Commit Graph

57 Commits

Author SHA1 Message Date
cyph3rasi b46be5c076 Reconcile the accepted safe federation helper with E2EE integration hardening and complete PIN-based encrypted DMs
Hop-State: A_06FPC0CGS3F7SJG3BGW0YF0
Hop-Proposal: R_06FPC0BK6YEV7XASNM7C908
Hop-Task: T_06FPAWA3279RBMJAR0BHM10
Hop-Attempt: AT_06FPBZWSBFTB9B5YH9JY9QR
2026-07-15 06:40:06 -07:00
cyph3rasi 93be1cffd8 Fix repeating Home feeds with timestamp cursors across local and swarm sources, remote profile pagination, duplicate filtering, and in-flight request guards.
Hop-State: A_06FPACHVKP3PTEY7DT6NW1R
Hop-Proposal: R_06FPACGSH34JXPKH7QHAXAR
Hop-Task: T_06FPABDPSJFCRPZSG0PXS9G
Hop-Attempt: AT_06FPABDPSG9CRMFEZ4WC35R
2026-07-15 02:53:38 -07:00
cyph3rasi b291c5a453 Blur NSFW profile avatars and banners unless the viewer has enabled NSFW
Hop-State: A_06FP9DH64R0TWDEQST5Z460
Hop-Proposal: R_06FP9DF1AKH8Z9GA7AD24G0
Hop-Task: T_06FP9B65YW8Z4VM9386KDB8
Hop-Attempt: AT_06FP9B65YZ94YY9QS6C6Q38
2026-07-15 00:38:06 -07:00
cyph3rasi 1427df4bdc Restrict public swarm participation and propagation to real public ICANN domains
Hop-State: A_06FP8GM0PKJTMF45B7016J0
Hop-Proposal: R_06FP8GKFXXZG84ETVCPS5ZG
Hop-Task: T_06FP8F45T3G4Z4ESW9NZQQR
Hop-Attempt: AT_06FP8F45T3QS81M2ZM4SJ3G
2026-07-14 22:31:47 -07:00
cyph3rasi 0ecb622565 Reconcile validated Turso runtime fix with republished main history
Hop-State: A_06FP6A2CG8PVBRDVQ5WGCN0
Hop-Proposal: R_06FP6A0YW23RY0N7Z5M8DW0
Hop-Task: T_06FP67JVF4BHPYKKC37XKQ8
Hop-Attempt: AT_06FP69RZ96ZMNF9Y5S02MT0
2026-07-14 17:23:33 -07:00
cyph3rasi 60f7dba46c Migrate Synapsis to embedded Turso
CI / smoke (push) Has been cancelled
2026-07-14 15:50:12 -07:00
cyph3rasi 21258edd95 Replace PostgreSQL and Docker deployment with embedded Turso, Drizzle relational queries v2, native systemd deployment on port 43821, and fresh SQLite migrations.
Hop-State: A_06FP5KEDBTB4A9ZT7QB498G
Hop-Proposal: R_06FP5KDWMCKVVMQZT4MVZ28
Hop-Task: T_06FP5DZ7T0G45FG93PT90B8
Hop-Attempt: AT_06FP5DZ7T0PKQW99V27JCV8
2026-07-14 15:44:42 -07:00
cyph3rasi b4a9d82d05 Add docker publish flow, node blocklist & API updates
Replace docker/metadata GH Action with a docker-publish.sh driven workflow (supports auto-versioning, extra tags, multi-arch builds and optional builder). Update docs and READMEs to use the updater and new publish flow. Add server-side swarm/node blocklist support and admin nodes API. Improve auth endpoints (me, logout, switch, session accounts) and support account switching. Extend bots API to support custom LLM provider and optional endpoint. Enforce node blocklist on chat send/receive, refactor link preview handling into dedicated preview modules, and enhance notifications and posts like/repost handlers to accept both signed actions and regular auth flows. Misc: remove admin update UI details, add helper libs (media previews, node-blocklist, reposts, notifications, etc.), and minor housekeeping (pyc, workflow tweaks).
2026-03-10 12:40:05 -07:00
cyph3rasi 044196cfa7 Add auto updates and tighten reply feeds 2026-03-08 19:22:18 -07:00
cyph3rasi 5f21ea8e5d Fix reply consistency and source validation 2026-03-08 18:29:42 -07:00
cyph3rasi c5984145dc Fix swarm interaction and reply identity verification 2026-03-07 23:47:17 -08:00
cyph3rasi 830c062fa1 Fix swarm replies and interaction verification 2026-03-07 22:18:16 -08:00
cyph3rasi 1b0b3d8d52 Fix federation flows and add versioned updater 2026-03-07 21:55:55 -08:00
cyph3rasi 5d524a0354 Fix federated interactions and reply threads 2026-03-07 21:27:22 -08:00
cyph3rasi 1e2da4f2da Fix swarm signature verification payloads 2026-03-07 21:03:47 -08:00
cyph3rasi 853c564755 Fix swarm bootstrap for logo-less nodes 2026-03-07 20:54:30 -08:00
Christomatt f55dec9a60 feat: user-owned S3-compatible storage with credential verification 2026-02-01 02:51:52 +01:00
Clawd Deploy Bot 50355b740a Security fixes: swarm signature verification and error handling 2026-01-30 16:50:49 +01:00
Christomatt 10a54a0ea9 feat: Implement identity lock screen for sensitive user actions and introduce avatar generation. 2026-01-30 04:44:57 +01:00
Christomatt 4c9afa42fe feat: Improve user resolution for chat conversations by handling local domain suffixes and pre-fetching message sender details. 2026-01-29 12:15:13 +01:00
Christomatt 9710a16f83 feat: Implement remote user profile caching and enhance chat conversation list display with updated styling. 2026-01-29 01:00:22 +01:00
Christopher ceae76d58f Refactor chat system to remove E2EE and simplify messaging
Removed all E2EE chat endpoints, crypto logic, and related API routes, transitioning chat to plain text storage and transport. Updated chat send/receive endpoints to use signed actions and enforce DM privacy settings. Cleaned up Swarm chat inbox, key management, and related debug endpoints. Updated user profile to support DM privacy, improved search for handle queries, and refactored conversation/message logic to support the new model. Migrated bot settings and privacy settings to new locations.
2026-01-28 13:05:34 -08:00
Christopher a87977241c Refactor chat encryption to use sodium, update API
Replaces legacy chat encryption modules with new sodium-based implementation. Adds and updates API routes for chat key management and debugging, introduces new hooks and scripts for sodium chat, and updates related database schema and configuration. Removes old crypto modules and updates dependencies accordingly.
2026-01-28 06:07:03 -08:00
Christopher 222f1c6d8a Add sender DID resolution and self-decryption for chat messages
The messages API now resolves and includes sender DIDs for received messages, enabling proper decryption in the chat UI. The chat page adds logic to decrypt self-encrypted messages for sent items and improves V2 envelope handling, while useChatEncryption now serializes ratchet state before storage.
2026-01-27 22:06:47 -08:00
Christopher c8e4dedd61 Add sender_did to chat messages and new chat tables
Introduces a migration to add a sender_did column to the chat_messages table and creates new tables for chat_device_bundles, chat_inbox, and chat_one_time_keys. Updates related API routes and adds a script for sender DID migration. These changes support device-based messaging and improved chat security.
2026-01-27 21:57:33 -08:00
Christopher d460139ede Store chat messages locally for sender and recipient
Messages sent to remote users are now stored locally for the sender, and incoming remote messages are stored for the recipient, ensuring both parties see their message history in the UI. The implementation creates or updates conversations as needed and marks messages as delivered when appropriate.
2026-01-27 21:33:11 -08:00
Christopher dd87d51fa6 Add V2 chat protocol support and improve error handling
Introduces support for V2 encrypted chat envelopes in the swarm inbox route, allowing storage and processing of new message formats. Enhances error handling and logging in both chat send and encryption hooks, including detection of remote nodes that do not support the V2 protocol and providing clearer error messages for users and developers.
2026-01-27 21:25:51 -08:00
Christopher 33295b744e Add DID support and improve login state handling
Introduces a 'did' field to SwarmUserProfile and related API routes to support decentralized identifiers. Refactors login flow to use soft navigation and synchronize AuthContext state, including new 'login' and enhanced 'unlockIdentity' methods for better user state management.
2026-01-27 19:10:07 -08:00
Christopher 5903022f8a Add encrypted key support for chat and nodes
Introduces encrypted private key storage for nodes and users, updates chat message schema to support sender-side encryption, and adds supporting libraries and tests for cryptographic signing and identity unlock flows. Includes new database migrations, API route updates, and React components for identity unlock prompts.
2026-01-27 17:13:28 -08:00
Christopher 25f71e320b Implement federated chat conversation deletion
Adds logic to notify remote nodes when a chat conversation is deleted, and introduces a new API endpoint to receive and process deletion requests from other swarm nodes. Ensures that only authorized participants can trigger deletions and handles both local and remote user scenarios.
2026-01-27 14:09:25 -08:00
Christopher cb141a91a1 Fix DELETE handler to support async params
The DELETE API route now expects params as a Promise and awaits it to extract the conversation id. All references to params.id have been updated to use the resolved id variable.
2026-01-27 14:03:53 -08:00
Christopher 374f707dbf Add conversation deletion to chat UI and API
Introduces an API route for deleting chat conversations, supporting deletion for self or both parties. Updates the chat page UI to allow users to delete conversations with confirmation modal and handles state updates after deletion.
2026-01-27 14:00:48 -08:00
Christopher a68aee8758 Migrate user/profile URLs to /u/[handle] and remove legacy scripts
All user and post profile URLs have been updated from /[handle] to /u/[handle] for consistency. Added a redirect page for /posts/[id] to the canonical /u/[handle]/posts/[id] route. Deprecated and removed legacy scripts and documentation related to chat and federation endpoints. Push-based federation endpoints are now disabled in favor of real-time pull-based federation.
2026-01-27 01:26:41 -08:00
Christopher 44610157a1 Add chat page, improve chat API, and remove ChatWidget
Introduces a new chat page with end-to-end encryption, conversation list, and message thread UI. Adds new API endpoints for unread message count and debugging chat keys/messages. Improves chat key validation and reciprocal conversation/message creation for local recipients. Removes the old ChatWidget component. Updates login and chat API logic for better Turnstile and key handling.
2026-01-27 01:05:40 -08:00
Christomatt 75a2d87d9a feat: Implement a new chat widget with enhanced encryption handling and supporting utility scripts, replacing the old chat page. 2026-01-27 08:07:32 +01:00
Christomatt f758421748 feat(chat): Add remote user public key fetching for cross-node messaging
- Implement remote user detection based on @domain format in recipient handle
- Add HTTP/HTTPS protocol selection logic for localhost vs production domains
- Fetch remote user public keys from their node's /api/users endpoint
- Maintain local user key lookup for non-remote recipients
- Add error handling and debug logging for remote key fetch failures
- Enable end-to-end encryption support for federated chat across nodes
2026-01-27 06:28:42 +01:00
Christomatt 7d1e22e457 feat(chat): Enhance message decryption with improved key management and debug logging
- Add recipient public key fetching in messages API endpoint for sent message decryption
- Include `isE2E` flag in message response to indicate end-to-end encryption status
- Simplify encrypted content handling by always returning `encryptedContent` field
- Add comprehensive debug logging throughout message loading pipeline for troubleshooting
- Improve key resolution logic to fetch recipient keys when not available in conversation data
- Add detailed logging for each message processing step including key availability and decryption status
- Enhance error handling with more descriptive error messages in key fetching operations
- Better distinguish between sent and received message decryption requirements with clear comments
2026-01-27 06:18:20 +01:00
Christomatt c007741b65 feat: Include chat public key in conversation data and enhance chat page layout for full width and dynamic height. 2026-01-27 04:16:05 +01:00
Christomatt 1726ef0c7b feat: include chatPublicKey in user profiles and the swarm user interface. 2026-01-27 04:00:27 +01:00
Christomatt f0253581d2 feat(chat): Implement client-side end-to-end encryption with key management
- Add chat keys API endpoint for storing and retrieving encrypted RSA public/private key pairs
- Create client-side crypto utilities for E2E encryption/decryption with hybrid encryption support
- Implement useChatEncryption hook for managing encryption state and key generation in chat UI
- Add chatPublicKey and chatPrivateKeyEncrypted fields to user schema for key storage
- Update chat messages API to return encrypted content with sender's public key for decryption
- Modify send message endpoint to accept pre-encrypted content from client while maintaining legacy server-side encryption
- Update chat page UI to integrate client-side encryption workflow
- Ensure private keys are encrypted client-side with user password before transmission to server
- Server cannot decrypt message content in E2E mode, providing true end-to-end encryption
2026-01-27 03:38:54 +01:00
Christomatt fb2c80b0e3 feat(chat): Validate and cache remote user public keys for encryption
- Add validation to check if cached users have valid public keys (PEM format)
- Fetch remote public keys when local cache has placeholder/invalid keys
- Update existing cached users with real public keys instead of creating duplicates
- Include public key in user profile API response for E2E encrypted chat support
- Improve error handling to reject recipients without valid encryption keys
- Ensure remote user data is properly extracted from API responses
This prevents sending encrypted messages to users with placeholder keys and ensures the chat system always has access to valid public keys for encryption operations.
2026-01-27 02:12:43 +01:00
Christomatt 998a1bcf4a feat(chat): Improve recipient handle parsing for swarm messaging
- Strip leading @ symbol from recipient handle before normalization
- Replace simple split() with substring-based parsing for more robust handle@domain extraction
- Add clarifying comments explaining handle format expectations (handle@domain)
- Prevent potential issues with malformed recipient handles containing multiple @ symbols
- Ensure consistent handle normalization across local and remote recipients
2026-01-27 01:54:59 +01:00
Christomatt eb63194c56 refactor: Migrate from ActivityPub federation to native Swarm network
- Remove ActivityPub infrastructure (webfinger, nodeinfo, inbox, activities, signatures)
- Implement native peer-to-peer Swarm network with gossip protocol
- Replace federated timeline with Swarm timeline aggregating posts from all nodes
- Migrate direct messaging to end-to-end encrypted Swarm Chat system
- Update user interactions (follow, like, repost) to use Swarm protocol
- Add cryptographic key management for DID-based identity system
- Remove server-bound identity model in favor of portable DID identities
- Update documentation to reflect Swarm architecture and capabilities
- Add debug utilities and chat testing tools for Swarm network
- Refactor database schema to support distributed user directory
- Update bot framework to work with Swarm network interactions
- Simplify API routes to use Swarm protocol instead of ActivityPub
- This transition enables true peer-to-peer communication, instant interactions, and encrypted messaging while maintaining sovereign identity through DIDs
2026-01-27 01:27:15 +01:00
Christomatt 6b8eeb6814 feat(chat): Implement end-to-end encrypted swarm messaging system
- Add Swarm Chat documentation with architecture, API endpoints, and security considerations
- Create database schema for chat conversations, messages, and typing indicators
- Implement chat API endpoints for sending, receiving, and managing messages
- Add client-side encryption utilities using RSA-OAEP with SHA-256
- Create chat page UI for viewing conversations and messages
- Add chat type definitions for TypeScript support
- Update database schema with new chat tables and relationships
- Update sidebar navigation to include chat link
- Enable true end-to-end encrypted messaging across swarm nodes without ActivityPub limitations
2026-01-26 20:00:17 +01:00
Christomatt c5a5985aa6 feat(api): Filter remote placeholder users from swarm timeline
- Add sql import from drizzle-orm for advanced query filtering
- Exclude federated/swarm posts by checking for null apId in timeline query
- Filter out remote placeholder users by validating handle doesn't contain @ symbol
- Add clarifying comments explaining local-only post filtering logic
- Improve timeline query to return only posts from local users, preventing remote placeholder user content from appearing in feeds
2026-01-26 19:43:18 +01:00
Christomatt cf0dfa4b66 feat: Implement dynamic node title metadata and enhance swarm user and post hydration. 2026-01-26 17:09:21 +01:00
Christomatt 38ddede873 feat: Enable deletion of swarm-originated posts and replies by propagating requests to remote nodes and improve swarm ID parsing. 2026-01-26 14:56:05 +01:00
Christomatt a2ec470354 feat(posts): Add user replies tab and improve reply management
- Add "replies" tab to user profile page to display posts where user replied to others
- Implement replies fetching via new `type=replies` query parameter in posts API
- Add reply deletion permissions for parent post owners on their own posts
- Add swarm reply deletion notification to origin nodes when replies are deleted
- Pass `parentPostAuthorId` prop to PostCard for improved reply context tracking
- Update profile tab navigation to include replies tab for non-bot users
- Add loading and empty states for replies tab display
- Improve authorization logic to allow parent post owners to delete replies on their posts
2026-01-26 14:22:32 +01:00
Christomatt 9581fd2810 feat(swarm): Add real-time post fetching and reply aggregation for federated nodes
- Add swarm post ID parsing (format: swarm:domain:uuid) in local post endpoint
- Implement real-time fetching from origin node with 10s timeout
- Transform remote post data to match local format with swarm metadata
- Add reply aggregation from remote node with proper ID transformation
- Implement like status checking for authenticated users on remote posts
- Refactor swarm post endpoint to include reply data in response
- Add media transformation with swarm-prefixed IDs for remote posts
- Improve error handling with fallback to 404 for unreachable nodes
- Enable seamless cross-node post viewing with federated author information
2026-01-26 13:25:54 +01:00
Christomatt 08d507c196 feat(swarm): Add remote like tracking and federated like status queries
- Add remoteLikes table to track likes from federated nodes on local posts
- Implement deduplication logic in like/unlike endpoints to prevent duplicate remote likes
- Add GET endpoint at /api/swarm/posts/[id]/likes to query like status from origin nodes
- Enhance POST feed endpoint to separate local and swarm posts for interaction checks
- Query origin nodes in real-time to populate isLiked flag for federated posts in feeds
- Add error handling and 3-second timeout for remote like status queries
- Update schema to support remote like tracking with actor handle and domain
2026-01-26 13:16:59 +01:00