fix: use std::sync::Mutex for SQLite connection to avoid tokio runtime panics (#164)

Replace tokio::sync::Mutex with std::sync::Mutex for the SQLite connection.
Since rusqlite operations are inherently synchronous, there's no benefit to
using tokio's async Mutex, and blocking_lock() panics when called from within
a tokio async runtime context ("Cannot block the current thread from within a runtime").

This allows consumers to call MDK methods directly from async code without
needing to wrap calls in std::thread::spawn() to escape the runtime context.

Author: jgmontoya

crates/mdk-sqlite-storage/CHANGELOG.md

@@ -74,6 +74,7 @@
 - **Security (Audit Issue AB)**: Added size limits to prevent disk and CPU exhaustion from unbounded user input ([#94](https://github.com/marmot-protocol/mdk/pull/94))
 - **Security (Audit Issue AG)**: `all_groups` now skips corrupted rows instead of failing on the first deserialization error, improving availability when database contains malformed data ([#115](https://github.com/marmot-protocol/mdk/pull/115))
 - Propagate `last_message_id` parse errors in `row_to_group` instead of silently converting to `None` ([#105](https://github.com/marmot-protocol/mdk/pull/105))
+- Changed `tokio::sync::Mutex` to `std::sync::Mutex` for SQLite connection to avoid panics when called from within tokio async runtime contexts ([#164](https://github.com/marmot-protocol/mdk/pull/164))
 
 ### Removed
 

crates/mdk-sqlite-storage/src/lib.rs

@@ -71,7 +71,7 @@ use std::sync::Arc;
 use mdk_storage_traits::{Backend, GroupId, MdkStorageError, MdkStorageProvider};
 use openmls_traits::storage::{StorageProvider, traits};
 use rusqlite::Connection;
-use tokio::sync::Mutex;
+use std::sync::Mutex;
 
 mod db;
 pub mod encryption;
@@ -454,14 +454,14 @@ impl MdkSqliteStorage {
     where
         F: FnOnce(&Connection) -> T,
     {
-        let conn = self.connection.blocking_lock();
+        let conn = self.connection.lock().unwrap();
         f(&conn)
     }
 
     /// Creates a snapshot of a group's state by copying all group-related rows
     /// to the snapshot table.
     fn snapshot_group_state(&self, group_id: &GroupId, name: &str) -> Result<(), Error> {
-        let conn = self.connection.blocking_lock();
+        let conn = self.connection.lock().unwrap();
         let group_id_bytes = group_id.as_slice();
         let now = std::time::SystemTime::now()
             .duration_since(std::time::UNIX_EPOCH)
@@ -822,7 +822,7 @@ impl MdkSqliteStorage {
     /// Restores a group's state from a snapshot by deleting current rows
     /// and re-inserting from the snapshot table.
     fn restore_group_from_snapshot(&self, group_id: &GroupId, name: &str) -> Result<(), Error> {
-        let conn = self.connection.blocking_lock();
+        let conn = self.connection.lock().unwrap();
         let group_id_bytes = group_id.as_slice();
 
         // Check if snapshot exists BEFORE starting transaction or deleting any data.
@@ -1112,7 +1112,7 @@ impl MdkSqliteStorage {
 
     /// Deletes a snapshot that is no longer needed.
     fn delete_group_snapshot(&self, group_id: &GroupId, name: &str) -> Result<(), Error> {
-        let conn = self.connection.blocking_lock();
+        let conn = self.connection.lock().unwrap();
         conn.execute(
             "DELETE FROM group_state_snapshots WHERE snapshot_name = ? AND group_id = ?",
             rusqlite::params![name, group_id.as_slice()],
@@ -1160,7 +1160,7 @@ impl MdkStorageProvider for MdkSqliteStorage {
         &self,
         group_id: &GroupId,
     ) -> Result<Vec<(String, u64)>, MdkStorageError> {
-        let conn = self.connection.blocking_lock();
+        let conn = self.connection.lock().unwrap();
         let mut stmt = conn
             .prepare_cached(
                 "SELECT DISTINCT snapshot_name, created_at FROM group_state_snapshots
@@ -1181,7 +1181,7 @@ impl MdkStorageProvider for MdkSqliteStorage {
     }
 
     fn prune_expired_snapshots(&self, min_timestamp: u64) -> Result<usize, MdkStorageError> {
-        let conn = self.connection.blocking_lock();
+        let conn = self.connection.lock().unwrap();
         let deleted = conn
             .execute(
                 "DELETE FROM group_state_snapshots WHERE created_at < ?",