rdp-proxy/docs/audits/CURRENT_BASELINE_MATRIX.md

# Current Baseline Matrix

Date: 2026-04-26

Purpose: single operational snapshot of the current project baseline. This file
is not a target architecture document. It describes what is currently proven,
what is merely implemented, and what remains unproven.

## Environment

Canonical test environment:

```text
Docker host: 192.168.200.61
SSH alias: docker-test
Docker endpoint: ssh://docker-test
Docker context: test-ubuntu
Backend API: http://192.168.200.61:8080/api/v1
Backend gateway: ws://192.168.200.61:8080/api/v1/gateway/ws
```

Current live/smoke containers:

| Container | Image | Role |
| --- | --- | --- |
| `rap_backend_smoke` | `rap-backend-smoke:stage5-2-download` | backend control plane |
| `rap_worker_smoke` | `rap-rdp-worker:stage5-2-download` | accepted RDP Adapter worker baseline plus runtime-proven Stage 5.2 core download path |
| `rap_postgres` | `postgres:16` | source-of-truth database |
| `rap_redis` | `redis:7` | live coordination/routing |

Current Windows client endpoints:

```json
{
  "api_base_url": "http://192.168.200.61:8080/api/v1",
  "gateway_websocket_url": "ws://192.168.200.61:8080/api/v1/gateway/ws",
  "prefer_direct_data_plane": true,
  "direct_data_plane_connect_timeout_ms": 2500,
  "direct_data_plane_color_mode": "full_color",
  "direct_data_plane_platform_ca_bundle": "artifacts/p3-5-platform-ca.crt",
  "environment": "production",
  "allow_insecure_direct_data_plane_tls_for_smoke": false
}
```

## Build And Probe Snapshot

Commands run during P0:

```powershell
go test ./...
dotnet build .\clients\windows\RemoteAccessPlatform.Windows.slnx
docker -H ssh://docker-test run --rm rap-rdp-worker:rdp-region-repair rdp-worker-graphics-adapter-probe
docker -H ssh://docker-test run --rm rap-rdp-worker:rdp-region-repair rdp-worker-cursor-adapter-probe
docker -H ssh://docker-test run --rm rap-rdp-worker:rdp-region-repair rdp-worker-service-adapter-protocol-probe
docker -H ssh://docker-test run --rm rap-rdp-worker:rdp-region-repair rdp-worker-dataplane-bind-probe --scenario valid
```

Additional accepted P1 baseline checks:

```powershell
go test ./...
dotnet build .\clients\windows\RemoteAccessPlatform.Windows.slnx
docker -H ssh://docker-test build --tag rap-rdp-worker:rdp-p1-region-order2 --file workers/rdp-worker/Dockerfile workers/rdp-worker
docker -H ssh://docker-test run --rm rap-rdp-worker:rdp-p1-region-order2 rdp-worker-graphics-adapter-probe
docker -H ssh://docker-test run --rm rap-rdp-worker:rdp-p1-region-order2 rdp-worker-cursor-adapter-probe
docker -H ssh://docker-test run --rm rap-rdp-worker:rdp-p1-region-order2 rdp-worker-service-adapter-protocol-probe
docker -H ssh://docker-test run --rm rap-rdp-worker:rdp-p1-region-order2 rdp-worker-dataplane-bind-probe --scenario valid
```

Results:

| Check | Result | Notes |
| --- | --- | --- |
| Backend `go test ./...` | PASS | Most packages still have no test files |
| Windows solution build | PASS | 0 warnings, 0 errors |
| Worker graphics adapter probe | PASS | `graphics_adapter_probe ok` |
| Worker cursor adapter probe | PASS | `cursor_adapter_probe ok` |
| Worker service adapter protocol probe | PASS | channel model prints successfully |
| Worker direct bind valid probe | PASS | `PASS scenario=valid` |
| P1 worker image build | PASS | `rap-rdp-worker:rdp-p1-region-order2` |
| P1 worker probes | PASS | graphics, cursor, protocol, direct bind |
| P1 smoke-worker deployment | PASS | `rap_worker_smoke` online on test Docker |
| P3 backend secret guard tests | PASS | production plaintext metadata rejected; dev/smoke allowed |
| P3 data-plane policy test | PASS | allowed channels follow clipboard/file-transfer policy |
| P3 worker bind denial probes | PASS | wrong worker/user/org/resource/attachment/channels/state rejected |
| P3.3 production secret smoke | PASS | secret-backed RDP resource starts real session on test stand |
| P3.3 production fallback smoke | PASS | production backend omits smoke-only direct WSS candidate |
| P3.3 dev/smoke direct candidate | PASS | direct candidate is `smoke_only=true`, not production trusted |
| P3.4 production WSS trust design | PASS | platform CA, certificate lifecycle, app-local trust, smoke plan documented |
| P3.5 app-local platform CA smoke | PASS | direct worker WSS selected without insecure TLS bypass; unknown CA and smoke-only production fallback proved |
| P3.6 stale worker event idempotency | PASS | backend restart survives stale Redis worker events; terminal PostgreSQL sessions stay terminal |
| Stage 5.2 file download build | PASS | backend/worker/client build |
| Stage 5.2 core download runtime | PASS | direct worker WSS and backend gateway text/binary size/hash; policy block for disabled/client_to_server |
| Stage 5.2 download lifecycle blocking | PASS | detach blocks, old-controller takeover returns `session.taken_over`, worker failure marks session `failed` and closes direct WS |

Important limitation:

- this snapshot does not replace a live manual RDP smoke pass
- the repository directory used for this audit is not currently a Git checkout,
  so commit-level provenance is unavailable here

## Feature Matrix

| Area | Status | Current proof level | Next action |
| --- | --- | --- | --- |
| Backend foundation | Implemented | build/test PASS | expand automated tests |
| Auth/refresh/devices | Implemented | previous runtime proof | add regression tests |
| Organization scope | Implemented | previous hardening pass | add cross-org tests |
| Session lifecycle | Implemented | live-proven | protect from regression |
| Worker registration/leases | Implemented | live-proven | protect from regression |
| Worker-death recovery | Implemented | live-proven | add automated smoke |
| Structured messaging/localization | Implemented | runtime-proven | protect from regression |
| Direct worker WSS | Implemented | live-proven | preserve |
| Backend gateway fallback | Implemented | smoke-proven | preserve |
| Binary direct render | Implemented | smoke-proven | preserve |
| RDP region-first render | Implemented | live/manual usable | harden artifacts |
| Direct attach baseline | Implemented | current baseline | preserve |
| Region-loss repair | Implemented | current baseline | diagnose remaining artifacts |
| Ordered region delivery | Implemented | manual visual smoke accepted | protect |
| RDPGFX | Gated only | default path smoke-proven | keep disabled |
| Keyboard/mouse input | Implemented | manually usable | protect |
| Cursor updates | Implemented | probe/smoke-proven | protect |
| Text clipboard | Implemented | accepted | protect |
| File upload | Implemented | accepted to worker storage | protect |
| Restricted drive visibility | Implemented | runtime-proven via `RAP_Transfers` | protect |
| File download | Implemented | core data path and lifecycle blocking runtime-proven; desktop UI proof pending | prove remaining UI next |
| Resource secret readiness | Guard implemented | backend tests PASS | protect |
| Encrypted secret resolver | MVP implemented | live smoke PASS on test stand | harden KMS/rotation later |
| Direct worker WSS TLS/PKI guard | Guard implemented | production platform CA smoke PASS | preserve |
| Stale worker event restart safety | Implemented | runtime smoke PASS | protect |
| Node-agent runtime | Not implemented | control-plane foundation only | future |
| Mesh/VPN/runtime | Not implemented | target architecture only | future |
| SSH/VNC adapters | Not implemented | none | future after RDP |

## RDP Baseline

Current accepted RDP worker image:

```text
rap-rdp-worker:rdp-p1-region-order2
```

Previous accepted baseline image:

```text
rap-rdp-worker:rdp-region-repair
```

Current RDP render model:

- classic FreeRDP/GDI region-first BGRA path
- direct worker WSS binary `RAP2` frames
- backend gateway JSON/base64 fallback
- full frame on connect/attach/baseline/recovery/fallback repair
- dirty region updates as normal display path
- cursor as independent latest-only channel
- input highest priority
- clipboard and file upload reliable/policy-gated

Current RDP known limitation:

- window drag uses old-client/slow-link style frame-only movement; repaint after
  releasing a moved window is usable but not yet polished

Current accepted P1 behavior:

- dirty-region updates are preserved in-order through `SessionRuntime`, worker
  direct WSS, Windows transport, and WPF presenter queues
- full frames still supersede pending region queues
- worker direct region queue overflow requests throttled full-frame repair
- client logs region sequence gaps and regions received before a baseline
- manual visual smoke accepted idle repaint, Start menu/hover, drag usability,
  keyboard, mouse, and session close

Current RDP non-goals:

- no DP-3B adaptive quality yet
- no compression/codecs/tiles yet
- no RDPGFX default enable
- no full Stage 5.2 desktop UI acceptance yet
- no UI redesign
- no backend/session lifecycle rewrite

## Documentation Truth Status

Updated during P0:

- `README.md`
- `README_START_HERE.md`
- `docs/codex/CURRENT_STATUS.md`
- `docs/codex/NEXT_STEP_PROMPT.md`
- `clients/windows/README.md`
- `workers/rdp-worker/README.md`
- `docs/architecture/DATA_PLANE_V1.md`
- `docs/architecture/RDP_ADAPTER_RUNTIME.md`
- `docs/architecture/RDP_SERVICE_CPP_PERFORMANCE_TARGET.md`
- `docs/architecture/RDP_FILE_DOWNLOAD_STAGE_5_2.md`
- `docs/audits/CURRENT_BASELINE_MATRIX.md`

Current authoritative audit:

- `docs/audits/PROJECT_AUDIT_2026-04-26.md`

Legacy warning:

- `docs/_legacy_v1` is historical reference only and must not be used for
  implementation decisions

## Correct Next Step

Proceed with Stage 5.2 remaining live runtime proof - Server-to-Client File
Download:

- keep `rap-backend-smoke:stage5-2-download` and
  `rap-rdp-worker:stage5-2-download` deployed on `docker-test`
- prove Windows desktop UI download for files placed in `RAP_Transfers\ToClient`
- prove rendering/input/clipboard/upload/reconnect/takeover regressions
- keep backend gateway fallback active
- do not start arbitrary remote path download, SMB/WebDAV, Windows agent,
  binary file chunk frames, DP-3B, mesh/VPN, node-agent runtime, or new adapters