- Introduced a new Redis worker connection function to manage worker-specific connections, enhancing reliability.
- Updated the health check job scheduling to use a SHA-256 hash for generating safe job IDs, improving uniqueness and security.
- Added a comprehensive README to document the federation background job queue, including job interfaces, exported functions, and usage examples.
- Refactored existing code for better organization and clarity, including updates to job processing and error handling.
This update aims to strengthen the federation's job processing capabilities and improve overall system documentation.
This update also finishes #4
Major changes:
- Restructure plugin architecture: moved federation logic into a dedicated `federation` plugin with Better Auth integration, defining schemas for server registry, key rotation, and blacklist management
- Extract encryption layer: new `oven` plugin handles end-to-end encryption (E2EE) with OLM client/server implementations
- Reorganize social features: consolidated social endpoints (posts, follows, blocks, mutes) and removed legacy plugin patterns in favor of unified plugin structure
- Decentralized key management: refactored `keytools` and `keygen` to support federation key rotation with challenge tokens and health checks
Infrastructure updates:
- Upgrade dependencies: bump Better Auth to 1.6.9, React to 19.2.5, Next.js to 16.2.3, Tailwind to 4.2.4
- Add cryptographic libraries: @scure/bip39, @signalapp/libsignal-client, @matrix-org/matrix-sdk-crypto-wasm for enhanced federation security
- Add utilities: base58-js, uuid for federation identifier handling
- Update database schema with new federation tables (serverRegistry, rotateChallengeTokens, blacklistedServers)
Minor updates: test suite alignment, storage client cleanup, PostFederationSchema refinements
Co-authored-by: Cursor <cursoragent@cursor.com>
- Introduced single Redis connection for managing federation delivery jobs, improving reliability and performance.
- Updated environment configuration to include Redis connection details and allowed hostnames for CORS.
- Refactored existing code to streamline federation processes and improve error handling.
- Enhanced database schema to track acknowledgment status for follow requests.
This update aims to strengthen the federation's communication capabilities and ensure better handling of server interactions.
#3#4
- Added a new proxy route to relay encrypted federation traffic between servers, allowing for better communication in restricted environments.
- Implemented health check mechanisms for server registration, including tracking health status and scheduling health checks.
- Updated the database schema to include health check attempts and unhealthy reasons for servers.
- Enhanced the federation fetch logic to handle errors more gracefully and support proxying requests.
- Improved README documentation with a new section explaining public/private data handling and added links to mirrors.
- Refactored existing code for better organization and clarity, including updates to various federation-related modules.
#3
This should all be tested throughly, the workers are messy and poluted, a rework is needed and should be prioritized.
They work, but the code is poorly documented and there is no proper testing of the workers, some of them run twice and there are major issues on them.
- Added support for following users with optional federation URLs, allowing for cross-server interactions.
- Implemented new endpoints for following and unfollowing users, including payload validation and error handling.
- Introduced federation delivery jobs to handle follow requests across different servers.
- Updated database schema to include references for follower and following server URLs.
- Enhanced URL validation to allow localhost during development while maintaining security checks.
- Refactored existing social endpoints to accommodate new follow logic and improve code organization.
- Added new environment variables for MinIO configuration in .env.local.example.
- Updated package.json and bun.lock to include new dependencies for key management and encryption.
- Refactored server and route handling to support Ed25519 and X25519 key pairs for improved security during key rotation.
- Implemented validation for public keys and enhanced error handling in the discovery routes.
- Introduced new challenges for key rotation, ensuring secure communication between federations.
- Updated README with additional instructions for the new key rotation process.
- Added a new test suite for attack vectors targeting the /discover federation routes, ensuring (known) vulnerabilities are addressed.
- Implemented a proxy function to check for blacklisted servers, enhancing security measures.
- Introduced URL validation to prevent SSRF attacks by blocking internal addresses.
- Updated package.json with a new test command for the attack tests.
- Refactored server and route handling to improve type safety and error handling.
- Added new middleware for blacklist checks and URL validation to prevent unauthorized access.
- Reintroduced the command for generating federation keys in the package.json.
- Updated the route for server discovery to use the new BETTER_AUTH_URL environment variable.
- Added checks to ensure federation keys are set before authentication.
- Updated package dependencies, including the addition of the 'minio' package and updates to '@types/node' and 'shadcn'.
- Added new routes for server discovery and key rotation, including challenge issuance and confirmation processes.
- Introduced database schema for managing server registrations and rotation challenges.
- Implemented encryption and decryption utilities for secure communication between servers.
- Updated package dependencies and added new client and server plugins for social features.
- Enhanced user management with additional fields and relations in the database schema.
- Updated user status handling to include optional user-set status, improving user experience during reconnections.
- Added new queries and mutations for managing nests, including fetching non-offline user IDs and forcing users offline.
- Introduced new database schema for nests, roles, and channels, enhancing the application's organizational structure.
- Updated dependencies in package.json and bun.lock for improved stability and compatibility.
- Refactored related components and API to support the new nests functionality.
- Updated various dependencies in package.json and bun.lock to their latest versions for improved stability and security.
- Introduced a new ecosystem.config.cjs file for better environment management.
- Enhanced OLM password handling with encryption and decryption functionalities. (Testing)
- Improved UI components for password dialogs to provide better user feedback and error handling.
- Added new database schema for managing nests and roles in the application.
- Fixed race condition on @olm-context.tsx when a session is created
- Fixed an issue where the participants ids where being set to the current user only
- Added safeguard for the dm event to try to either parse the message or use it as-is
- Added support for consuming one-time keys (OTK) in the authentication flow.
- Implemented new mutation `consumeOTK` to handle OTK consumption and update user accounts.
- Updated participant details to include OLM account information.
- Refactored socket management to improve direct messaging functionality.
- Introduced new UI components for password handling and user interactions.
- Updated dependencies in package.json and bun.lock for compatibility and feature enhancements.
- Added `getParticipantDetails` query to fetch details of multiple participants in a direct message channel.
- Introduced `dexie-react-hooks` for improved state management with Dexie.
- Refactored user validation logic to support optional user authentication.
- Created new UI components for friend actions and friend list display.
- Implemented a layout structure for the application, including a sidebar and main content area.
- Updated socket management to handle connection states more effectively.
- Removed deprecated `page.tsx` file and organized routing structure for better maintainability.
- Implemented a modal for sending and managing friend requests, allowing users to send, accept, decline, or ignore requests.
- Enhanced user status management by integrating real-time updates for online, busy, offline, and away statuses.
- Updated the API and database schema to support new friend request and user status features.
- Improved socket management for better connection handling and user experience.
- Refactored UI components to accommodate new functionalities while maintaining consistency.
- Introduced user status management with the ability to update online, busy, offline, and away statuses.
- Added metadata fields for user preferences, including phrase preferences and friends list.
- Updated API and database schema to accommodate new user fields.
- Enhanced the authentication component to handle additional user data effectively.
- Implemented hooks for socket management and OLM setup to improve user experience.
- Updated various dependencies in package.json and bun.lock for better compatibility and features.
- Added OLM (Object Location Management) support by including necessary files and updating authentication logic.
- Enhanced the authentication flow with better error handling and user feedback.
- Introduced new database schema for OLM accounts and updated related API components.
- Improved socket connection management and user interface elements for a smoother user experience.
Added all SQL scripts by using a python script to fetch them.
Also added a "About" page and a skeleton to the chat page.
Fixed the register function that was not setting the public_key on the database
Made even more changes the UI and added new Routes for searching a user, requesting consent for messaging and others.
Now just need to make the SSE work.
