Major changes:
- Restructure plugin architecture: moved federation logic into a dedicated `federation` plugin with Better Auth integration, defining schemas for server registry, key rotation, and blacklist management
- Extract encryption layer: new `oven` plugin handles end-to-end encryption (E2EE) with OLM client/server implementations
- Reorganize social features: consolidated social endpoints (posts, follows, blocks, mutes) and removed legacy plugin patterns in favor of unified plugin structure
- Decentralized key management: refactored `keytools` and `keygen` to support federation key rotation with challenge tokens and health checks
Infrastructure updates:
- Upgrade dependencies: bump Better Auth to 1.6.9, React to 19.2.5, Next.js to 16.2.3, Tailwind to 4.2.4
- Add cryptographic libraries: @scure/bip39, @signalapp/libsignal-client, @matrix-org/matrix-sdk-crypto-wasm for enhanced federation security
- Add utilities: base58-js, uuid for federation identifier handling
- Update database schema with new federation tables (serverRegistry, rotateChallengeTokens, blacklistedServers)
Minor updates: test suite alignment, storage client cleanup, PostFederationSchema refinements
Co-authored-by: Cursor <cursoragent@cursor.com>
- Added a new proxy route to relay encrypted federation traffic between servers, allowing for better communication in restricted environments.
- Implemented health check mechanisms for server registration, including tracking health status and scheduling health checks.
- Updated the database schema to include health check attempts and unhealthy reasons for servers.
- Enhanced the federation fetch logic to handle errors more gracefully and support proxying requests.
- Improved README documentation with a new section explaining public/private data handling and added links to mirrors.
- Refactored existing code for better organization and clarity, including updates to various federation-related modules.
#3
This should all be tested throughly, the workers are messy and poluted, a rework is needed and should be prioritized.
They work, but the code is poorly documented and there is no proper testing of the workers, some of them run twice and there are major issues on them.
- Added a new test suite for attack vectors targeting the /discover federation routes, ensuring (known) vulnerabilities are addressed.
- Implemented a proxy function to check for blacklisted servers, enhancing security measures.
- Introduced URL validation to prevent SSRF attacks by blocking internal addresses.
- Updated package.json with a new test command for the attack tests.
- Refactored server and route handling to improve type safety and error handling.
- Added new middleware for blacklist checks and URL validation to prevent unauthorized access.
- Added `getParticipantDetails` query to fetch details of multiple participants in a direct message channel.
- Introduced `dexie-react-hooks` for improved state management with Dexie.
- Refactored user validation logic to support optional user authentication.
- Created new UI components for friend actions and friend list display.
- Implemented a layout structure for the application, including a sidebar and main content area.
- Updated socket management to handle connection states more effectively.
- Removed deprecated `page.tsx` file and organized routing structure for better maintainability.
- Implemented a modal for sending and managing friend requests, allowing users to send, accept, decline, or ignore requests.
- Enhanced user status management by integrating real-time updates for online, busy, offline, and away statuses.
- Updated the API and database schema to support new friend request and user status features.
- Improved socket management for better connection handling and user experience.
- Refactored UI components to accommodate new functionalities while maintaining consistency.
- Introduced user status management with the ability to update online, busy, offline, and away statuses.
- Added metadata fields for user preferences, including phrase preferences and friends list.
- Updated API and database schema to accommodate new user fields.
- Enhanced the authentication component to handle additional user data effectively.
- Implemented hooks for socket management and OLM setup to improve user experience.
- Updated various dependencies in package.json and bun.lock for better compatibility and features.
- Added OLM (Object Location Management) support by including necessary files and updating authentication logic.
- Enhanced the authentication flow with better error handling and user feedback.
- Introduced new database schema for OLM accounts and updated related API components.
- Improved socket connection management and user interface elements for a smoother user experience.
Added all SQL scripts by using a python script to fetch them.
Also added a "About" page and a skeleton to the chat page.
Fixed the register function that was not setting the public_key on the database
Made even more changes the UI and added new Routes for searching a user, requesting consent for messaging and others.
Now just need to make the SSE work.
