{"id":7141,"library":"davey","title":"Davey Protocol Implementation","description":"Davey is a Python library that provides an implementation of the Discord Audio & Video End-to-End Encryption (DAVE) Protocol. It acts as a Python binding to a Rust-based implementation that leverages OpenMLS. The library is currently in beta (0.1.5) but actively maintained, with recent updates focusing on security fixes related to its internal OpenMLS dependency.","status":"active","version":"0.1.5","language":"en","source_language":"en","source_url":"https://github.com/Snazzah/davey","tags":["discord","audio","video","encryption","dave","protocol","e2ee","mls","rust"],"install":[{"cmd":"pip install davey","lang":"bash","label":"Install latest version"}],"dependencies":[{"reason":"The core protocol implementation is in Rust, using the OpenMLS library. While `pip install` typically handles pre-built wheels bundling the Rust components, building from source would require a Rust toolchain.","package":"OpenMLS (Rust)","optional":false}],"imports":[{"note":"Represents a P256 signing key pair used within the DAVE protocol.","symbol":"SigningKeyPair","correct":"from davey import SigningKeyPair"},{"note":"A utility function to create a new P256 signing key pair.","symbol":"generate_p256_keypair","correct":"from davey import generate_p256_keypair"},{"note":"Used for generating human-readable codes for verification, as specified in the DAVE Protocol.","symbol":"generate_displayable_code","correct":"from davey import generate_displayable_code"},{"note":"An Enum representing the current status of a DAVE session.","symbol":"SessionStatus","correct":"from davey import SessionStatus"}],"quickstart":{"code":"from davey import SigningKeyPair, generate_p256_keypair, generate_displayable_code\nimport os\n\n# Note: In a real application, keys and session data should be securely managed\n# and integrated with Discord's voice gateway interactions. This is a minimal example.\n\n# 1. Generate a P256 signing key pair\n# This key pair is fundamental for establishing trust in DAVE sessions.\nkey_pair = generate_p256_keypair()\nprint(f\"Generated Private Key (truncated): {key_pair.private.hex()[:10]}...\")\nprint(f\"Generated Public Key (truncated): {key_pair.public.hex()[:10]}...\")\n\n# 2. Generate a displayable code for user verification\n# The 'data' parameter would typically be a unique session identifier or\n# derived from shared secrets in a real DAVE handshake.\nexample_data_for_code = os.urandom(32) # Using random bytes for demonstration\ndisplay_code = generate_displayable_code(\n    data=example_data_for_code,\n    desired_length=12, # Total length of the code string\n    group_size=4       # How many characters per group (e.g., AAAA-BBBB-CCCC)\n)\nprint(f\"Generated Displayable Code: {display_code}\")\n\n# Further steps would involve Discord API interaction to manage DAVE sessions,\n# process proposals, and handle media encryption/decryption, which is highly\n# application-specific and not directly covered by simple library calls here.\n# Refer to the DAVE Protocol whitepaper and library's typings for advanced usage.","lang":"python","description":"This quickstart demonstrates how to generate a P256 signing key pair and a displayable verification code, which are core components of the DAVE protocol. Proper integration requires interaction with Discord's voice server APIs for session management and media handling."},"warnings":[{"fix":"Upgrade to davey>=0.1.4 using `pip install --upgrade davey`.","message":"Version 0.1.4 and later fixed a high-severity vulnerability in the internal OpenMLS dependency. Users on older versions (0.1.3 and below) are strongly advised to update immediately to mitigate potential security risks.","severity":"breaking","affected_versions":"<0.1.4"},{"fix":"Be aware of potential API instability. Pin your dependency versions strictly (e.g., `davey==0.1.5`) and thoroughly test new updates.","message":"The library is in 'Beta' (Development Status 4) as per PyPI. This indicates that the API might still undergo non-backward-compatible changes, and it may not yet be considered stable for production environments without careful testing.","severity":"gotcha","affected_versions":"All versions <1.0.0"},{"fix":"Rely on the library's type hints (`.pyi` files) for API discovery. Consult the DAVE Protocol Whitepaper for conceptual understanding and implement carefully based on the source code or typings.","message":"Official, comprehensive usage documentation for the Python `davey` library is currently limited. The GitHub README suggests checking the Python typings (`davey.pyi`) for usage examples and available functions. Deeper understanding requires referring to the DAVE Protocol Whitepaper.","severity":"gotcha","affected_versions":"All versions"}],"env_vars":null,"last_verified":"2026-04-16T00:00:00.000Z","next_check":"2026-07-15T00:00:00.000Z","problems":[{"fix":"Ensure the library is installed with `pip install davey` and that your Python interpreter is running in the correct environment.","cause":"The `davey` package is not installed in the current Python environment or the environment is not activated.","error":"ModuleNotFoundError: No module named 'davey'"},{"fix":"Review the `davey.pyi` typing file in the installed package for available methods and attributes. The library provides protocol primitives rather than a high-level Discord bot integration layer.","cause":"Attempting to call a method or access an attribute that does not exist on the object, often due to an outdated understanding of the API or an assumption about its functionality without consulting the typings. The DAVE implementation is low-level and might require specific protocol message handling.","error":"AttributeError: 'DaveySession' object has no attribute 'encrypt_audio'"},{"fix":"Ensure all cryptographic material and protocol data (e.g., keys, nonces, payloads) are provided as `bytes` objects. Convert strings using `.encode('utf-8')` if necessary, or use byte literals (e.g., `b'mydata'`).","cause":"Passing arguments of incorrect types, such as a string when a bytes-like object is expected, particularly for cryptographic keys or data payloads.","error":"TypeError: argument 'private_key' must be bytes, not str"}]}