From fbed19d3c56bdcfa8e49558ce26f13c869b30731 Mon Sep 17 00:00:00 2001 From: Jeff Emmett Date: Mon, 16 Mar 2026 02:32:34 +0000 Subject: [PATCH] feat: add UP integration backlog task-120, remove duplicate task-72 Co-Authored-By: Claude Opus 4.6 --- ...versal-Profiles-x-EncryptID-integration.md | 36 +++++++++++++ ...versal-Profiles-x-EncryptID-integration.md | 50 ------------------- 2 files changed, 36 insertions(+), 50 deletions(-) create mode 100644 backlog/tasks/task-120 - Universal-Profiles-x-EncryptID-integration.md delete mode 100644 backlog/tasks/task-72 - Universal-Profiles-x-EncryptID-integration.md diff --git a/backlog/tasks/task-120 - Universal-Profiles-x-EncryptID-integration.md b/backlog/tasks/task-120 - Universal-Profiles-x-EncryptID-integration.md new file mode 100644 index 0000000..f0d502e --- /dev/null +++ b/backlog/tasks/task-120 - Universal-Profiles-x-EncryptID-integration.md @@ -0,0 +1,36 @@ +--- +id: 120 +title: Universal Profiles × EncryptID integration +status: In Progress +priority: high +created: 2026-03-16 +--- + +## Description +Give every EncryptID user a LUKSO Universal Profile (LSP0 + LSP6) on Base, controlled by their passkey-derived secp256k1 key. + +## Phase 1: Core (DONE) +- [x] EVM key derivation (`encryptid-sdk/src/client/evm-key.ts`) — HKDF secp256k1 from PRF +- [x] UP deployment service (`encryptid-up-service/`) — Hono API with CREATE2, LSP6 permissions, LSP25 relay +- [x] SDK types — `eid.up` in JWT claims, `LSP6Permission` enum, UP request/response types +- [x] Session UP helpers — `getUPAddress()`, `hasUniversalProfile()`, `setUniversalProfile()` +- [x] Recovery hooks — `onUPRecovery()` for on-chain controller rotation +- [x] Schema migration — UP columns on users table +- [x] Server endpoints — `GET/POST /api/profile/:id/up`, UP info in JWT claims + +## Phase 2: UP-Aware Sessions +- [ ] Map EncryptID AuthLevel → LSP6 BitArray permissions on-chain +- [ ] Guardian → LSP6 controller mapping with ADDPERMISSIONS + +## Phase 3: Payment-Infra Migration +- [ ] WalletAdapter abstraction (UP + Openfort) +- [ ] New users → UP by default + +## Phase 4: NLA Oracle Integration +- [ ] `getEncryptIDWallet()` for CLI +- [ ] Escrow parties identified by UP address + +## Notes +- encryptid-up-service repo: https://gitea.jeffemmett.com/jeffemmett/encryptid-up-service +- Chain: Base Sepolia (84532) for dev, Base mainnet for prod +- LSP contracts are EVM-compatible, deployed on Base diff --git a/backlog/tasks/task-72 - Universal-Profiles-x-EncryptID-integration.md b/backlog/tasks/task-72 - Universal-Profiles-x-EncryptID-integration.md deleted file mode 100644 index 8476b14..0000000 --- a/backlog/tasks/task-72 - Universal-Profiles-x-EncryptID-integration.md +++ /dev/null @@ -1,50 +0,0 @@ ---- -title: "Universal Profiles × EncryptID Integration" -status: "In Progress" -priority: "high" -created: 2026-03-16 -labels: ["encryptid", "blockchain", "lukso", "base"] ---- - -# Universal Profiles × EncryptID Integration - -Give every EncryptID user a LUKSO Universal Profile (LSP0 + LSP6) on Base, controlled by their passkey-derived secp256k1 key. Replaces fragmented Openfort wallets and raw EOAs with a unified on-chain identity. - -## Phase 1: Core — EVM Key Derivation + UP Deployment Service (DONE) - -- [x] Client-side secp256k1 key derivation from PRF via HKDF (`evm-key.ts`) -- [x] UP deployment service (`encryptid-up-service/`) — Hono API with CREATE2 factory -- [x] LSP6 permission encoding (AuthLevel → BitArray mapping) -- [x] LSP25 gasless relay service -- [x] LSP3 profile metadata sync -- [x] Database schema migration (UP columns on users table) -- [x] JWT claims updated with `eid.up` object -- [x] Recovery hooks for on-chain controller rotation -- [ ] Deploy LSP0/LSP6 implementation contracts on Base Sepolia -- [ ] Set up Infisical secrets (RELAY_PRIVATE_KEY, JWT_SECRET) -- [ ] DNS record for up.encryptid.jeffemmett.com -- [ ] Install npm dependencies (requires root) -- [ ] End-to-end test: passkey → derive key → deploy UP → relay tx - -## Phase 2: SDK Integration — UP-Aware Sessions - -- [ ] UP info in JWT claims on auth -- [ ] GET/POST /api/profile/:id/up endpoints -- [ ] SessionManager: getUPAddress(), hasUniversalProfile() -- [ ] Guardian → LSP6 controller mapping for on-chain recovery - -## Phase 3: Payment-Infra Migration - -- [ ] WalletAdapter abstraction (UP + Openfort) -- [ ] New users → UP by default -- [ ] Optional Openfort → UP migration path - -## Phase 4: NLA Oracle Integration - -- [ ] getEncryptIDWallet() in NLA CLI -- [ ] --encryptid flag on create/fulfill/collect commands -- [ ] UP-identified escrow parties with LSP3 metadata - -## Notes - -- 2026-03-16: Phase 1 code complete. SDK changes in encryptid-sdk repo, UP service in encryptid-up-service (new, not yet a git repo). DB/server changes in rspace-online.bak.