feat: initial scaffold of unibus message bus (membership service + client lib + demo peers)

pkg/room/room.go

@@ -0,0 +1,42 @@
+// Package room models the policy and identity of a unibus room.
+//
+// A room is a logical channel on the bus. Its Policy decides whether messages
+// are encrypted end-to-end, persisted to history, and signed per-message. Two
+// canonical policies are provided:
+//
+//   - ModeNATS:   cleartext, ephemeral, unsigned. The "plain NATS" experience —
+//     fast fan-out for telemetry, process coordination, and RPC where the
+//     transport boundary is already trusted.
+//   - ModeMatrix: encrypted, persisted, signed. The "Matrix-like" experience —
+//     E2E confidentiality with forward secrecy (key rotation on leave/kick),
+//     durable history, and per-message authorship signatures.
+//
+// Subject naming convention (the address space of the bus):
+//
+//	proc.<svc>.<canal>   process/worker telemetry & coordination (e.g. proc.test.ticks)
+//	rpc.<svc>            request/reply endpoints (e.g. rpc.indexer)
+//	room.<grupo>         human/group chat rooms (e.g. room.general)
+//	agent.<nombre>.{in,out}  LLM agent inbox/outbox (e.g. agent.scout.in)
+package room
+
+// Policy controls how a room treats its messages.
+type Policy struct {
+	Encrypt  bool // payload is AEAD-encrypted with the room key K
+	Persist  bool // messages are kept in durable history (JetStream)
+	SignMsgs bool // each message carries an Ed25519 signature over its canonical bytes
+}
+
+// ModeNATS is cleartext, ephemeral, unsigned: plain NATS semantics.
+var ModeNATS = Policy{Encrypt: false, Persist: false, SignMsgs: false}
+
+// ModeMatrix is encrypted, persisted, signed: Matrix-like E2E semantics.
+var ModeMatrix = Policy{Encrypt: true, Persist: true, SignMsgs: true}
+
+// Room is the in-memory view of a room: its identity, transport subject, the
+// current key epoch, and its policy.
+type Room struct {
+	ID      string
+	Subject string
+	Epoch   int
+	Policy  Policy
+}