feat: add ROE signer tool and update documentation to v2.3.4/v8.0.0

Add standalone Ed25519 ROE signing utility (tools/roe-signer/) for
WRAITH-Recon Rules of Engagement documents with keygen, sign, and
verify subcommands. Update README, CHANGELOG, Protocol-DEV, and
Clients-DEV with gap analysis v8.0.0 references, ROE signer tool
documentation, and current project status.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

Author: doublegate

CHANGELOG.md

@@ -7,6 +7,21 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+### Added
+
+#### Tools
+- **ROE Signer** (`tools/roe-signer/`): Standalone Ed25519 signing utility for WRAITH-Recon Rules of Engagement JSON documents. Supports keygen, sign, and verify subcommands. Replicates the exact `signing_data()` byte layout from `wraith-recon/src-tauri/src/roe.rs` for guaranteed signature compatibility. Excluded from the Cargo workspace (self-contained build).
+
+#### Documentation
+- **Benchmark Raw Data** (`docs/testing/benchmark-raw-data/v2.3.4-20260130/`): Raw criterion output for wraith-core, wraith-crypto, wraith-files, and wraith-obfuscation benchmarks
+- **Gap Analysis v8.0.0** (`docs/clients/wraith-redops/GAP-ANALYSIS-v2.3.4.md`): Updated RedOps audit confirming Operator Client frontend expansion (1,558 → 3,608 lines, 13 → 27 files, 33 typed IPC wrappers)
+
+### Changed
+
+- **Cargo.toml**: Added `tools/roe-signer` to workspace `exclude` list
+- **README.md**: Updated gap analysis references to v8.0.0, added tools/roe-signer to project structure and documentation links
+- **Protocol-DEV / Clients-DEV**: Updated footer metadata to reflect v2.3.4 status
+
 ---
 
 ## [2.3.4] - 2026-01-30 - Performance Optimizations & Security Hardening

Cargo.toml

@@ -37,6 +37,7 @@ exclude = [
     "crates/wraith-xdp",
     "clients/wraith-redops/spectre-implant",
     "fuzz",
+    "tools/roe-signer",
 ]
 
 [workspace.package]

README.md

@@ -199,30 +199,30 @@ WRAITH Protocol powers a comprehensive ecosystem of 12 production-ready applicat
 - Ed25519-signed Kill Switch broadcast mechanism
 - Encryption at Rest for command payloads and results
 
-### WRAITH-RedOps Gap Analysis (v7.0.0)
-
-The RedOps platform has undergone a comprehensive deep audit (v7.0.0) with line-by-line verification of all source files across all three components. The v7.0.0 audit corrected several metrics from v6.0.0, discovering 3 additional implant modules (compression.rs, exfiltration.rs, impact.rs), confirming 100% IPC coverage (32/32 RPCs wired), and expanding MITRE ATT&CK coverage to 87%.
-
-| Metric                           | Value                                                                                    |
-| -------------------------------- | ---------------------------------------------------------------------------------------- |
-| **Overall Completion**           | ~98% (up from ~97% in v7.0.0)                                                            |
-| **Modules**                      | 21 across 3 components                                                                   |
-| **MITRE ATT&CK Coverage**        | 87% (35 of 40 techniques implemented)                                                    |
-| **P0 Critical Issues**           | 0 (all resolved)                                                                         |
-| **P1 High Issues**               | 2 remaining (key ratcheting 13 SP, PowerShell runner 5 SP)                               |
-| **Frontend IPC Coverage**        | 34/34 Tauri IPC commands wired (100% -- previously 19/34)                                |
-| **Hardcoded Cryptographic Keys** | 0 (all resolved)                                                                         |
-| **Story Points Remaining**       | ~59 SP across 13 findings (down from ~73 SP / 17 findings in v6.0.0)                     |
-| **Remaining Findings**           | 13 total (0 P0, 2 P1, 5 P2, 6 P3)                                                       |
-
-| Component          | Completion | Delta (from v7.0.0) | Notes                                                                          |
-| ------------------ | ---------- | -------------------- | ------------------------------------------------------------------------------ |
-| Team Server        | 97%        | +0%                  | 5,833 lines, all 32 RPCs wired, playbook system complete, DNS + SMB listeners  |
-| Operator Client    | 99%        | +2%                  | ~5,800 lines, 21 console commands, 34/34 IPC wired, full UI/UX (zustand, toasts, modals, context menus) |
-| Spectre Implant    | 95%        | +0%                  | 8,925 lines, 21 modules (+3: compression, exfiltration, impact), 11 tests      |
-| WRAITH Integration | 97%        | +0%                  | P2P mesh C2, entropy mixing, SecureBuffer with mlock, PQ crypto integration    |
-
-For the full gap analysis, see [GAP-ANALYSIS-v2.3.0.md](docs/clients/wraith-redops/GAP-ANALYSIS-v2.3.0.md).
+### WRAITH-RedOps Gap Analysis (v8.0.0)
+
+The RedOps platform has undergone comprehensive deep audits (v7.0.0 and v8.0.0) with exhaustive line-by-line verification of all source files across all three components. The v8.0.0 audit (2026-01-30) confirmed a major expansion of the Operator Client frontend from 1,558 to 3,608 lines across 27 files (up from 13), with 33 typed IPC wrappers and full end-to-end coverage. The Team Server and Spectre Implant backends remain unchanged.
+
+| Metric                           | Value                                                                                     |
+| -------------------------------- | ----------------------------------------------------------------------------------------- |
+| **Overall Completion**           | ~97% (zero P0 critical issues)                                                            |
+| **Total Source Lines**           | 15,953 Rust + 3,608 TypeScript + 532 Protobuf + 208 SQL                                  |
+| **Modules**                      | 21 across 3 components                                                                    |
+| **MITRE ATT&CK Coverage**        | 87% (35 of 40 techniques implemented across 12 tactics)                                   |
+| **P0 Critical Issues**           | 0 (all resolved)                                                                          |
+| **P1 High Issues**               | 2 remaining (key ratcheting 13 SP, PowerShell runner 5 SP)                                |
+| **Frontend IPC Coverage**        | 100% (33/32 proto RPCs + 1 client-only; all wired end-to-end with typed wrappers)         |
+| **Hardcoded Cryptographic Keys** | 0 (all resolved)                                                                          |
+| **Story Points Remaining**       | ~59 SP across 13 findings (0 P0, 2 P1, 5 P2, 6 P3)                                      |
+
+| Component          | Completion | Lines                     | Notes                                                                          |
+| ------------------ | ---------- | ------------------------- | ------------------------------------------------------------------------------ |
+| Team Server        | 97%        | 5,833 Rust                | All 32 RPCs wired, playbook system complete, DNS + SMB listeners               |
+| Operator Client    | 99.5%      | 1,195 Rust + 3,608 TS     | 21 console commands, 33 IPC wired, full UI/UX (zustand, toasts, modals, context menus) |
+| Spectre Implant    | 95%        | 8,925 Rust                | 21 modules, 11 tests, no_std with Halo's Gate SSN resolution                  |
+| WRAITH Integration | 97%        | (integrated)              | P2P mesh C2, entropy mixing, SecureBuffer with mlock, PQ crypto integration   |
+
+For the full gap analysis, see [GAP-ANALYSIS-v2.3.4.md](docs/clients/wraith-redops/GAP-ANALYSIS-v2.3.4.md) (v8.0.0 internal).
 
 For detailed client documentation, see the [Client Overview](docs/clients/overview.md).
 
@@ -589,6 +589,8 @@ WRAITH-Protocol/
 |   |-- config/            # CLI and node configuration (2)
 |   |-- transfer/          # Transfer profile templates (1)
 |   +-- integration/       # Docker Compose, systemd service (2)
+|-- tools/                 # Standalone utilities
+|   +-- roe-signer/        # Ed25519 ROE document signing tool
 |-- conductor/             # Project management system with code style guides
 |-- docs/                  # Documentation (130+ files)
 |-- to-dos/                # Project planning
@@ -599,7 +601,8 @@ WRAITH-Protocol/
 
 Workspace: 22 members (8 protocol + 9 Tauri clients + team-server +
            operator-client + xtask + tests)
-Excluded:  wraith-xdp (eBPF toolchain), spectre-implant (no_std)
+Excluded:  wraith-xdp (eBPF toolchain), spectre-implant (no_std),
+           roe-signer (standalone tool)
 ```
 
 ---
@@ -652,12 +655,13 @@ See [CI Workflow](.github/workflows/ci.yml) and [Release Workflow](.github/workf
 - [UI/UX Design Reference](docs/clients/UI-UX-DESIGN-REFERENCE.md)
 - [Client Roadmap](to-dos/ROADMAP-clients.md)
 
-### Templates
+### Templates & Tools
 
 - [Templates Overview](templates/README.md)
 - [ROE Templates for WRAITH-Recon](templates/recon/README.md)
 - [Configuration Templates](templates/config/README.md)
 - [Integration Templates](templates/integration/README.md)
+- [ROE Signer Tool](tools/roe-signer/) - Ed25519 signing utility for WRAITH-Recon ROE documents
 
 ### Development History
 
@@ -674,7 +678,7 @@ WRAITH Protocol v2.3.4 represents 2,740+ story points across 24 development phas
 
 - Core protocol implementation (cryptography, transport, obfuscation, discovery)
 - 12 production-ready client applications (9 desktop + 2 mobile + 1 server platform)
-- WRAITH-RedOps with deep audit gap analysis v7.0.0 (~97% completion, 87% MITRE ATT&CK coverage (35/40), 0 P0 critical issues, ~59 SP remaining across 13 findings)
+- WRAITH-RedOps with deep audit gap analysis v8.0.0 (~97% completion, 87% MITRE ATT&CK coverage (35/40), 0 P0 critical issues, ~59 SP remaining across 13 findings)
 - RedOps codebase: 8,925 lines spectre-implant, 5,833 lines team-server, ~5,800 lines operator-client (21 modules, 34/34 IPC commands wired, 21 console commands, 11 spectre-implant tests)
 - Conductor project management system with code style guides for development workflow tracking
 - RedOps workspace integration: team-server and operator-client as workspace members (spectre-implant excluded for no_std compatibility)
@@ -757,4 +761,4 @@ WRAITH Protocol builds on excellent projects and research:
 
 **Version:** 2.3.4 | **License:** MIT | **Language:** Rust 2024 (MSRV 1.88) | **Tests:** 2,148 passing (2,123 workspace + 11 spectre-implant + 14 doc) | **Clients:** 12 applications (9 desktop + 2 mobile + 1 server)
 
-**Last Updated:** 2026-01-30
+**Last Updated:** 2026-01-31

docs/archive/README_Clients-DEV.md

@@ -227,16 +227,17 @@ For protocol development history, see [README_Protocol-DEV.md](README_Protocol-D
 - gRPC API for programmatic access
 - Wayland-compatible Tauri desktop client
 
-**Gap Analysis (v7.0.0 Deep Source Audit - Full Codebase Audit):**
-- Overall completion: ~98% (up from ~97% in v7.0.0 after UI/UX enhancement)
+**Gap Analysis (v8.0.0 Deep Source Audit - Full Codebase Audit, 2026-01-30):**
+- Overall completion: ~97% (zero P0 critical issues)
+- Total source: 15,953 Rust + 3,608 TypeScript + 532 Protobuf + 208 SQL
 - 21 modules across 3 components (up from 18 in v6.0.0; +3: compression.rs, exfiltration.rs, impact.rs)
-- MITRE ATT&CK coverage: 87% (35/40 techniques, up from 82% in v6.0.0)
-- 0 P0 critical issues, 2 P1 high issues remaining
-- 34/34 Tauri IPC commands wired to frontend (was 19/34 before UI/UX enhancement; 32 RPCs backed by gRPC)
-- 13 remaining findings / 59 SP (down from 17 findings / 73 SP in v6.0.0)
-- Test infrastructure: 11 spectre-implant tests now passing (previously blocked by no_std configuration)
-- 3 dead code annotations remaining (down from 10)
-- Gap analysis v7.0.0 deep source audit in GAP-ANALYSIS-v2.3.0.md
+- MITRE ATT&CK coverage: 87% (35/40 techniques across 12 tactics)
+- 0 P0 critical issues, 2 P1 high issues remaining (key ratcheting 13 SP, PowerShell runner 5 SP)
+- 33 IPC commands wired end-to-end with typed TypeScript wrappers (33/32 proto RPCs + 1 client-only)
+- Operator Client frontend: 3,608 lines across 27 files (up from 1,558 lines / 13 files in v7.0.0)
+- 13 remaining findings / 59 SP (0 P0, 2 P1, 5 P2, 6 P3)
+- Test infrastructure: 11 spectre-implant tests passing
+- Gap analysis v8.0.0 in [GAP-ANALYSIS-v2.3.4.md](../clients/wraith-redops/GAP-ANALYSIS-v2.3.4.md)
 
 **UI/UX Enhancement (2026-01-28):**
 - 34/34 IPC commands wired (was 19/34): added listener CRUD, implant detail/kill, campaign detail/edit, implant generator, playbook browser, attack chain list/detail, event streaming, command cancellation, token refresh
@@ -1194,7 +1195,7 @@ RedOps                                                          [=============]
 - ✅ Grade A+ quality (98/100), TDR ~2.5%
 - ✅ Production-ready architecture with v2.3.2 release (benchmark-driven optimizations: 10.9x frame building, 93.6% Double Ratchet improvement, 118,000x transfer scheduling)
 - ✅ WRAITH-RedOps workspace integration: team-server and operator-client as Cargo workspace members
-- ✅ WRAITH-RedOps gap analysis v7.0.0: ~97% completion, 87% MITRE ATT&CK (35/40), 0 P0 critical, 21 modules, 32 RPCs 100% IPC, 59 SP remaining across 13 findings
+- ✅ WRAITH-RedOps gap analysis v8.0.0: ~97% completion, 87% MITRE ATT&CK (35/40), 0 P0 critical, 21 modules, 33 IPC wired with typed wrappers, 59 SP remaining across 13 findings, Operator Client frontend 3,608 lines/27 files
 - ✅ WRAITH-RedOps Operator Client UI/UX Enhancement: 34/34 IPC commands wired (was 19/34), 17 new files, 7 modified, zustand stores, toast/modal/context menu system, 6 new feature sections (listener CRUD, implant detail, campaign edit, implant generator, playbook browser, event log)
 - ✅ sqlx restructured to PostgreSQL-only (avoids libsqlite3-sys link conflict with Tauri rusqlite)
 - ✅ Cross-compilation with Cross.toml pre-build hooks (protobuf-compiler for gRPC builds)
@@ -1325,8 +1326,8 @@ RedOps                                                          [=============]
 
 ---
 
-**WRAITH Protocol Client Applications Development History** - *From Planning to v2.3.1*
+**WRAITH Protocol Client Applications Development History** - *From Planning to v2.3.4*
 
-**Status:** Phases 15-24 Complete (All 12 Clients) | **Total Scope:** 12 clients, 1,292 SP | **Delivered:** 1,292 SP (100%) | **Protocol:** v2.3.2 Complete | **Tests:** 2,148 total (2,123 workspace + 11 spectre-implant + 14 doc, 663+ client tests) | **Workspace:** 22 members (team-server + operator-client integrated) | **TDR:** ~2.5% (Grade A) | **CI/CD:** Optimized workflows with reusable setup, path filters, and cross-compilation via Cross.toml | **RedOps:** Gap analysis v7.0.0 (~98% complete, 87% MITRE ATT&CK (35/40), 0 P0 critical, 21 modules, 34/34 IPC wired, operator UI/UX overhauled with zustand/toast/modal/context menus) | **Conductor:** Project management system with code style guides
+**Status:** Phases 15-24 Complete (All 12 Clients) | **Total Scope:** 12 clients, 1,292 SP | **Delivered:** 1,292 SP (100%) | **Protocol:** v2.3.4 Complete | **Tests:** 2,148 total (2,123 workspace + 11 spectre-implant + 14 doc, 663+ client tests) | **Workspace:** 22 members + 3 excluded | **TDR:** ~2.5% (Grade A) | **CI/CD:** Optimized workflows with reusable setup, path filters, and cross-compilation via Cross.toml | **RedOps:** Gap analysis v8.0.0 (~97% complete, 87% MITRE ATT&CK (35/40), 0 P0 critical, 21 modules, 33 IPC wired with typed wrappers, Operator Client 3,608 lines/27 files with zustand/toast/modal/context menus) | **Tools:** ROE Signer for Ed25519 signing of WRAITH-Recon ROE documents | **Conductor:** Project management system with code style guides
 
-*Last Updated: 2026-01-29*
+*Last Updated: 2026-01-31*

docs/archive/README_Protocol-DEV.md

@@ -1411,7 +1411,7 @@ Red team operations platform for authorized adversary emulation:
 - ✅ WRAITH-Sync file synchronization with delta transfers
 - ✅ WRAITH-Recon network reconnaissance platform (packet capture, protocol analysis, network mapping)
 - ✅ WRAITH-RedOps workspace integration: team-server and operator-client as Cargo workspace members
-- ✅ WRAITH-RedOps gap analysis v7.0.0: ~97% completion, 87% MITRE ATT&CK (35/40), 0 P0 critical, 21 modules, 32 RPCs 100% IPC, 59 SP remaining across 13 findings
+- ✅ WRAITH-RedOps gap analysis v8.0.0: ~97% completion, 87% MITRE ATT&CK (35/40), 0 P0 critical, 21 modules, 33 IPC commands 100% wired (typed wrappers), 59 SP remaining across 13 findings, Operator Client frontend expanded to 3,608 lines across 27 files
 - ✅ WRAITH-RedOps Operator Client UI/UX Enhancement: 34/34 IPC commands wired (was 19/34), 17 new files, 7 modified, zustand stores, toast/modal/context menu system, 6 new feature sections, keyboard shortcuts, ~5,800 lines TypeScript (up from ~4,200)
 - ✅ sqlx restructured to PostgreSQL-only (avoids libsqlite3-sys link conflict with Tauri rusqlite)
 - ✅ Cross-compilation with Cross.toml pre-build hooks (protobuf-compiler for gRPC builds)
@@ -1422,6 +1422,8 @@ Red team operations platform for authorized adversary emulation:
 - ✅ Frontend test infrastructure (587 tests across all clients)
 - ✅ CI/CD optimized (reusable setup.yml, path filters, checkout@v4, cache@v4, upload-artifact@v4, download-artifact@v4)
 - ✅ CI/CD workspace exclusions for RedOps clients (Tauri `generate_context!()` requires frontend assets)
+- ✅ ROE Signer tool (`tools/roe-signer/`): Standalone Ed25519 signing utility for WRAITH-Recon ROE documents (keygen, sign, verify)
+- ✅ Benchmark raw data archive (`docs/testing/benchmark-raw-data/v2.3.4-20260130/`)
 
 **v1.7.1 WRAITH-Chat UI Redesign & UI/UX Standardization:**
 - Professional header with connection status, peer ID display, session stats
@@ -1468,8 +1470,8 @@ See [../../to-dos/ROADMAP.md](../../to-dos/ROADMAP.md) for detailed future plann
 
 ---
 
-**WRAITH Protocol Development History** - *From Foundation to v2.3.2 (Phases 1-24 + Infrastructure Sprints + Benchmark Optimizations)*
+**WRAITH Protocol Development History** - *From Foundation to v2.3.4 (Phases 1-24 + Infrastructure Sprints + Benchmark Optimizations)*
 
-**Development Period:** 2024 - 2026-01-28 | **Total Effort:** 2,740+ story points delivered across 24 phases + infrastructure sprints | **Quality:** Production-ready (98/100), 2,148 tests (2,123 workspace + 11 spectre-implant + 14 doc, 100% pass rate), 0 vulnerabilities, Grade A+ security | **Clients:** 12 applications (9 desktop + 2 mobile + 1 server) | **Workspace:** 22 members + 2 excluded (team-server and operator-client integrated) | **TDR:** ~2.5% (Grade A - Excellent) | **CI/CD:** Optimized workflows with reusable setup, path filters, and cross-compilation via Cross.toml | **v2.3.1:** MSRV 1.88, WRAITH-RedOps ~98% complete (gap analysis v7.0.0 + UI/UX overhaul), 87% MITRE ATT&CK coverage (35/40), 0 P0 critical issues, 21 modules, 34/34 IPC wired, operator client UI/UX overhauled (~5,800 lines, zustand/toast/modal/context menus, 6 new feature sections) | **Conductor:** Project management system with code style guides
+**Development Period:** 2024 - 2026-01-31 | **Total Effort:** 2,740+ story points delivered across 24 phases + infrastructure sprints | **Quality:** Production-ready (98/100), 2,148 tests (2,123 workspace + 11 spectre-implant + 14 doc, 100% pass rate), 0 vulnerabilities, Grade A+ security | **Clients:** 12 applications (9 desktop + 2 mobile + 1 server) | **Workspace:** 22 members + 3 excluded (wraith-xdp, spectre-implant, roe-signer) | **TDR:** ~2.5% (Grade A - Excellent) | **CI/CD:** Optimized workflows with reusable setup, path filters, and cross-compilation via Cross.toml | **v2.3.4:** 18 performance optimizations (WebSocket mimicry 55-85% faster, DoH tunnel 70-86% faster, frame pipeline 11-30% faster, message header 53% faster), WRAITH-RedOps gap analysis v8.0.0 (~97% complete, 87% MITRE ATT&CK, Operator Client 3,608 lines/27 files with typed IPC), ROE Signer tool | **Conductor:** Project management system with code style guides
 
-*Last Updated: 2026-01-29*
+*Last Updated: 2026-01-31*