Rich landing page with do-ocratic framing, SVG circuit diagram,
"GovMods" branding, modular governance vs monolithic comparison,
and onboarding action. Module now has landingPage function for
bare-domain rendering.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace 3-tab layout (Pool/Weave/Collaborate) with 2-tab Canvas + Collaborate.
Canvas tab has collapsible left pool panel with orbs alongside infinite SVG
canvas with pan/zoom (ctrl+wheel zoom, wheel pan, space+drag, touch pinch).
- Long-press orb in pool → drag onto canvas to create commitment node
- Drop on matching task port auto-creates wire connection
- Gold glow highlights unfulfilled task ports matching dragged skill
- "Frame as Tasks" button on solver results creates task nodes with
dashed intent frame on canvas
- Add intentFrameId to Task schema for solver-to-task linkage
- Zoom controls overlay (+/−/reset)
- Light/dark theme support for all new elements
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add MoonPay as the primary card payment provider for rCart. MoonPay
uses HMAC-SHA256 signed URLs (no session API needed, no IP whitelisting).
Falls back to Transak if MoonPay keys aren't configured.
- shared/moonpay.ts: URL builder with HMAC signing, currency mapping
- New /api/payments/:id/card-session endpoint picks provider automatically
- Frontend uses unified startCardPayment() with multi-provider message handling
- Set MOONPAY_API_KEY + MOONPAY_SECRET_KEY to activate
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Hardcoded PRODUCTION overrode the Infisical value. Use env var with
STAGING default until Transak production gateway auth issue is resolved.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Production gateway rejects tokens from api.transak.com. Try getting
the access token from the gateway endpoint first (which staging
confirms works), then fall back to the legacy API endpoint.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Transak now requires widget URLs to be generated server-side via their
gateway session API. Direct query-parameter URLs are deprecated.
- Add getAccessToken() with 7-day caching for partner access tokens
- Add createSecureWidgetUrl() that calls the gateway session endpoint
- Falls back to legacy direct URL if gateway returns an error (e.g.
production IP not yet whitelisted)
- Update rCart and rFlows to use the secure API
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Transak rejects `cryptoAmount` when combined with fiatCurrency params.
Use `defaultCryptoAmount` which pre-fills the amount without conflicting.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The payment request form button was cut off on mobile because the shell
uses height:100vh with overflow:hidden on #app. Add padding-bottom to
the .page container so the button scrolls into view within the flex
overflow:auto content area.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
SyncServer.setDoc() was not calling onDocChange, so documents created
via setDoc (including payment requests) were only stored in memory and
lost on container restart. This caused "Payment request not found"
errors after deploys. Now setDoc triggers the same persistence callback
as changeDoc.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Payment request URLs (e.g. /rcart/pay/:id) should be accessible without
authentication, even in private spaces. The API endpoints were already
exempted from auth, but the client-side shell gate was redirecting
unauthenticated visitors to the module landing page. Set
spaceVisibility="public" on the payment page render to bypass this.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Transak production also sends X-Frame-Options: SAMEORIGIN, blocking
iframe embeds. Switch to popup window for all environments, not just
staging. Show "payment opened in new window" status with re-open button.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
TRANSAK_ENV was set to PRODUCTION but TRANSAK_API_KEY_PRODUCTION was
missing, causing the Transak session endpoint to return 503. Add the
env var reference so rCart card payments work in production.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Use `user-${email}` instead of raw `email` as the Openfort player label,
matching the flow-service convention. Openfort rejects colons in labels,
and both codepaths must use the same format so users get the same wallet
regardless of whether they on-ramp via rfunds.online or rspace.online.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
When a logged-in user visits a private space they don't have access to,
the gate now shows a "Request Access" button (calls POST /api/spaces/:slug/access-requests)
and a "Go to {username}'s Space" secondary link. Handles already-pending (409) gracefully.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Landing, module-landing, and sub-page-info pages showed a stale "Spaces"
dropdown. Now checks encryptid_session and sets the switcher to
{username}'s Space (logged in) or demo (logged out).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Space creation popup slug field now shows input followed by .rspace.online
suffix instead of rspace.online/ prefix. Also fixes rtasks notification
link and browser extension help text.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Enable pasting structured shape data from tldraw, Excalidraw, and generic
JSON into the rSpace canvas, with automatic type conversion and viewport
centering. Ctrl+C on selected shapes writes rSpace JSON to clipboard for
round-trip paste or external consumption.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Connection & exec state persistence (POST /api/connections, PUT exec-state)
- Exec step detail forms for all 5 types (venue, comms, notes, prep, launch)
- Step state machine fix: click to expand/collapse, action button to complete
- Task editor links field with dynamic add/remove and server persistence
- Cyclos-aware launch handler with fallback to demo celebration
- Fix dead EXEC_STEPS[taskId] lookup, auto-place first task on empty canvas
- DID display truncation for unreadable DIDs in intent routes
- Dark/light theme toggle with localStorage persistence
- Hex hover stroke, commitment description in hex nodes, edit pencil on tasks
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Pin encrypted backups and AI-generated files to Kubo (ipfs.jeffemmett.com)
as fire-and-forget redundancy. Filesystem remains primary storage — IPFS
failures are logged and swallowed. Adds /api/ipfs routes for status,
pin/unpin, and gateway proxy.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
ImapFlow clients were created without .on('error') handlers. Socket
timeouts emitted unhandled errors that crashed the entire process,
taking down all 32 modules. Added error handlers to all 3 ImapFlow
instantiation sites and a process-level uncaughtException/unhandledRejection
safety net.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The Dockerfile's healthcheck hit a nonexistent /health endpoint, causing
permanent "unhealthy" status. Override with a check that accepts any HTTP
response (including 401) as proof the service is running.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Modules now declare their canvas shapes and AI tools (canvasShapes/canvasToolIds
on RSpaceModule), creating a single source of truth that the canvas enforces:
- Phase 1: Extended RSpaceModule + ModuleInfo, added moduleId to CanvasToolDefinition
with getToolsForModules() filter, added moduleOf() to ShapeRegistry, populated
declarations in 9 modules, fixed 8 ungated toolbar buttons (rchoices, rwallet, rsocials)
- Phase 2: AI prompt sends enabledModules, server filters Gemini tool declarations
- Phase 3: folk-commitment-pool and folk-task-request show lock overlay when rtime disabled
- Phase 4: Extracted MODULE_META into shared lib/module-display.ts
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Fire commitment_accepted/commitment_declined notifications when solver
results are accepted/rejected in intent-routes.ts
- Fire commitment_declined when a connection is deleted in mod.ts
- Add metadata (resultId, fromCommitmentId) to commitment_requested notify
- Fix actionUrl to use /rtime (subdomain-relative), not /{space}/rtime
- Add Accept/Decline action buttons in notification bell for
commitment_requested events (same pattern as space_invite)
- Add email delivery channel to notification-service: sends from
{space}-agent@rspace.online via SMTP, respects emailEnabled preference,
inline HTML template with dark theme
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Two new FolkShape subclasses enable drag-from-pool-to-task interactions on
the canvas. Orbs dragged from the commitment pool highlight matching skill
slots on task request cards and POST connections via the rTime API. Adds
commitment_requested notification type so commitment owners are notified
when their time is requested.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Authenticated users visiting {space}.rspace.online/ now get a server-side
302 to /rspace instead of rendering the full dashboard then JS-redirecting
(eliminates flash of wrong header + 2-3 redirect chain → single redirect).
Bare domain rspace.online/{space} now 301-redirects to {space}.rspace.online/
so /{space}/ never appears in the URL bar.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add folk-mermaid-gen web component: AI-powered diagram generation via
Ollama, client-side SVG preview via mermaid.js, animated GIF export via
mermaid.rspace.online API
- Register in canvas tools, toolbar, and shape registry
- Add role selector dropdown to share panel invite form (backend already
supports role parameter)
- Fix pre-existing TS errors: SankeyNode missing address field,
SpaceMember type mismatch in WebSocket auth fallback
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Move RSpaceOfflineRuntime, CommunitySync, OfflineStore, and
RStackHistoryPanel into a new shell-offline.ts chunk loaded via
dynamic import(). This removes ~2.5MB of Automerge WASM from the
critical path, reducing blocking JS from ~960KB to ~150KB brotli.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- App switcher: only show "Manage rApps" when there are actually
disabled modules or active restrictions. Move "Available to Add"
above "Remove" to prioritize adding. Eliminates duplicate module
listing when all modules are enabled.
- Shell: update app switcher on modules-changed event (was only
updating tab bar and folk-rapp, not the sidebar itself).
- SMTP: use space-agent@rspace.online as From for invite/approval
emails with proper envelope sender for DKIM alignment.
- Shell CSS: fix banner z-index, smooth header transition on banner.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Remote cursors were broadcast as viewport-relative (clientX/Y), causing
them to appear at wrong positions when users had different scroll offsets.
Now sends page-relative coords and converts back on the receiver side.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Jeff Emmett
Jeff Emmett