Server-side support for user profile management and zero-knowledge
postal address storage:
Schema:
- ALTER users table: add bio, avatar_url, profile_email,
profile_email_is_recovery, wallet_address, updated_at columns
- CREATE encrypted_addresses table with composite PK (id, user_id),
label CHECK constraint, and cleartext metadata for UI listing
DB layer:
- getUserProfile, updateUserProfile (dynamic column updates)
- getUserAddresses, getAddressById, saveUserAddress (upsert),
deleteUserAddress
- Default-address logic: unsets all others when isDefault=true
API routes:
- GET/PUT /api/user/profile — bio validation (500 chars), email format
- GET/POST /api/user/addresses — max 10 addresses, label validation
- PUT/DELETE /api/user/addresses/:id — 404 if not found
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Jeff Emmett
a2f0752fed