Sologretto/itsgoin
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
Decentralized social media network — no central server, user-owned data
74 commits 2 branches 0 tags 176 MiB
Find a file
Scott Reimers 8b2881d84a Phase 2d: profile posts signed by the posting identity 
Display metadata (display_name, bio, avatar_cid) is no longer broadcast via
the ProfileUpdate direct push when the user edits their name. It travels as
a signed public post with VisibilityIntent::Profile, authored by the posting
identity, and propagates through the normal neighbor-manifest CDN path.

Core pieces:
- `types::ProfilePostContent` — JSON payload serialized into the post's
  content field. Ed25519 signature by the posting secret over length-prefixed
  display_name + bio + 32-byte avatar_cid (or zeros) + timestamp.
- `crypto::{sign,verify}_profile` with strict length prefixing to prevent
  extension attacks.
- New `profile` module: `build_profile_post`, `verify_profile_post`,
  `apply_profile_post_if_applicable`. Last-writer-wins by timestamp.
- `control::receive_post` now verifies Profile-intent posts upfront (same
  as Control) so bogus signatures never enter storage, and applies them
  after store so the `profiles` row updates atomically with the insert.

Node API:
- `Node::set_profile` rewritten: builds a signed Profile post, stores under
  intent=Profile, applies it locally (upserts the profiles row keyed by the
  posting identity), then propagates via `update_neighbor_manifests_as`.
  Stops calling `network.push_profile` — display changes no longer trigger
  a direct wire push.
- `Node::my_profile` / `has_profile` read by `default_posting_id` instead of
  `node_id`, matching where the row is written now.

ProfileUpdate (0x50) and push_profile stay for now — they still carry
routing-only data (anchors, recent_peers, preferred_peers) via
`sanitized_for_network_broadcast` and are used by `set_anchors` /
`set_public_visible`. Removing the routing fields would be a broader
cleanup; scoped out of this phase.

Tests: roundtrip verify+store, wrong-author rejection (not stored), and
older-timestamp ignored. 114 / 114 core tests pass.
2026-04-22 22:30:27 -04:00
crates Phase 2d: profile posts signed by the posting identity 2026-04-22 22:30:27 -04:00
deploy ItsGoin v0.3.2 — Decentralized social media network 2026-03-15 20:23:09 -04:00
docs v0.4.1: Security hardening, lock contention fixes, data cleanup 2026-03-21 19:30:38 -04:00
frontend Phase 2c: remove audience + PostPush + PostNotification + AudienceRequest/Response 2026-04-22 22:20:02 -04:00
website v0.6.1 release: version bump + changelog 2026-04-22 17:57:28 -04:00
.gitignore Add build-appimage.sh and deploy.sh automation scripts 2026-04-19 16:01:34 -04:00
.sync-exclude.lst ItsGoin v0.3.2 — Decentralized social media network 2026-03-15 20:23:09 -04:00
ARCHITECTURE.md ItsGoin v0.3.2 — Decentralized social media network 2026-03-15 20:23:09 -04:00
build-appimage.sh Add build-appimage.sh and deploy.sh automation scripts 2026-04-19 16:01:34 -04:00
Cargo.lock v0.6.1 release: version bump + changelog 2026-04-22 17:57:28 -04:00
Cargo.toml ItsGoin v0.3.2 — Decentralized social media network 2026-03-15 20:23:09 -04:00
deploy.sh Platform: Reset wipe, empty name, Android browse + backup-off, import as personas 2026-04-22 17:40:21 -04:00
download-page.html ItsGoin v0.3.2 — Decentralized social media network 2026-03-15 20:23:09 -04:00
IMPLEMENTATION_PLAN_0.6.md Implementation plan: drop cross-version compat, beta/stable as separate networks 2026-04-21 18:26:55 -04:00
pic2.png v0.4.4: UI overhaul — sticky header, mobile nav, profiles/redundancy lightboxes 2026-03-23 00:56:27 -04:00
project discussion.txt ItsGoin v0.3.2 — Decentralized social media network 2026-03-15 20:23:09 -04:00
project-notes-from-elitebook.md ItsGoin v0.3.2 — Decentralized social media network 2026-03-15 20:23:09 -04:00
TODO.md ItsGoin v0.3.2 — Decentralized social media network 2026-03-15 20:23:09 -04:00