2 Commits

Author	SHA1	Message	Date
Jeff Emmett	46c2a0b035	feat: layered local-first data architecture — encrypted backup, relay persistence, at-rest encryption ... Implement the 4-layer data model (device → encrypted backup → shared sync → federated): - Extract shared encryption-utils from community-store (deriveSpaceKey, AES-256-GCM, rSEN format) - Encrypt module docs at rest when space has meta.encrypted === true - Fix relay mode persistence: relay-backup/relay-restore wire protocol + .automerge.enc blob storage - Add backup store + REST API (PUT/GET/DELETE /api/backup/:space/:docId) with JWT auth - Add client BackupSyncManager with delta-only push, full restore, auto-backup - Wire backup stubs in encryptid-bridge to BackupSyncManager - Add rspace-backups Docker volume - Create docs/DATA-ARCHITECTURE.md design doc with threat model and data flow diagrams Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-02 17:09:07 -08:00
Jeff Emmett	0fb4135ac6	feat: wire DocSyncManager into rSpace WebSocket server ... Protocol multiplexing on existing /ws/{slug} endpoint: - Messages with docId (subscribe/unsubscribe/sync/awareness) → SyncServer - Messages without docId → legacy canvas handlers (unchanged) New files: doc-persistence.ts (debounced Automerge save/load), sync-instance.ts (SyncServer singleton with participant mode). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-25 05:19:21 +00:00