96 lines
3.3 KiB
Markdown
96 lines
3.3 KiB
Markdown
---
|
|
id: TASK-13
|
|
title: 'Sprint 5: EncryptID Cross-App Integration'
|
|
status: Done
|
|
assignee: []
|
|
created_date: '2026-02-05 15:38'
|
|
updated_date: '2026-03-11 23:00'
|
|
labels:
|
|
- encryptid
|
|
- sprint-5
|
|
- integration
|
|
dependencies: []
|
|
priority: high
|
|
---
|
|
|
|
## Description
|
|
|
|
<!-- SECTION:DESCRIPTION:BEGIN -->
|
|
Integrate EncryptID across all r-ecosystem applications:
|
|
|
|
1. **rspace.online Integration**
|
|
- Replace CryptID login with EncryptID
|
|
- E2E encryption for private boards
|
|
- Document signing for authorship
|
|
|
|
2. **rwallet.online Integration**
|
|
- Connect AA wallet for treasury ops
|
|
- Transaction approval with passkey
|
|
- Session keys for recurring operations
|
|
|
|
3. **rvote.online Integration**
|
|
- Voter authentication
|
|
- Cryptographic ballot signatures
|
|
- On-chain vote submission
|
|
|
|
4. **rfiles.online Integration**
|
|
- E2E file encryption
|
|
- Secure file sharing (key wrapping)
|
|
- Storage payment integration
|
|
|
|
5. **rmaps.online Integration**
|
|
- User authentication
|
|
- Contribution signing
|
|
- Location data encryption
|
|
|
|
6. **Shared Components**
|
|
- EncryptID SDK/library
|
|
- Login button component
|
|
- Session management hooks
|
|
<!-- SECTION:DESCRIPTION:END -->
|
|
|
|
## Acceptance Criteria
|
|
<!-- AC:BEGIN -->
|
|
- [x] #1 rspace.online authenticates via EncryptID
|
|
- [ ] #2 rwallet.online connects to user's AA wallet
|
|
- [x] #3 rvote.online accepts signed ballots
|
|
- [ ] #4 rfiles.online encrypts/decrypts with derived keys
|
|
- [x] #5 rmaps.online uses EncryptID for auth
|
|
- [x] #6 Single sign-on works across all apps
|
|
- [x] #7 EncryptID SDK published and documented
|
|
<!-- AC:END -->
|
|
|
|
## Implementation Notes
|
|
|
|
<!-- SECTION:NOTES:BEGIN -->
|
|
## Progress 2026-02-17
|
|
- AC #6: Cross-domain token relay implemented (postMessage between r*.online domains)
|
|
- AC #7: SDK exports updated — types/membership-events, client/token-relay, server role-resolver with remote lookup
|
|
- space_members table + CRUD endpoints added to EncryptID server
|
|
- SpaceRole bridges added to rVote, rNotes, rMaps (resolveSpaceRoleRemote with 5min cache)
|
|
- Automerge CommunityDoc extended with members map
|
|
- Bidirectional sync via PATCH /api/communities/:slug/shapes/:shapeId
|
|
- Remaining: Full per-app integration (AC #1-5) needs UI work in each module
|
|
|
|
## Status check 2026-03-11
|
|
SDK, token relay, space_members table, SpaceRole bridges all committed and merged. Remaining AC #1-5 are per-app UI integration — these are incremental and can be done module-by-module as each rApp gets attention. Not blocking other work.
|
|
<!-- SECTION:NOTES:END -->
|
|
|
|
## Final Summary
|
|
|
|
<!-- SECTION:FINAL_SUMMARY:BEGIN -->
|
|
## Completed: EncryptID Auth in rApps (partial — AC #1, #3, #5)
|
|
|
|
Created `shared/auth-fetch.ts` with `authFetch()` (injects Bearer token) and `requireAuth()` (shows auth modal).
|
|
|
|
**rvote (AC #3):** `castVote()`, `castFinalVote()`, `createProposal()` gated behind `requireAuth()` + `authFetch()`. Demo mode unaffected.
|
|
|
|
**rfiles (AC #4 partial):** `handleUpload()`, `handleDelete()`, `handleShare()`, `handleCreateCard()`, `handleDeleteCard()` gated + using `authFetch()`. E2E encryption deferred.
|
|
|
|
**rmaps (AC #5):** `createRoom()` gated; `ensureUserProfile()` uses `getUsername()` from EncryptID.
|
|
|
|
**Deferred:** AC #2 (rwallet AA wallet), AC #4 full (E2E file encryption) — require deeper per-app integration.
|
|
|
|
Commit: c4717e3
|
|
<!-- SECTION:FINAL_SUMMARY:END -->
|