Require DATABASE_URL and JWT_SECRET via env vars instead of falling back
to hardcoded defaults. Removes insecure fallback passwords from compose
file as well. Production was already using strong .env secrets.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Implements BFT-CRDT token infrastructure as FolkShape components that
live in the existing Automerge document — no new server or database needed.
Admins can create token types (mint) and issue them to participants by
DID or email (ledger), with real-time sync across all connected peers.
- folk-token-mint: token definition (name, symbol, supply, color, icon)
- folk-token-ledger: distribution tracker with issuance form, email escrow
- Canvas toolbar "Token" button creates mint+ledger+arrow pair
- Demo seeds: GOV (equal governance) and CRED (contribution credits)
- community-sync: remote property updates for both token shapes
- EncryptID: add rTube, rStack to allowed origins and landing page
- rSpace landing page: add EncryptID and interoperability sections
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add lightweight JSON WebSocket protocol (?mode=json) that bridges
Automerge to JSON for demo pages, avoiding the ~500KB Automerge bundle.
Includes GET /api/communities/:slug/shapes endpoint, POST demo reset
with rate limiting, Alpine Explorer 2026 seed data (~40 shapes), and
the useDemoSync React hook for real-time demo page connectivity.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add rnotes.online, rfunds.online, rtrips.online, rnetwork.online to
allowedOrigins for cross-r* authentication support.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace in-memory Maps with persistent PostgreSQL storage:
- Add db.ts with typed query functions for users, credentials, challenges
- Add schema.sql with users/credentials/challenges tables
- Update server.ts to use async DB queries
- Add postgres service to docker-compose
- Health endpoint now reports database connectivity
- Auto-cleanup of expired challenges every 10 minutes
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add global AbortController for conditional UI requests
- Call abortConditionalUI() at start of registerPasskey and authenticatePasskey
- Export abortConditionalUI from index for manual use if needed
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add bun build step to create browser-compatible JS from TypeScript
- Update demo.html to import from /dist/index.js
- Update server to serve /dist/* for bundled modules
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implements the EncryptID identity system for the r-ecosystem:
- WebAuthn/Passkey authentication with PRF extension for key derivation
- Client-side cryptographic key derivation (AES-256, ECDSA P-256, Ed25519)
- Social recovery system with guardians (no seed phrases!)
- Session management with authentication levels
- Cross-app SSO via Related Origin Requests
- Web components: login button and guardian setup panel
- Hono server for authentication endpoints
- Docker deployment configuration
Domain: encryptid.jeffemmett.com
RP ID: jeffemmett.com (for cross-subdomain passkey usage)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Jeff Emmett