Decentralized social media network — no central server, user-owned data
7e1e1dd738
Reset All Data: - Sentinel now written at the app-level data_dir instead of the active identity's subdir. On Android the subdir path was never checked at startup, so reset silently did nothing. - On detection, wipe EVERYTHING under the app data_dir: identity.key, itsgoin.db + WAL + SHM, blobs, all identity subdirs. Next launch is truly fresh — new network key, new posting key, no prior data. First-run name: - Display name is optional. Blank submits as anonymous. - First-run modal + profile overlay placeholder updated to say "Display name (optional)". Android file picker: - pick_file on Android now uses tauri-plugin-android-fs' show_open_file_dialog (Storage Access Framework OPEN_DOCUMENT). Read the picked URI's bytes, stage them in the app's private cache as a timestamped file, return the staged path so existing import_* code can read it as a regular filesystem path. - Zip filter passes application/zip + application/octet-stream (some file providers report the latter for .zip). Android auto-backup off: - AndroidManifest: allowBackup="false", fullBackupContent="false", dataExtractionRules pointing at new data_extraction_rules.xml - New data_extraction_rules.xml excludes all domains from both cloud-backup and device-transfer. Prior default (allowBackup=true) silently replicated identity.key to Google Drive for any user with cloud backup on — which effectively published the root secret to a third party without asking. Users who want off-device backup use Settings -> Export (explicit zip they control). Import as personas: - New import_as_personas function in core/import.rs + new import_as_personas_cmd Tauri IPC. - Reads identity.key from the bundle and adds it to posting_identities as a persona. Also reads posting_identities.json (v0.6+ bundles) and adds each entry. Dedupes by node_id. - Posts stay AS-AUTHORED — original post_id, original author, original signatures, original wrapped_key recipients. No re-encryption. Content encrypted to any of the imported keys becomes decryptable because we now hold the secrets. - Blobs, follows, profiles copied across. - If current device has <=1 posting identity (the fresh-install one) and the bundle brings more, auto-switch the default to the first imported persona. Covers first-run-then-import flow cleanly. Import wizard UI: - New default option: "Restore as personas" — posts keep original authors; source's keys become personas you can post as. - Old "Merge with decryption key" retained as "Consolidate under current default persona (requires source key)" for the case where a user intentionally abandons a persona. - "Public posts only" and "Add as separate identity" retained. deploy.sh made executable (chmod +x tracked). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| crates | ||
| deploy | ||
| docs | ||
| frontend | ||
| website | ||
| .gitignore | ||
| .sync-exclude.lst | ||
| ARCHITECTURE.md | ||
| build-appimage.sh | ||
| Cargo.lock | ||
| Cargo.toml | ||
| deploy.sh | ||
| download-page.html | ||
| IMPLEMENTATION_PLAN_0.6.md | ||
| pic2.png | ||
| project discussion.txt | ||
| project-notes-from-elitebook.md | ||
| TODO.md | ||
