Removed all E2EE chat endpoints, crypto logic, and related API routes, transitioning chat to plain text storage and transport. Updated chat send/receive endpoints to use signed actions and enforce DM privacy settings. Cleaned up Swarm chat inbox, key management, and related debug endpoints. Updated user profile to support DM privacy, improved search for handle queries, and refactored conversation/message logic to support the new model. Migrated bot settings and privacy settings to new locations.
Introduces a 'did' field to SwarmUserProfile and related API routes to support decentralized identifiers. Refactors login flow to use soft navigation and synchronize AuthContext state, including new 'login' and enhanced 'unlockIdentity' methods for better user state management.
Major update to chat page with new conversation list, message thread view, and support for V2 end-to-end encrypted messaging using DIDs. Adds chat lock state, message sending, conversation deletion, and improved polling. Updates user API and types to include DID and chatPublicKey. Fixes race conditions in feed loading, adds message button to user profile, and improves crypto and identity hooks for better locked/unlocked state detection.
Introduces encrypted private key storage for nodes and users, updates chat message schema to support sender-side encryption, and adds supporting libraries and tests for cryptographic signing and identity unlock flows. Includes new database migrations, API route updates, and React components for identity unlock prompts.
- Add chat keys API endpoint for storing and retrieving encrypted RSA public/private key pairs
- Create client-side crypto utilities for E2E encryption/decryption with hybrid encryption support
- Implement useChatEncryption hook for managing encryption state and key generation in chat UI
- Add chatPublicKey and chatPrivateKeyEncrypted fields to user schema for key storage
- Update chat messages API to return encrypted content with sender's public key for decryption
- Modify send message endpoint to accept pre-encrypted content from client while maintaining legacy server-side encryption
- Update chat page UI to integrate client-side encryption workflow
- Ensure private keys are encrypted client-side with user password before transmission to server
- Server cannot decrypt message content in E2E mode, providing true end-to-end encryption
- Add validation to check if cached users have valid public keys (PEM format)
- Fetch remote public keys when local cache has placeholder/invalid keys
- Update existing cached users with real public keys instead of creating duplicates
- Include public key in user profile API response for E2E encrypted chat support
- Improve error handling to reject recipients without valid encryption keys
- Ensure remote user data is properly extracted from API responses
This prevents sending encrypted messages to users with placeholder keys and ensures the chat system always has access to valid public keys for encryption operations.
- Remove ActivityPub infrastructure (webfinger, nodeinfo, inbox, activities, signatures)
- Implement native peer-to-peer Swarm network with gossip protocol
- Replace federated timeline with Swarm timeline aggregating posts from all nodes
- Migrate direct messaging to end-to-end encrypted Swarm Chat system
- Update user interactions (follow, like, repost) to use Swarm protocol
- Add cryptographic key management for DID-based identity system
- Remove server-bound identity model in favor of portable DID identities
- Update documentation to reflect Swarm architecture and capabilities
- Add debug utilities and chat testing tools for Swarm network
- Refactor database schema to support distributed user directory
- Update bot framework to work with Swarm network interactions
- Simplify API routes to use Swarm protocol instead of ActivityPub
- This transition enables true peer-to-peer communication, instant interactions, and encrypted messaging while maintaining sovereign identity through DIDs
- Add SQL filter to exclude users with '@' in handle from admin users endpoint
- Update search endpoint to filter remote placeholder users from results
- Modify users listing endpoint to exclude federated user handles
- Prevent remote placeholder accounts from appearing in local user lists and search results
- Remove dedicated bot owner notification utility in favor of unified notification system
- Update all interaction endpoints (follow, like, mention, repost) to use consolidated notification flow
- Refactor notification route to handle all interaction types through single endpoint
- Update posts endpoints to trigger notifications through unified system
- Add database migration snapshot for notification schema changes
- Simplify notification logic by removing redundant bot owner notification module
- Improve notification consistency across all user interactions and post operations
- Add detection for remote placeholder users (handles containing @)
- Implement fresh data fetching from remote when placeholder is detected
- Refactor conditional logic to treat stale placeholders as missing users
- Only return 404 error if user is genuinely not found, not for refresh attempts
- Improves data freshness for federated user profiles by re-fetching from source
- Create new botOwnerNotify module with notifyBotOwnerForPost and notifyBotOwnerForFollow functions
- Add bot owner notifications to local post interactions (likes, reposts)
- Add bot owner notifications to swarm post interactions (likes, reposts, mentions)
- Add bot owner notifications to follow interactions (local and swarm)
- Implement mention notification creation for local mentions in post creation
- Notify bot owners when their bots receive interactions from other users
- Ensure bot owners are alerted to engagement on their bot accounts across federated network
- Create new swarm endpoints for fetching user followers list at /api/swarm/users/[handle]/followers
- Create new swarm endpoints for fetching user following list at /api/swarm/users/[handle]/following
- Add SwarmFollowerUser and SwarmFollowingUser interfaces for federated user data
- Implement local and remote follower/following aggregation in swarm endpoints
- Update local followers endpoint to fetch data from remote swarm nodes
- Update local following endpoint to fetch data from remote swarm nodes
- Add error handling and database availability checks for all endpoints
- Include node domain and timestamp metadata in swarm responses
- Support pagination with configurable limit parameter (max 100)
- Enable cross-node follower/following visibility for federated social graph
- Add botOwnerHandle field to SwarmUserProfile interface to track bot ownership
- Include botOwner relationship in swarm user profile queries for bot users
- Populate botOwnerHandle in swarm profile responses when user is a bot
- Build botOwner object in local user profile endpoint when fetching remote bot profiles
- Include botOwner data in user profile responses for better bot attribution
- Enables tracking and displaying which user owns each bot across federated instances
- Remove scheduled posting logic and consolidate all bot posting into autonomous module
- Simplify cron endpoint to only call processAllAutonomousBots with cleaner response format
- Add background post caching for swarm follow operations via cacheSwarmUserPosts
- Update background scheduler to remove scheduled posting references and streamline logging
- Improve autonomous module documentation to clarify schedule-based posting with optional sources
- Enhance error tracking and reporting across bot task execution
- Reduce code duplication by eliminating separate scheduled/autonomous processing paths