Mailcow at mail.rmail.online uses a self-signed certificate.
Set tls.rejectUnauthorized: false for the SMTP transport.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add 2-of-3 guardian recovery system:
- Guardian invite via email or shareable link
- One-click approval page for recovery requests
- Social recovery initiation (anti-enumeration)
- 7-day recovery request expiry
Add second device linking:
- QR code + link for cross-device passkey registration
- 10-minute link expiry, one-time use
Enhanced profile page:
- Account security checklist (email, device, guardians)
- Guardian management (add/remove, max 3)
- Device linking with QR code display
- Recovery initiation form for lost devices
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Simplify resolveRpId() to always return 'rspace.online' so passkeys
registered from any r*.online domain share the same RP ID. Browsers
use .well-known/webauthn Related Origins to validate cross-domain
passkey usage. This makes one passkey work everywhere.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Update EncryptID SMTP defaults to use rmail.online Mailcow instance.
From address now noreply@rspace.online instead of noreply@jeffemmett.com.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Hono 4.11.10 made the `alg` parameter required in `verify()`. All 6
verify() calls were failing with "JWT verification requires alg option
to be specified", causing every token verification to return 401. This
broke space creation and all authenticated operations.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The allowedOrigins array only listed explicit subdomains (auth, cca, demo,
app, dev) so any canvas slug subdomain like create.rspace.online was
rejected by CORS. Switch to a function-based origin check that allows all
*.rspace.online subdomains dynamically.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Instead of hardcoding rpId to "rspace.online" (which requires Related
Origins support), derive the RP ID from the request's Origin header.
Each r* app (rmaps.online, rnotes.online, etc.) now gets its own RP ID
matching its domain, so passkeys work natively without browser support
for Related Origin Requests.
- Added resolveRpId() helper that maps Origin → hostname for allowed origins
- Registration creates passkeys with the caller's domain as RP ID
- Authentication uses the caller's domain as RP ID
- Added rp_id column to credentials table for per-credential RP ID tracking
- rspace.online subdomains still use rspace.online as shared RP ID
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The RP ID jeffemmett.com caused "relying party ID is not a registrable
domain suffix" errors on *.rspace.online subdomains. Related Origins
also exceeded the 5 eTLD+1 browser limit with 18+ domains listed.
Now rspace.online is the RP ID, so all *.rspace.online subdomains
(including cca.rspace.online) are valid automatically. The Related
Origins file only lists non-rspace.online r* ecosystem domains.
Also points rspace-header auth URL to auth.rspace.online.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Traefik routes auth.rspace.online (priority 150) with encryptid.jeffemmett.com
fallback. Landing page rebranded as rStack Identity with rStack.online ecosystem
tagline. Registration form now includes optional email for account recovery.
JWT issuer and recovery URL updated. 14 r* apps listed.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace marketing-only landing page with a functional auth page that
lets users register and sign in with passkeys. Shows profile view
after login with DID, passkey list, session info, and recovery email
setup. Still includes feature descriptions and r-suite app links.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add Traefik priority=200 and service assignment to encryptid-wellknown
router so it wins over canvas-website/personal-site for the
/.well-known/webauthn path on jeffemmett.com. Add missing origins
(rpubs.online, shop.mycofi.earth, canvas/press/cart.jeffemmett.com)
to the allowed origins list.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Adds space_members table and CRUD endpoints to EncryptID server for
centralized membership management. Extends Automerge CommunityDoc with
members map and PATCH endpoint for module→canvas shape updates.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Require DATABASE_URL and JWT_SECRET via env vars instead of falling back
to hardcoded defaults. Removes insecure fallback passwords from compose
file as well. Production was already using strong .env secrets.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Implements BFT-CRDT token infrastructure as FolkShape components that
live in the existing Automerge document — no new server or database needed.
Admins can create token types (mint) and issue them to participants by
DID or email (ledger), with real-time sync across all connected peers.
- folk-token-mint: token definition (name, symbol, supply, color, icon)
- folk-token-ledger: distribution tracker with issuance form, email escrow
- Canvas toolbar "Token" button creates mint+ledger+arrow pair
- Demo seeds: GOV (equal governance) and CRED (contribution credits)
- community-sync: remote property updates for both token shapes
- EncryptID: add rTube, rStack to allowed origins and landing page
- rSpace landing page: add EncryptID and interoperability sections
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add lightweight JSON WebSocket protocol (?mode=json) that bridges
Automerge to JSON for demo pages, avoiding the ~500KB Automerge bundle.
Includes GET /api/communities/:slug/shapes endpoint, POST demo reset
with rate limiting, Alpine Explorer 2026 seed data (~40 shapes), and
the useDemoSync React hook for real-time demo page connectivity.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add rnotes.online, rfunds.online, rtrips.online, rnetwork.online to
allowedOrigins for cross-r* authentication support.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace in-memory Maps with persistent PostgreSQL storage:
- Add db.ts with typed query functions for users, credentials, challenges
- Add schema.sql with users/credentials/challenges tables
- Update server.ts to use async DB queries
- Add postgres service to docker-compose
- Health endpoint now reports database connectivity
- Auto-cleanup of expired challenges every 10 minutes
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add global AbortController for conditional UI requests
- Call abortConditionalUI() at start of registerPasskey and authenticatePasskey
- Export abortConditionalUI from index for manual use if needed
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add bun build step to create browser-compatible JS from TypeScript
- Update demo.html to import from /dist/index.js
- Update server to serve /dist/* for bundled modules
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implements the EncryptID identity system for the r-ecosystem:
- WebAuthn/Passkey authentication with PRF extension for key derivation
- Client-side cryptographic key derivation (AES-256, ECDSA P-256, Ed25519)
- Social recovery system with guardians (no seed phrases!)
- Session management with authentication levels
- Cross-app SSO via Related Origin Requests
- Web components: login button and guardian setup panel
- Hono server for authentication endpoints
- Docker deployment configuration
Domain: encryptid.jeffemmett.com
RP ID: jeffemmett.com (for cross-subdomain passkey usage)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Jeff Emmett
Jeff Emmett