//! Post-Quantum OPAQUE Protocol with Protocol-Level Unlinkability
//!
//! This module implements a complete OPAQUE-style protocol that achieves:
//! - **Correctness**: Same password always produces the same OPRF output
//! - **Protocol-level unlinkability**: Server cannot correlate login sessions
//! - **Post-quantum security**: Based on NTRU Prime (OPRF) + ML-KEM (key exchange)
//!
//! # Architecture
//!
//! ```text
//! ┌─────────────────────────────────────────────────────────────────┐
//! │  Client                                     Server              │
//! │    │                                           │                │
//! │    │──── Kyber ephemeral pubkey ─────────────>│                │
//! │    │<─── Kyber ephemeral pubkey + ciphertext──│                │
//! │    │                                           │                │
//! │    │  [Encrypted channel established]          │                │
//! │    │                                           │                │
//! │    │──── Encrypted(BlindedInput) ────────────>│  Server        │
//! │    │<─── Encrypted(ServerResponse) ───────────│  cannot        │
//! │    │                                           │  correlate     │
//! │    │  [OPRF complete, session key derived]     │  queries       │
//! └─────────────────────────────────────────────────────────────────┘
//! ```
//!
//! The OPRF itself (NTRU-LWR) is deterministic/linkable, but the Kyber
//! ephemeral keys make sessions unlinkable at the protocol level.

mod session;

pub use session::{
    ClientHello, ClientSession, EncryptedOprfRequest, EncryptedOprfResponse, ProtocolError,
    ServerHello, ServerSession, SessionKey, client_finish_handshake, client_receive_oprf,
    client_send_oprf, client_start, server_handle_hello, server_handle_oprf,
};