diff options
Diffstat (limited to 'planning.md')
| -rw-r--r-- | planning.md | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/planning.md b/planning.md new file mode 100644 index 0000000..d17d176 --- /dev/null +++ b/planning.md | |||
| @@ -0,0 +1,78 @@ | |||
| 1 | /* ! | ||
| 2 | |||
| 3 | # Authentication and Key Management Requirements | ||
| 4 | |||
| 5 | ## User Experience | ||
| 6 | |||
| 7 | For a smooth UX: | ||
| 8 | 1. a private key should only need to be imported once | ||
| 9 | 2. authentication to sign events should persist at least across multiple calls | ||
| 10 | to the cli tool within a single terminal session. | ||
| 11 | |||
| 12 | ## Security | ||
| 13 | |||
| 14 | 1. key material must be encrypted with a salted passphrase when stored on disk. | ||
| 15 | 2. the passphase should only be accessable | ||
| 16 | a) by this specific cli tool; or alternatively | ||
| 17 | b) only within the terminal session | ||
| 18 | |||
| 19 | |||
| 20 | # Implementation | ||
| 21 | |||
| 22 | Every private key entired into the tool is encrypted with a salted user | ||
| 23 | provided passphrase and stored on disk in the tool's configuration file | ||
| 24 | alongside display_name and public key for identification. | ||
| 25 | |||
| 26 | The private key of the current logged-in user is encrypted with a salted | ||
| 27 | randomly generated token and stored on disk in the configuration file alongside | ||
| 28 | the public key for identification. The token is stored in the OS's keyring | ||
| 29 | using a rust crate called 'keyring'. On Linux this expires after a few days | ||
| 30 | whilst on Windows and MacOS it never expires. | ||
| 31 | |||
| 32 | Should the token be cycled? cycling the token would prevent an attacker who had | ||
| 33 | access to only the token or the encrypted key from returning after the token | ||
| 34 | had been cycled. This isn't worth it. An attacker is much more likely to have | ||
| 35 | access to both simultainiously. | ||
| 36 | |||
| 37 | logout should delete the key encrypted with the token and the token. It should | ||
| 38 | give the option to clear encrypted key material for the current user or all | ||
| 39 | users. | ||
| 40 | |||
| 41 | */ | ||
| 42 | |||
| 43 | init | ||
| 44 | |||
| 45 | initialize repoisiotr | ||
| 46 | |||
| 47 | |||
| 48 | replaceable event | ||
| 49 | |||
| 50 | commit id | ||
| 51 | |||
| 52 | search by initial commit / initial 5 commits | ||
| 53 | name | ||
| 54 | |||
| 55 | |||
| 56 | |||
| 57 | initialising a reposistory | ||
| 58 | |||
| 59 | |||
| 60 | git nostr init | ||
| 61 | > intialise repo | ||
| 62 | |||
| 63 | |||
| 64 | git nostr init - request patches / PRs, issues, | ||
| 65 | features to support | ||
| 66 | -- branch | ||
| 67 | -- patches / PRs | ||
| 68 | -- issues | ||
| 69 | |||
| 70 | -- override git push to also push to nostr. | ||
| 71 | |||
| 72 | settings | ||
| 73 | --git-repos - one or more git repositories where the latest commits can be pulled from | ||
| 74 | --name | ||
| 75 | --description | ||
| 76 | |||
| 77 | |||
| 78 | git push nostr main | ||