sign with progress; interaction-triggered warm-up
- inlined CSS to drop the render-blocking request
Crypto correctness:
- quantum security: Shor breaks ECDLP (not "64-bit"); co-CDH/ROM, easy-DDH
- message-augmentation pairing count; same-message assumption note
Robustness:
- aggregate race fixed via pre-await snapshot + try/finally
- error handling around all crypto calls
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>1 parent 3e1c08f commit bef3d92
3 files changed
Lines changed: 1065 additions & 275 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
9 | 9 | | |
10 | 10 | | |
11 | 11 | | |
12 | | - | |
| 12 | + | |
| 13 | + | |
| 14 | + | |
| 15 | + | |
| 16 | + | |
| 17 | + | |
| 18 | + | |
| 19 | + | |
13 | 20 | | |
14 | 21 | | |
15 | 22 | | |
16 | | - | |
| 23 | + | |
17 | 24 | | |
18 | 25 | | |
19 | 26 | | |
| |||
0 commit comments