Jeff Emmett
b19d2c1ad7
Phase 1: MIT crypto primitives — AES-256-GCM, x25519 ECIES, HKDF key hierarchy, doc key sharing. All benchmarks pass, ~2ms encrypt+share. Phase 2: Encrypted IPFS storage — encrypt→upload→download→decrypt with KuboBackend for self-hosted kubo. TipTap image extension with CID-based attributes and ImageCache. 5/5 mock tests + 2/2 live tests pass. Phase 3: Collab server + IPFS deployed on Netcup — Fileverse collaboration-server (Y.js WebSocket relay + MongoDB) and kubo IPFS node running via Docker Compose with Traefik routing through CF tunnel. Phase 4: dSheet embed POC — React wrapper for @fileverse-dev/dsheet with collaborative mode toggle, IndexedDB persistence, Vite dev server. Phase 5: UCAN auth bridge — Ed25519 key generation, did:key encoding, JWT signing/verification, collaboration tokens, owner tokens, delegated access with proof chains. 9/9 tests pass. Zero external UCAN deps. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| src | ||
| README.md | ||
| package.json | ||
| tsconfig.json | ||
README.md
IPFS File Storage POC
Proof-of-concept for encrypted file uploads to IPFS, replacing centralized storage for rNotes.
Flow
1. User picks file in TipTap editor
2. Client generates per-file symmetric key
3. Client encrypts file with AES-256-GCM
4. Encrypted blob uploaded to IPFS (via Pinata or self-hosted kubo)
5. CID + encrypted file key stored in Automerge document metadata
6. To view: fetch CID → decrypt with file key → display
Setup
# Using Pinata (managed IPFS pinning)
# Store API keys in Infisical: infisical-project=fileverse, path=/ipfs
export PINATA_API_KEY=...
export PINATA_SECRET_KEY=...
npm install
npm run test
Files
src/ipfs-client.ts— Upload/download encrypted files to IPFSsrc/tiptap-image-extension.ts— TipTap extension for IPFS-backed imagessrc/test.ts— End-to-end test: encrypt → upload → download → decrypt
Status
Not started — waiting on Phase 1 crypto evaluation results.