# Vendored: discord-ext-voice-recv

**Upstream:** https://github.com/imayhaveborkedit/discord-ext-voice-recv
**Pinned commit:** `ac04ea7b0941112e83767cf1c1469b408fa06748` (bump version 0.5.3a, master HEAD Jun 2025)
**Vendored at:** 2026-05-27
**Echo Core fork version:** `0.5.3a+echo.dave1` (PEP 440 local segment)
**Reason:** Discord voice protocol is fragile, upstream is hobby fork. Adapter
layer in `src/voice/_discord_voice_adapter.py` isolates upstream churn — if this
package breaks, swap to py-cord by rewriting only that file.

## Echo Core patch: `+echo.dave1` (DAVE E2E receive-side decrypt)

### Why

Discord enforces DAVE (E2E media encryption) on voice gateway `v=8` whenever the
bot advertises `max_dave_protocol_version > 0` in IDENTIFY. discord.py 2.7.1 (the
version Echo Core pins) does so unconditionally — Discord then closes the WS
with code **4017** if the bot opts out by sending `max_dave_protocol_version=0`.
DAVE is **mandatory**.

Audio received from a DAVE-active room is **dual-wrapped**: transport layer
(`aead_xchacha20_poly1305_rtpsize`) + DAVE E2E. Upstream voice-recv decrypts
only the transport layer, then hands DAVE ciphertext to libopus, which raises
`OpusError: corrupted stream` on every packet.

### Patch shape

~30 lines, all in `discord/ext/voice_recv/reader.py`:

1. Module-level optional `davey` import (no-op when missing).
2. `AudioReader._maybe_dave_decrypt(rtp_packet) -> Optional[bytes]` — gate logic
   mirrors discord.py 2.7.1 send-side `can_encrypt` exactly. Returns the
   DAVE-unwrapped payload, the original payload (DAVE inactive), or `None` to
   drop the packet (unknown SSRC, decrypt failure).
3. 4-line hook in `callback()` between transport-decrypt and `feed_rtp`:
   overwrites `rtp_packet.decrypted_data` in place, or returns early to drop.

The post-decrypt `is_silence()` check (formerly at reader.py:172) still works
because we overwrite `decrypted_data` in place — silence frames produced by
davey reach the existing check unchanged.

### Dependency

`davey==0.1.5` — matches discord.py 2.7.1 expectation. Pin in
`echo-core/requirements.txt`. The import is optional at module level so tests
and non-DAVE environments still run; the gate degrades to a bypass.

### Re-sync strategy

When upstream voice-recv adds DAVE support natively:

1. Drop the three patch hunks in `reader.py` (davey import block,
   `_maybe_dave_decrypt` method, hook in `callback()`).
2. Revert `__version__` to upstream value in `__init__.py`.
3. Update `Pinned commit` below.
4. Run `pytest tests/test_voice_recv_dave.py tests/test_voice_adapter_contract.py`.

The contract test `test_voice_recv_fork_version` asserts `__version__ ==
'0.5.3a+echo.dave1'` and will fail fast on any accidental wipe during a careless
upstream sync — forcing a conscious decision to either re-port or drop the
patch.

## Update procedure (vanilla upstream sync)

```bash
cd vendor/discord-ext-voice-recv
git fetch origin master
git log HEAD..origin/master --oneline  # review what changed
git checkout <new-commit>
# RE-APPLY the +echo.dave1 patch if upstream still lacks DAVE
cd ../..
source .venv/bin/activate && pip install -e vendor/discord-ext-voice-recv --force-reinstall
pytest tests/test_voice_adapter_contract.py tests/test_voice_recv_dave.py -v  # MUST PASS — contract + DAVE guards
```

Update this file's `Pinned commit` after a successful upgrade.