JanusMCD – Discord ↔ Minecraft Chat Bridge & Passwordless Auth.

[0.2.5] - 2026-01-30

New Features

• Sync-Lock Protocol (Split-Brain Prevention):
  • Zero-Trust Synchronization: Implemented a robust "Lock & Ack" protocol for critical operations (like Unlinking). The backend now waits for explicit acknowledgement from the Proxy before finalizing state changes.
  • Player Locking: SyncLockManager temporarily freezes players (blocking Move, Interact, Chat, Command) while synchronization is in progress.
  • Acknowledgement Packets: Introduced SyncAckPacket. Velocity confirms it has processed the Unlink (cleared session/DB) by sending an ACK back to the backend.
  • Strict Workflow: The backend will only kick/redirect the player after receiving the ACK, ensuring the Proxy is guaranteed to be in the correct state (Unauthenticated) when the player reconnects.

Security & Hardening

• Freeze System Hardening:
  • Universal Command Blocking: Frozen players are now blocked from executing ALL commands, including proxy-level commands (e.g., /server, /glist) on Velocity.
  • Packet Synchronization: Active FREEZE_SYNC packet listening ensures instant state enforcement on the proxy.
  • Inventory Blocking: Added checks to prevent frozen players from moving items or opening inventories.
  • Split-Brain Resilience: Validated idempotent packet handling for LINK and UNLINK operations.
• Spawn Location Enforcement:
  • Universal Apply: Fixed logic to strictly enforce default-spawn for ALL players (Linked, Unlinked, or Auto-Vouched) across every workflow (Join, Manual Auth, Session Resume).
  • Auto-Vouch Fix: Resolved an issue where players authenticating via stored sessions (Auto-Vouch) would bypass the spawn teleport.
  • Debug Warnings: Added console alerts for potentially misconfigured spawn settings.
• UUID Spoofing Mitigation:
  • Strict Backend Enforcement: Players who fail to verify their session with the Proxy (potential spoofers) are now KICKED instead of just frozen.
  • Security Audit: Enhanced startup diagnostics for proxy configuration.

Improved

• Chat Relay:
  • Logic Refinement: Explicitly separated "Should Relay" logic into a reusable method.
  • Vanish Support: Added clearer checks for Vanish status to prevent relaying messages from vanished players.
  • Paper Support: Added dedicated PaperChatListener to handle AsyncChatEvent properly on Paper/Folia servers.

Fixed

• Discord ID Unlink Guard: Fixed a potential bypass where unlinking a user by Discord ID (instead of UUID) might not trigger the race-condition guards on Velocity. SyncRelayManager now correctly maps Discord IDs to all online player UUIDs and adds them to the pendingUnlinks guard.
• SyncRelay Syntax: Fixed syntax errors in SyncRelayManager that could prevent proper packet interception.
• Velocity Sync: Fixed JSON parsing in SyncRelayManager to correctly handle LINK and UNLINK packets using GSON.
• Join Messages: AuthHandshakeListener now suppression initial join messages and manually broadcasts them after successful authentication/handshake.
• Velocity Authorization Persistence: Fixed a critical bug where unlinked players would be automatically re-authenticated upon rejoining. VelocitySecurityManager now correctly removes the persistent database record when an UNLINK packet is received.
• Sync Link Packet (DM Fix): Fixed an issue where verifies via Discord DM would not update the Proxy or other servers immediately. Added missing SyncLinkPacket transmission to AccountLinkingManager.
• Console Security:
  • Fail-Safe Role Check: Fixed a security loophole where a blank console-command-role-id allowed everyone to run console commands. Now, a blank ID triggers a "System Lockdown", denying all commands.
  • Sync Race Condition (Auto-Vouch): Fixed a critical race condition where players could be "Auto-Vouched" by Velocity immediately after unlinking.
    • Split-Brain Protection (Backend): Implemented recentUnlinks cache to retain knowledge of unlinks for 15s after packet flushing. This covers the "Flush -> Vouch Arrives" window where the backend acts as the source of truth.
    • Queue Inspection (Backend): Inspects local packet queue to ignore stale proxy vouches if an UNLINK is pending.
    • Auto-Vouch Delay (Velocity): SessionManager now waits 2 seconds before checking trust, allowing the Lobby server time to flush its UNLINK packet queue.
    • Pending Unlink Guard (Velocity): VelocitySecurityManager temporarily blacklists players in memory while processing UNLINK packets to block race-condition reads.
• Sync Logging: Improved visibility of Sync Packet forwarding on Velocity by changing debug logs to INFO level.

Changed

• Dependencies: Relocated GSON to prevent conflicts with Velocity.