- Implement remote user detection based on @domain format in recipient handle
- Add HTTP/HTTPS protocol selection logic for localhost vs production domains
- Fetch remote user public keys from their node's /api/users endpoint
- Maintain local user key lookup for non-remote recipients
- Add error handling and debug logging for remote key fetch failures
- Enable end-to-end encryption support for federated chat across nodes
- Add recipient public key fetching in messages API endpoint for sent message decryption
- Include `isE2E` flag in message response to indicate end-to-end encryption status
- Simplify encrypted content handling by always returning `encryptedContent` field
- Add comprehensive debug logging throughout message loading pipeline for troubleshooting
- Improve key resolution logic to fetch recipient keys when not available in conversation data
- Add detailed logging for each message processing step including key availability and decryption status
- Enhance error handling with more descriptive error messages in key fetching operations
- Better distinguish between sent and received message decryption requirements with clear comments
- Add fallback logic to fetch recipient's public key if not already cached
- Distinguish between E2E encrypted messages (with senderPublicKey) and legacy RSA messages
- Return appropriate error messages for legacy encrypted messages and missing decryption keys
- Improve ECDH key derivation logic with clearer comments explaining sent vs received message handling
- Add comprehensive error logging for decryption failures and missing keys
- Refactor loadMessages function for better readability with expanded formatting
- Ensure recipient key is available before attempting message decryption to prevent silent failures
- Fix template literal syntax from escaped backticks to proper ${} notation
- Remove unnecessary comments from empty catch blocks for cleaner code
- Add emoji to initial chat greeting message for better UX
- Ensure consistent string interpolation across all API calls and JSX attributes
- Add chat keys API endpoint for storing and retrieving encrypted RSA public/private key pairs
- Create client-side crypto utilities for E2E encryption/decryption with hybrid encryption support
- Implement useChatEncryption hook for managing encryption state and key generation in chat UI
- Add chatPublicKey and chatPrivateKeyEncrypted fields to user schema for key storage
- Update chat messages API to return encrypted content with sender's public key for decryption
- Modify send message endpoint to accept pre-encrypted content from client while maintaining legacy server-side encryption
- Update chat page UI to integrate client-side encryption workflow
- Ensure private keys are encrypted client-side with user password before transmission to server
- Server cannot decrypt message content in E2E mode, providing true end-to-end encryption
- Add validation to check if cached users have valid public keys (PEM format)
- Fetch remote public keys when local cache has placeholder/invalid keys
- Update existing cached users with real public keys instead of creating duplicates
- Include public key in user profile API response for E2E encrypted chat support
- Improve error handling to reject recipients without valid encryption keys
- Ensure remote user data is properly extracted from API responses
This prevents sending encrypted messages to users with placeholder keys and ensures the chat system always has access to valid public keys for encryption operations.
- Strip leading @ symbol from recipient handle before normalization
- Replace simple split() with substring-based parsing for more robust handle@domain extraction
- Add clarifying comments explaining handle format expectations (handle@domain)
- Prevent potential issues with malformed recipient handles containing multiple @ symbols
- Ensure consistent handle normalization across local and remote recipients
- Replace pure RSA encryption with hybrid encryption scheme for better performance
- Implement AES-256-GCM for fast message encryption without size limitations
- Use RSA-OAEP for secure AES key exchange between chat participants
- Add EncryptedPayload interface to structure encrypted data (key, IV, ciphertext, auth tag)
- Update encryptMessage() to generate random AES key and IV, encrypt with AES-GCM, then wrap AES key with RSA
- Update decryptMessage() to unwrap AES key with RSA, then decrypt message with AES-GCM
- Include GCM authentication tag for message integrity verification
- Encode all binary components as base64 strings in JSON payload for transport
- Improves encryption performance while maintaining security for end-to-end swarm messaging
- Remove ActivityPub infrastructure (webfinger, nodeinfo, inbox, activities, signatures)
- Implement native peer-to-peer Swarm network with gossip protocol
- Replace federated timeline with Swarm timeline aggregating posts from all nodes
- Migrate direct messaging to end-to-end encrypted Swarm Chat system
- Update user interactions (follow, like, repost) to use Swarm protocol
- Add cryptographic key management for DID-based identity system
- Remove server-bound identity model in favor of portable DID identities
- Update documentation to reflect Swarm architecture and capabilities
- Add debug utilities and chat testing tools for Swarm network
- Refactor database schema to support distributed user directory
- Update bot framework to work with Swarm network interactions
- Simplify API routes to use Swarm protocol instead of ActivityPub
- This transition enables true peer-to-peer communication, instant interactions, and encrypted messaging while maintaining sovereign identity through DIDs
- Add Swarm Chat documentation with architecture, API endpoints, and security considerations
- Create database schema for chat conversations, messages, and typing indicators
- Implement chat API endpoints for sending, receiving, and managing messages
- Add client-side encryption utilities using RSA-OAEP with SHA-256
- Create chat page UI for viewing conversations and messages
- Add chat type definitions for TypeScript support
- Update database schema with new chat tables and relationships
- Update sidebar navigation to include chat link
- Enable true end-to-end encrypted messaging across swarm nodes without ActivityPub limitations
- Add sql import from drizzle-orm for advanced query filtering
- Exclude federated/swarm posts by checking for null apId in timeline query
- Filter out remote placeholder users by validating handle doesn't contain @ symbol
- Add clarifying comments explaining local-only post filtering logic
- Improve timeline query to return only posts from local users, preventing remote placeholder user content from appearing in feeds
- Add SQL filter to exclude users with '@' in handle from admin users endpoint
- Update search endpoint to filter remote placeholder users from results
- Modify users listing endpoint to exclude federated user handles
- Prevent remote placeholder accounts from appearing in local user lists and search results
- Move Turnstile status indicator above input fields for better visibility
- Mask secret key input with placeholder dots when already configured
- Update secret key helper text to indicate configuration status
- Enhance version API endpoint to include GitHub commit URL
- Add githubUrl field to version response for direct commit linking
- Implement emoji sizing styles for post content and compose input
- Update RightSidebar version state type to include githubUrl
- Add clickable GitHub commit link in version display when available
- Improve security by hiding sensitive Turnstile secret key values
- Create new `/api/version` endpoint to retrieve git commit count and hash information
- Simplify admin page layout by removing unnecessary nested divs and card wrapper
- Refactor moderation page tab navigation with improved button styling using btn-sm and btn-primary classes
- Consolidate padding and styling in moderation page for cleaner component structure
- Add word-break and overflow-wrap styles to report content display for better text handling
- Improve responsive design by adding minWidth: 0 to flex containers in report cards
- Streamline conditional rendering in admin settings to reduce DOM nesting depth
- Move reports, posts, and users management to new moderation page
- Simplify admin page to focus on node settings configuration only
- Remove unused types (AdminUser, AdminPost, Report) from admin page
- Remove report resolution, post actions, and user moderation handlers
- Remove tab navigation and related state management from admin page
- Update sidebar navigation to include moderation page link
- Consolidate moderation dashboard functionality into separate component
- Improve code organization by separating concerns between admin and moderation
- Add Cloudflare Turnstile integration for login and registration forms
- Create turnstile verification utility with server-side token validation
- Add turnstile_site_key and turnstile_secret_key fields to nodes table
- Implement admin panel UI for configuring Turnstile keys in settings
- Update login and register API routes to verify Turnstile tokens
- Expose turnstile_site_key via GET /api/node endpoint for frontend
- Add admin endpoint to save and update Turnstile configuration
- Create remote_likes and remote_reposts tables for federated interaction tracking
- Add swarm reply metadata fields (swarm_reply_to_id, swarm_reply_to_content, swarm_reply_to_author) to posts table
- Add comprehensive TURNSTILE_SETUP.md documentation with setup instructions and security notes
- Create database migration 0007 with schema updates and indexes
- Protects against bot registrations and automated attacks on federated nodes
- Add "replies" tab to user profile page to display posts where user replied to others
- Implement replies fetching via new `type=replies` query parameter in posts API
- Add reply deletion permissions for parent post owners on their own posts
- Add swarm reply deletion notification to origin nodes when replies are deleted
- Pass `parentPostAuthorId` prop to PostCard for improved reply context tracking
- Update profile tab navigation to include replies tab for non-bot users
- Add loading and empty states for replies tab display
- Improve authorization logic to allow parent post owners to delete replies on their posts
- Add swarm reply metadata fields (swarmReplyToId, swarmReplyToContent, swarmReplyToAuthor) to posts table for tracking replies to federated posts
- Extend swarmReplyTo schema to include optional content and author information for context preservation
- Build synthetic replyTo objects from swarm reply metadata to unify local and federated reply handling
- Include media in replyTo relations across all post queries for complete reply context
- Add thread container styling with visual line connector between parent and child posts
- Implement thread parent display mode with reduced opacity and hidden actions for context
- Add showThread and isThreadParent props to PostCard for flexible thread rendering
- Enable inline parent post visualization when viewing post details to show conversation context
- Add decodeURIComponent() to handle URL-encoded characters in post IDs
- Update like endpoint POST and DELETE handlers to decode rawId parameter
- Update repost endpoint POST and DELETE handlers to decode rawId parameter
- Update post retrieval GET handler to decode rawId parameter
- Fixes issues with special characters (e.g., %3A for colons) in post identifiers
- Add swarm post ID parsing (format: swarm:domain:uuid) in local post endpoint
- Implement real-time fetching from origin node with 10s timeout
- Transform remote post data to match local format with swarm metadata
- Add reply aggregation from remote node with proper ID transformation
- Implement like status checking for authenticated users on remote posts
- Refactor swarm post endpoint to include reply data in response
- Add media transformation with swarm-prefixed IDs for remote posts
- Improve error handling with fallback to 404 for unreachable nodes
- Enable seamless cross-node post viewing with federated author information
- Add remoteLikes table to track likes from federated nodes on local posts
- Implement deduplication logic in like/unlike endpoints to prevent duplicate remote likes
- Add GET endpoint at /api/swarm/posts/[id]/likes to query like status from origin nodes
- Enhance POST feed endpoint to separate local and swarm posts for interaction checks
- Query origin nodes in real-time to populate isLiked flag for federated posts in feeds
- Add error handling and 3-second timeout for remote like status queries
- Update schema to support remote like tracking with actor handle and domain
- Add swarm post handling to like endpoint with direct delivery to origin node
- Add swarm post handling to repost endpoint with direct delivery to origin node
- Add new unrepost endpoint for removing reposts from swarm posts
- Implement deliverSwarmUnrepost function in interactions library
- Extract swarm domain and post ID validation for all interaction types
- Return appropriate error responses for invalid swarm post IDs
- Log successful swarm interaction deliveries for debugging
- Improve separation between local post and swarm post handling logic
- Enable federated users to interact with remote swarm posts directly without local caching
- Remove dedicated bot owner notification utility in favor of unified notification system
- Update all interaction endpoints (follow, like, mention, repost) to use consolidated notification flow
- Refactor notification route to handle all interaction types through single endpoint
- Update posts endpoints to trigger notifications through unified system
- Add database migration snapshot for notification schema changes
- Simplify notification logic by removing redundant bot owner notification module
- Improve notification consistency across all user interactions and post operations
- Implement notifications page component with loading and error states
- Add notification fetching from `/api/notifications` endpoint
- Create notification type interfaces (follow, like, repost, mention)
- Add "Mark all read" functionality to batch update notification status
- Implement NotificationItem component to display individual notifications
- Add relative time formatting (e.g., "5m", "2h", "3d")
- Display unread notifications with distinct background styling
- Add user avatar and profile links for notification actors
- Show post content preview for post-related notifications
- Handle authentication errors with appropriate user messaging
- Display empty state with icon when no notifications exist
- Add detection for remote placeholder users (handles containing @)
- Implement fresh data fetching from remote when placeholder is detected
- Refactor conditional logic to treat stale placeholders as missing users
- Only return 404 error if user is genuinely not found, not for refresh attempts
- Improves data freshness for federated user profiles by re-fetching from source
- Add favicon_url column to nodes table for storing node instance favicons
- Replace actor_url unique constraint with composite unique index on (user_id, actor_url) in remote_followers table
- Update database schema and migration files to reflect new constraints
- Improve data integrity by ensuring remote followers are unique per user and actor combination
- Wrap notification creation in try-catch blocks for follow interactions
- Wrap notification creation in try-catch blocks for like interactions
- Wrap notification creation in try-catch blocks for repost interactions
- Add console logging for successful notification creation with interaction details
- Add error logging for failed notification creation to aid in debugging
- Prevent interaction failures from cascading due to notification errors
- Create new botOwnerNotify module with notifyBotOwnerForPost and notifyBotOwnerForFollow functions
- Add bot owner notifications to local post interactions (likes, reposts)
- Add bot owner notifications to swarm post interactions (likes, reposts, mentions)
- Add bot owner notifications to follow interactions (local and swarm)
- Implement mention notification creation for local mentions in post creation
- Notify bot owners when their bots receive interactions from other users
- Ensure bot owners are alerted to engagement on their bot accounts across federated network
- Create new swarm endpoints for fetching user followers list at /api/swarm/users/[handle]/followers
- Create new swarm endpoints for fetching user following list at /api/swarm/users/[handle]/following
- Add SwarmFollowerUser and SwarmFollowingUser interfaces for federated user data
- Implement local and remote follower/following aggregation in swarm endpoints
- Update local followers endpoint to fetch data from remote swarm nodes
- Update local following endpoint to fetch data from remote swarm nodes
- Add error handling and database availability checks for all endpoints
- Include node domain and timestamp metadata in swarm responses
- Support pagination with configurable limit parameter (max 100)
- Enable cross-node follower/following visibility for federated social graph
- Add botOwnerHandle field to SwarmUserProfile interface to track bot ownership
- Include botOwner relationship in swarm user profile queries for bot users
- Populate botOwnerHandle in swarm profile responses when user is a bot
- Build botOwner object in local user profile endpoint when fetching remote bot profiles
- Include botOwner data in user profile responses for better bot attribution
- Enables tracking and displaying which user owns each bot across federated instances
- Implement live post fetching from followed remote users with parallel requests and timeouts
- Add remote-sync background task to periodically cache posts from followed remote users
- Optimize swarm node detection and prioritize swarm API over ActivityPub for faster responses
- Add timeout wrapper (5s per node) to prevent slow remote nodes from blocking timeline requests
- Enhance scheduler to support background sync tasks with configurable intervals
- Transform remote posts to match local format with proper media and author metadata
- Improve error handling and logging for remote user post fetching
- Replace cached-only approach with hybrid live/cached strategy for fresher content
- Remove scheduled posting logic and consolidate all bot posting into autonomous module
- Simplify cron endpoint to only call processAllAutonomousBots with cleaner response format
- Add background post caching for swarm follow operations via cacheSwarmUserPosts
- Update background scheduler to remove scheduled posting references and streamline logging
- Improve autonomous module documentation to clarify schedule-based posting with optional sources
- Enhance error tracking and reporting across bot task execution
- Reduce code duplication by eliminating separate scheduled/autonomous processing paths
- Add new swarm interaction endpoints for follow, unfollow, like, unlike, mention, and repost actions
- Create interactions.ts library module to handle federated interaction logic
- Add swarm post detail endpoint for retrieving individual post information
- Update post interaction routes to support federated operations
- Replace logo.svg with new logotext.svg for updated branding
- Update login page and sidebar components with new branding assets
- Enhance swarm discovery and type definitions to support new interaction patterns
- Update user follow endpoint to work with federated swarm interactions
- Add initial post trigger on bot creation to establish schedule reference point
- Implement background post creation in scheduled bot processor using triggerPost
- Add fresh content fetching before checking availability in scheduler
- Enhance scheduler logging with detailed skip reasons and error reporting
- Include autonomous bot skip reasons and scheduled bot status details in logs
- Add error tracking and reporting for failed bot post attempts
- Improve debugging visibility for bot task execution and failures
- Create new GET /api/swarm/users/[handle] endpoint for federated user profile queries
- Add SwarmUserProfile and SwarmUserPost interfaces for standardized remote profile data
- Include user profile metadata (handle, displayName, bio, avatar, stats) in swarm responses
- Fetch and include user's recent posts with media and link preview data
- Implement fetchSwarmUserPosts helper to query remote Synapsis nodes via swarm API
- Update /api/users/[handle]/posts to prioritize swarm API for Synapsis node federation
- Replace profile page back navigation from Link to router.back() button for better UX
- Add proper error handling and suspended user filtering in swarm endpoint
- Support configurable post limit (max 50) for swarm profile queries
- Add nodeInfoLoaded state to track when node NSFW status is fetched
- Display loading indicator while node information is being retrieved
- Ensure loading state is set in both success and error cases
- Increase maximum post character limit from 400 to 600 characters
- Add getProfileHandle utility function to properly construct federated user profile links
- Include node domain in profile links for remote swarm users
- Update avatar and handle links to use full federated profile handles
- Improves UX by preventing premature NSFW gate display and supporting longer-form content
- Add debug information to swarm posts API response including NSFW filter status, source count, and post filtering metrics
- Add filteredCount field to timeline sources to track posts removed by NSFW filtering
- Implement protocol detection logic to use http:// for localhost and 127.0.0.1, https:// for all other domains
- Add comprehensive console logging for timeline queries showing node count, NSFW filter status, and per-node filtering details
- Move NSFW filtering logic earlier in the timeline aggregation to improve code clarity and enable better debugging
- Improve observability of the swarm timeline fetching process for troubleshooting filtering behavior