Build context changed to parent directory so the encryptid-sdk
(referenced as file:../encryptid-sdk) is accessible during build.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace in-memory Maps with persistent PostgreSQL storage:
- Add db.ts with typed query functions for users, credentials, challenges
- Add schema.sql with users/credentials/challenges tables
- Update server.ts to use async DB queries
- Add postgres service to docker-compose
- Health endpoint now reports database connectivity
- Auto-cleanup of expired challenges every 10 minutes
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add bun build step to create browser-compatible JS from TypeScript
- Update demo.html to import from /dist/index.js
- Update server to serve /dist/* for bundled modules
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Change Traefik entrypoint from websecure to web (Cloudflare terminates TLS)
- Replace curl with bun-based healthcheck (curl not in slim image)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Bun no longer accepts --production=false syntax. DevDependencies
are included by default during install.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implements the EncryptID identity system for the r-ecosystem:
- WebAuthn/Passkey authentication with PRF extension for key derivation
- Client-side cryptographic key derivation (AES-256, ECDSA P-256, Ed25519)
- Social recovery system with guardians (no seed phrases!)
- Session management with authentication levels
- Cross-app SSO via Related Origin Requests
- Web components: login button and guardian setup panel
- Hono server for authentication endpoints
- Docker deployment configuration
Domain: encryptid.jeffemmett.com
RP ID: jeffemmett.com (for cross-subdomain passkey usage)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Jeff Emmett