2026-03-17 00:03:08 +00:00
|
|
|
<script setup lang="ts">
|
feat: Phase 3 Week 7 — typed message UI, session badges, rich chat cards
Frontend store (mesh.ts):
- Add typed message interfaces: InvoiceData, AlertData, CoordinateData,
SessionStatus, AlertStatus, MeshMessageTypeLabel
- New actions: sendInvoice, sendCoordinate, sendAlert, getSessionStatus,
rotatePrekeys
Mesh.vue UI:
- Typed message rendering in chat bubbles:
- Invoice: orange card with sats amount, memo, bolt11 preview, paid badge
- Alert: red card (emergency/dead_man) or blue (status), signed badge,
GPS link to OpenStreetMap
- Coordinate: blue card with lat/lng, label, OSM map link
- Block header: purple inline with chain icon
- Session badge in chat header: green shield (Double Ratchet),
yellow (static encryption), gray (none)
- Session status fetched on peer selection via mesh.session-status RPC
Mock backend:
- Messages now include message_type and typed_payload fields
- Mix of text, invoice (paid + unpaid), alert (emergency + status),
coordinate, and block_header messages for testing
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-17 02:34:37 +00:00
|
|
|
import { ref, computed, watch, nextTick, onMounted, onUnmounted } from 'vue'
|
2026-03-17 00:03:08 +00:00
|
|
|
import { useMeshStore } from '@/stores/mesh'
|
2026-03-17 00:45:37 +00:00
|
|
|
import { useTransportStore } from '@/stores/transport'
|
2026-04-13 13:19:30 -04:00
|
|
|
import type { MeshMessage, MeshPeer, SessionStatus } from '@/stores/mesh'
|
2026-03-17 00:03:08 +00:00
|
|
|
import AnimatedLogo from '@/components/AnimatedLogo.vue'
|
2026-03-19 16:12:01 +00:00
|
|
|
import MeshMap from '@/components/MeshMap.vue'
|
2026-03-21 02:43:28 +00:00
|
|
|
import MeshBitcoinPanel from '@/views/mesh/MeshBitcoinPanel.vue'
|
|
|
|
|
import MeshDeadmanPanel from '@/views/mesh/MeshDeadmanPanel.vue'
|
feat: Phase 4 — off-grid Bitcoin relay, block headers, dead man's switch
- Typed message dispatch in listener (BlockHeader, TxRelay, LightningRelay, Alert, TxConfirmation)
- Base64 encoding for binary payloads over LoRa (fixes NUL byte truncation)
- Compact block header announcements (88 bytes, fits 160-byte LoRa limit)
- Block header announcer: internet nodes auto-announce new blocks to Archy peers
- TX relay: mesh-only nodes can broadcast transactions via internet-connected peers
- Confirmation tracking: relay node monitors 1/3, 2/3, 3/3 confirmations, sends updates back
- Dead man's switch background task with configurable interval and signed alert broadcast
- 6 new RPC endpoints: relay-tx, block-headers, relay-lightning, deadman-status/configure/checkin
- lnd.create-raw-tx: create signed TX without broadcasting (for mesh relay)
- Web5 wallet: offline detection + "Send via mesh?" prompt with auto relay + confirmation polling
- Mesh.vue: Off-Grid Bitcoin tab, Dead Man tab, Send Bitcoin/Lightning buttons
- TX/Lightning relay sends only to Archy peers (not broadcast to all devices)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-17 15:51:56 +00:00
|
|
|
import { rpcClient } from '@/api/rpc-client'
|
2026-03-22 03:30:21 +00:00
|
|
|
import '@/views/mesh/mesh-styles.css'
|
2026-03-17 00:03:08 +00:00
|
|
|
|
|
|
|
|
const mesh = useMeshStore()
|
2026-03-17 00:45:37 +00:00
|
|
|
const transport = useTransportStore()
|
2026-03-17 00:03:08 +00:00
|
|
|
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
// Responsive layout breakpoints
|
|
|
|
|
const isWideDesktop = ref(window.innerWidth >= 1536)
|
|
|
|
|
const isMobile = ref(window.innerWidth < 1280)
|
|
|
|
|
|
|
|
|
|
function handleResize() {
|
|
|
|
|
isWideDesktop.value = window.innerWidth >= 1536
|
|
|
|
|
isMobile.value = window.innerWidth < 1280
|
|
|
|
|
}
|
|
|
|
|
|
2026-03-17 00:03:08 +00:00
|
|
|
// Active chat: either a peer or a channel
|
|
|
|
|
const activeChatPeer = ref<MeshPeer | null>(null)
|
|
|
|
|
const activeChatChannel = ref<{ index: number; name: string } | null>(null)
|
|
|
|
|
const messageText = ref('')
|
|
|
|
|
const sendError = ref('')
|
|
|
|
|
const broadcasting = ref(false)
|
|
|
|
|
const configuring = ref(false)
|
2026-03-18 10:50:13 +00:00
|
|
|
const connectingDevice = ref<string | null>(null)
|
2026-03-17 00:03:08 +00:00
|
|
|
const chatScrollEl = ref<HTMLElement | null>(null)
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
const mobileShowChat = ref(false)
|
2026-03-17 00:03:08 +00:00
|
|
|
let pollInterval: ReturnType<typeof setInterval> | null = null
|
|
|
|
|
|
|
|
|
|
// The Public channel (always available on Meshcore)
|
|
|
|
|
const publicChannel = { index: 0, name: 'Public' }
|
|
|
|
|
|
2026-04-12 12:11:00 -04:00
|
|
|
// Channel contact_id convention: matches backend u32::MAX - channel_index
|
|
|
|
|
function channelContactId(channelIndex: number): number {
|
|
|
|
|
return 4294967295 - channelIndex // u32::MAX - index
|
|
|
|
|
}
|
|
|
|
|
|
2026-03-19 22:24:27 +00:00
|
|
|
// Archipelago Channel — Tor-based messaging to all federated/peered nodes
|
|
|
|
|
const archChannelActive = ref(false)
|
2026-04-12 12:11:00 -04:00
|
|
|
const archMessages = ref<Array<{ from_pubkey: string; from_name?: string; message: string; timestamp: string; direction?: string }>>([])
|
2026-03-19 22:24:27 +00:00
|
|
|
const archUnread = ref(0)
|
|
|
|
|
let archPollInterval: ReturnType<typeof setInterval> | null = null
|
2026-04-12 12:11:00 -04:00
|
|
|
// Federation node name cache: pubkey -> node name
|
|
|
|
|
const fedNodeNames = ref<Record<string, string>>({})
|
2026-03-19 22:24:27 +00:00
|
|
|
|
2026-04-12 12:11:00 -04:00
|
|
|
async function openArchChannel() {
|
2026-03-19 22:24:27 +00:00
|
|
|
activeChatPeer.value = null
|
|
|
|
|
activeChatChannel.value = null
|
|
|
|
|
archChannelActive.value = true
|
|
|
|
|
archUnread.value = 0
|
|
|
|
|
mobileShowChat.value = true
|
2026-04-12 12:11:00 -04:00
|
|
|
// Load federation node names for resolving pubkeys to names
|
|
|
|
|
try {
|
|
|
|
|
const res = await rpcClient.federationListNodes()
|
|
|
|
|
const names: Record<string, string> = {}
|
|
|
|
|
for (const node of res.nodes) {
|
|
|
|
|
if (node.pubkey) names[node.pubkey] = node.name || node.did.slice(0, 12) + '...'
|
|
|
|
|
}
|
|
|
|
|
fedNodeNames.value = names
|
|
|
|
|
} catch { /* non-fatal */ }
|
2026-03-19 22:24:27 +00:00
|
|
|
loadArchMessages()
|
|
|
|
|
if (!archPollInterval) {
|
|
|
|
|
archPollInterval = setInterval(loadArchMessages, 15000)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function loadArchMessages() {
|
|
|
|
|
try {
|
|
|
|
|
const res = await rpcClient.getReceivedMessages()
|
2026-04-12 12:11:00 -04:00
|
|
|
const newMessages = res.messages || []
|
|
|
|
|
// Track unread: count new received messages since last load
|
|
|
|
|
if (archMessages.value.length > 0 && !archChannelActive.value) {
|
|
|
|
|
const newReceived = newMessages.filter(
|
|
|
|
|
m => m.direction !== 'sent' && m.from_pubkey !== 'me'
|
|
|
|
|
&& !archMessages.value.some(existing =>
|
|
|
|
|
existing.from_pubkey === m.from_pubkey && existing.timestamp === m.timestamp
|
|
|
|
|
)
|
|
|
|
|
)
|
|
|
|
|
archUnread.value += newReceived.length
|
|
|
|
|
}
|
|
|
|
|
archMessages.value = newMessages
|
2026-03-19 22:24:27 +00:00
|
|
|
} catch { /* silent */ }
|
|
|
|
|
}
|
|
|
|
|
|
2026-03-20 02:59:29 +00:00
|
|
|
const sendingArch = ref(false)
|
|
|
|
|
|
2026-03-19 22:24:27 +00:00
|
|
|
async function sendArchMessage() {
|
|
|
|
|
if (!messageText.value.trim()) return
|
|
|
|
|
sendError.value = ''
|
2026-03-20 02:59:29 +00:00
|
|
|
sendingArch.value = true
|
2026-03-19 22:24:27 +00:00
|
|
|
try {
|
|
|
|
|
const nodes = await rpcClient.federationListNodes()
|
2026-04-13 08:01:21 -04:00
|
|
|
// Get our own onion address to skip sending to self
|
|
|
|
|
let selfOnion: string | null = null
|
|
|
|
|
try {
|
|
|
|
|
const tor = await rpcClient.getTorAddress()
|
|
|
|
|
selfOnion = tor.tor_address
|
|
|
|
|
} catch { /* non-fatal */ }
|
2026-03-19 22:24:27 +00:00
|
|
|
const msg = messageText.value.trim()
|
|
|
|
|
let sent = 0
|
|
|
|
|
for (const node of nodes.nodes) {
|
2026-04-13 08:01:21 -04:00
|
|
|
const nodeOnion = node.onion || node.did
|
|
|
|
|
// Skip sending to ourselves (would create duplicate received message)
|
|
|
|
|
if (selfOnion && (nodeOnion === selfOnion || nodeOnion === selfOnion.replace('.onion', '') || selfOnion === nodeOnion + '.onion')) continue
|
2026-03-19 22:24:27 +00:00
|
|
|
try {
|
2026-04-13 08:01:21 -04:00
|
|
|
await rpcClient.sendMessageToPeer(nodeOnion, msg)
|
2026-03-19 22:24:27 +00:00
|
|
|
sent++
|
|
|
|
|
} catch { /* some peers may be offline */ }
|
|
|
|
|
}
|
2026-03-20 08:26:40 +00:00
|
|
|
try {
|
|
|
|
|
await rpcClient.call({ method: 'node-store-sent', params: { message: msg } })
|
|
|
|
|
} catch { /* non-fatal */ }
|
2026-03-19 22:24:27 +00:00
|
|
|
messageText.value = ''
|
2026-04-13 08:01:21 -04:00
|
|
|
if (sent === 0 && nodes.nodes.length <= 1) sendError.value = 'No other peers in federation — add nodes first'
|
2026-03-20 08:26:40 +00:00
|
|
|
await loadArchMessages()
|
2026-03-19 22:24:27 +00:00
|
|
|
} catch (e) {
|
|
|
|
|
sendError.value = e instanceof Error ? e.message : 'Send failed'
|
2026-03-20 02:59:29 +00:00
|
|
|
} finally {
|
|
|
|
|
sendingArch.value = false
|
2026-03-19 22:24:27 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2026-03-17 00:45:37 +00:00
|
|
|
const togglingOffGrid = ref(false)
|
feat: Phase 3 Week 7 — typed message UI, session badges, rich chat cards
Frontend store (mesh.ts):
- Add typed message interfaces: InvoiceData, AlertData, CoordinateData,
SessionStatus, AlertStatus, MeshMessageTypeLabel
- New actions: sendInvoice, sendCoordinate, sendAlert, getSessionStatus,
rotatePrekeys
Mesh.vue UI:
- Typed message rendering in chat bubbles:
- Invoice: orange card with sats amount, memo, bolt11 preview, paid badge
- Alert: red card (emergency/dead_man) or blue (status), signed badge,
GPS link to OpenStreetMap
- Coordinate: blue card with lat/lng, label, OSM map link
- Block header: purple inline with chain icon
- Session badge in chat header: green shield (Double Ratchet),
yellow (static encryption), gray (none)
- Session status fetched on peer selection via mesh.session-status RPC
Mock backend:
- Messages now include message_type and typed_payload fields
- Mix of text, invoice (paid + unpaid), alert (emergency + status),
coordinate, and block_header messages for testing
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-17 02:34:37 +00:00
|
|
|
const peerSessionInfo = ref<SessionStatus | null>(null)
|
2026-04-13 18:50:08 -04:00
|
|
|
const rotatingPrekeys = ref(false)
|
|
|
|
|
const outboxCount = ref(0)
|
|
|
|
|
async function handleRotatePrekeys() {
|
|
|
|
|
if (rotatingPrekeys.value) return
|
|
|
|
|
rotatingPrekeys.value = true
|
|
|
|
|
try {
|
|
|
|
|
await mesh.rotatePrekeys()
|
|
|
|
|
if (activeChatPeer.value) {
|
|
|
|
|
peerSessionInfo.value = await mesh.getSessionStatus(activeChatPeer.value.contact_id)
|
|
|
|
|
}
|
|
|
|
|
} catch (e) {
|
|
|
|
|
sendError.value = e instanceof Error ? e.message : 'rotate failed'
|
|
|
|
|
} finally {
|
|
|
|
|
rotatingPrekeys.value = false
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
async function refreshOutboxCount() {
|
|
|
|
|
try {
|
|
|
|
|
const resp = await mesh.getOutbox()
|
|
|
|
|
outboxCount.value = resp?.count ?? 0
|
|
|
|
|
} catch {
|
|
|
|
|
outboxCount.value = 0
|
|
|
|
|
}
|
|
|
|
|
}
|
feat: Phase 3 Week 7 — typed message UI, session badges, rich chat cards
Frontend store (mesh.ts):
- Add typed message interfaces: InvoiceData, AlertData, CoordinateData,
SessionStatus, AlertStatus, MeshMessageTypeLabel
- New actions: sendInvoice, sendCoordinate, sendAlert, getSessionStatus,
rotatePrekeys
Mesh.vue UI:
- Typed message rendering in chat bubbles:
- Invoice: orange card with sats amount, memo, bolt11 preview, paid badge
- Alert: red card (emergency/dead_man) or blue (status), signed badge,
GPS link to OpenStreetMap
- Coordinate: blue card with lat/lng, label, OSM map link
- Block header: purple inline with chain icon
- Session badge in chat header: green shield (Double Ratchet),
yellow (static encryption), gray (none)
- Session status fetched on peer selection via mesh.session-status RPC
Mock backend:
- Messages now include message_type and typed_payload fields
- Mix of text, invoice (paid + unpaid), alert (emergency + status),
coordinate, and block_header messages for testing
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-17 02:34:37 +00:00
|
|
|
|
feat: Phase 4 — off-grid Bitcoin relay, block headers, dead man's switch
- Typed message dispatch in listener (BlockHeader, TxRelay, LightningRelay, Alert, TxConfirmation)
- Base64 encoding for binary payloads over LoRa (fixes NUL byte truncation)
- Compact block header announcements (88 bytes, fits 160-byte LoRa limit)
- Block header announcer: internet nodes auto-announce new blocks to Archy peers
- TX relay: mesh-only nodes can broadcast transactions via internet-connected peers
- Confirmation tracking: relay node monitors 1/3, 2/3, 3/3 confirmations, sends updates back
- Dead man's switch background task with configurable interval and signed alert broadcast
- 6 new RPC endpoints: relay-tx, block-headers, relay-lightning, deadman-status/configure/checkin
- lnd.create-raw-tx: create signed TX without broadcasting (for mesh relay)
- Web5 wallet: offline detection + "Send via mesh?" prompt with auto relay + confirmation polling
- Mesh.vue: Off-Grid Bitcoin tab, Dead Man tab, Send Bitcoin/Lightning buttons
- TX/Lightning relay sends only to Archy peers (not broadcast to all devices)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-17 15:51:56 +00:00
|
|
|
// Phase 4: Off-grid Bitcoin + Dead Man's Switch
|
2026-03-19 16:12:01 +00:00
|
|
|
const activeTab = ref<'chat' | 'bitcoin' | 'deadman' | 'map'>('chat')
|
feat: Phase 4 — off-grid Bitcoin relay, block headers, dead man's switch
- Typed message dispatch in listener (BlockHeader, TxRelay, LightningRelay, Alert, TxConfirmation)
- Base64 encoding for binary payloads over LoRa (fixes NUL byte truncation)
- Compact block header announcements (88 bytes, fits 160-byte LoRa limit)
- Block header announcer: internet nodes auto-announce new blocks to Archy peers
- TX relay: mesh-only nodes can broadcast transactions via internet-connected peers
- Confirmation tracking: relay node monitors 1/3, 2/3, 3/3 confirmations, sends updates back
- Dead man's switch background task with configurable interval and signed alert broadcast
- 6 new RPC endpoints: relay-tx, block-headers, relay-lightning, deadman-status/configure/checkin
- lnd.create-raw-tx: create signed TX without broadcasting (for mesh relay)
- Web5 wallet: offline detection + "Send via mesh?" prompt with auto relay + confirmation polling
- Mesh.vue: Off-Grid Bitcoin tab, Dead Man tab, Send Bitcoin/Lightning buttons
- TX/Lightning relay sends only to Archy peers (not broadcast to all devices)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-17 15:51:56 +00:00
|
|
|
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
// Tools tab for 3rd column on wide desktop and mobile below-chat
|
2026-03-19 16:12:01 +00:00
|
|
|
const toolsTab = ref<'bitcoin' | 'deadman' | 'map'>('bitcoin')
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
|
|
|
|
|
// Panel visibility computeds
|
|
|
|
|
const showChatPanel = computed(() =>
|
|
|
|
|
activeTab.value === 'chat' || isWideDesktop.value || (isMobile.value && mobileShowChat.value)
|
|
|
|
|
)
|
|
|
|
|
const showBitcoinPanel = computed(() => {
|
|
|
|
|
if (isWideDesktop.value || (isMobile.value && !mobileShowChat.value)) return toolsTab.value === 'bitcoin'
|
|
|
|
|
return activeTab.value === 'bitcoin'
|
|
|
|
|
})
|
|
|
|
|
const showDeadmanPanel = computed(() => {
|
|
|
|
|
if (isWideDesktop.value || (isMobile.value && !mobileShowChat.value)) return toolsTab.value === 'deadman'
|
|
|
|
|
return activeTab.value === 'deadman'
|
|
|
|
|
})
|
2026-03-19 16:12:01 +00:00
|
|
|
const showMapPanel = computed(() => {
|
|
|
|
|
if (isWideDesktop.value || (isMobile.value && !mobileShowChat.value)) return toolsTab.value === 'map'
|
|
|
|
|
return activeTab.value === 'map'
|
|
|
|
|
})
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
const showMobileTools = computed(() => isMobile.value && !mobileShowChat.value)
|
|
|
|
|
const showTabBar = computed(() => !isWideDesktop.value && !isMobile.value)
|
|
|
|
|
|
feat: Phase 3 Week 7 — typed message UI, session badges, rich chat cards
Frontend store (mesh.ts):
- Add typed message interfaces: InvoiceData, AlertData, CoordinateData,
SessionStatus, AlertStatus, MeshMessageTypeLabel
- New actions: sendInvoice, sendCoordinate, sendAlert, getSessionStatus,
rotatePrekeys
Mesh.vue UI:
- Typed message rendering in chat bubbles:
- Invoice: orange card with sats amount, memo, bolt11 preview, paid badge
- Alert: red card (emergency/dead_man) or blue (status), signed badge,
GPS link to OpenStreetMap
- Coordinate: blue card with lat/lng, label, OSM map link
- Block header: purple inline with chain icon
- Session badge in chat header: green shield (Double Ratchet),
yellow (static encryption), gray (none)
- Session status fetched on peer selection via mesh.session-status RPC
Mock backend:
- Messages now include message_type and typed_payload fields
- Mix of text, invoice (paid + unpaid), alert (emergency + status),
coordinate, and block_header messages for testing
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-17 02:34:37 +00:00
|
|
|
// Fetch session status when active peer changes
|
|
|
|
|
watch(() => activeChatPeer.value, async (peer) => {
|
|
|
|
|
if (peer) {
|
|
|
|
|
try {
|
|
|
|
|
peerSessionInfo.value = await mesh.getSessionStatus(peer.contact_id)
|
|
|
|
|
} catch {
|
|
|
|
|
peerSessionInfo.value = null
|
|
|
|
|
}
|
2026-04-13 18:50:08 -04:00
|
|
|
scheduleReadReceipt()
|
feat: Phase 3 Week 7 — typed message UI, session badges, rich chat cards
Frontend store (mesh.ts):
- Add typed message interfaces: InvoiceData, AlertData, CoordinateData,
SessionStatus, AlertStatus, MeshMessageTypeLabel
- New actions: sendInvoice, sendCoordinate, sendAlert, getSessionStatus,
rotatePrekeys
Mesh.vue UI:
- Typed message rendering in chat bubbles:
- Invoice: orange card with sats amount, memo, bolt11 preview, paid badge
- Alert: red card (emergency/dead_man) or blue (status), signed badge,
GPS link to OpenStreetMap
- Coordinate: blue card with lat/lng, label, OSM map link
- Block header: purple inline with chain icon
- Session badge in chat header: green shield (Double Ratchet),
yellow (static encryption), gray (none)
- Session status fetched on peer selection via mesh.session-status RPC
Mock backend:
- Messages now include message_type and typed_payload fields
- Mix of text, invoice (paid + unpaid), alert (emergency + status),
coordinate, and block_header messages for testing
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-17 02:34:37 +00:00
|
|
|
} else {
|
|
|
|
|
peerSessionInfo.value = null
|
|
|
|
|
}
|
|
|
|
|
})
|
2026-03-17 00:45:37 +00:00
|
|
|
|
2026-04-13 18:50:08 -04:00
|
|
|
// Fire a read receipt whenever a new received message for the active peer lands.
|
|
|
|
|
watch(
|
|
|
|
|
() => chatMessages.value.length,
|
|
|
|
|
() => { scheduleReadReceipt() },
|
|
|
|
|
)
|
|
|
|
|
|
2026-03-17 00:45:37 +00:00
|
|
|
async function handleToggleOffGrid() {
|
|
|
|
|
togglingOffGrid.value = true
|
|
|
|
|
try {
|
|
|
|
|
await transport.setMeshOnly(!transport.meshOnly)
|
|
|
|
|
} finally { togglingOffGrid.value = false }
|
|
|
|
|
}
|
|
|
|
|
|
2026-03-17 00:03:08 +00:00
|
|
|
onMounted(async () => {
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
window.addEventListener('resize', handleResize)
|
2026-04-13 18:50:08 -04:00
|
|
|
document.addEventListener('click', handleDocClickForMenu)
|
2026-04-13 12:58:04 -04:00
|
|
|
window.addEventListener('archipelago:share-to-mesh', loadPendingFromSession)
|
|
|
|
|
loadPendingFromSession()
|
2026-03-17 00:45:37 +00:00
|
|
|
await Promise.all([mesh.refreshAll(), transport.fetchStatus()])
|
2026-04-13 18:50:08 -04:00
|
|
|
refreshOutboxCount()
|
2026-04-12 12:11:00 -04:00
|
|
|
// Start background polling for Archipelago (Tor) messages so unread count works
|
|
|
|
|
loadArchMessages()
|
|
|
|
|
if (!archPollInterval) {
|
|
|
|
|
archPollInterval = setInterval(loadArchMessages, 15000)
|
|
|
|
|
}
|
2026-03-17 00:03:08 +00:00
|
|
|
pollInterval = setInterval(() => {
|
|
|
|
|
mesh.fetchStatus()
|
|
|
|
|
mesh.fetchPeers()
|
|
|
|
|
mesh.fetchMessages()
|
feat: Phase 4 — off-grid Bitcoin relay, block headers, dead man's switch
- Typed message dispatch in listener (BlockHeader, TxRelay, LightningRelay, Alert, TxConfirmation)
- Base64 encoding for binary payloads over LoRa (fixes NUL byte truncation)
- Compact block header announcements (88 bytes, fits 160-byte LoRa limit)
- Block header announcer: internet nodes auto-announce new blocks to Archy peers
- TX relay: mesh-only nodes can broadcast transactions via internet-connected peers
- Confirmation tracking: relay node monitors 1/3, 2/3, 3/3 confirmations, sends updates back
- Dead man's switch background task with configurable interval and signed alert broadcast
- 6 new RPC endpoints: relay-tx, block-headers, relay-lightning, deadman-status/configure/checkin
- lnd.create-raw-tx: create signed TX without broadcasting (for mesh relay)
- Web5 wallet: offline detection + "Send via mesh?" prompt with auto relay + confirmation polling
- Mesh.vue: Off-Grid Bitcoin tab, Dead Man tab, Send Bitcoin/Lightning buttons
- TX/Lightning relay sends only to Archy peers (not broadcast to all devices)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-17 15:51:56 +00:00
|
|
|
mesh.fetchDeadmanStatus()
|
|
|
|
|
mesh.fetchBlockHeaders()
|
2026-03-17 00:03:08 +00:00
|
|
|
}, 5000)
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
onUnmounted(() => {
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
window.removeEventListener('resize', handleResize)
|
2026-04-13 18:50:08 -04:00
|
|
|
document.removeEventListener('click', handleDocClickForMenu)
|
2026-04-13 12:58:04 -04:00
|
|
|
window.removeEventListener('archipelago:share-to-mesh', loadPendingFromSession)
|
2026-03-17 00:03:08 +00:00
|
|
|
if (pollInterval) clearInterval(pollInterval)
|
2026-04-12 12:11:00 -04:00
|
|
|
if (archPollInterval) { clearInterval(archPollInterval); archPollInterval = null }
|
2026-03-17 00:03:08 +00:00
|
|
|
})
|
|
|
|
|
|
|
|
|
|
// Active chat name for the header
|
|
|
|
|
const activeChatName = computed(() => {
|
2026-03-19 22:24:27 +00:00
|
|
|
if (archChannelActive.value) return 'Archipelago'
|
2026-03-17 00:03:08 +00:00
|
|
|
if (activeChatChannel.value) return activeChatChannel.value.name
|
|
|
|
|
if (activeChatPeer.value) return activeChatPeer.value.advert_name
|
|
|
|
|
return ''
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
const activeChatSub = computed(() => {
|
2026-03-19 22:24:27 +00:00
|
|
|
if (archChannelActive.value) return 'All nodes over Tor'
|
|
|
|
|
if (activeChatChannel.value) return 'Mesh radio'
|
2026-03-17 00:03:08 +00:00
|
|
|
if (activeChatPeer.value) return truncatePubkey(activeChatPeer.value.pubkey_hex)
|
|
|
|
|
return ''
|
|
|
|
|
})
|
|
|
|
|
|
2026-03-19 22:24:27 +00:00
|
|
|
const hasActiveChat = computed(() => !!activeChatPeer.value || !!activeChatChannel.value || archChannelActive.value)
|
2026-03-17 00:03:08 +00:00
|
|
|
|
|
|
|
|
// Messages filtered to the active chat
|
|
|
|
|
const chatMessages = computed(() => {
|
2026-03-19 22:24:27 +00:00
|
|
|
if (archChannelActive.value) {
|
2026-03-20 08:26:40 +00:00
|
|
|
return archMessages.value.map((m, i) => {
|
2026-04-12 12:11:00 -04:00
|
|
|
const isSent = m.direction === 'sent' || m.from_pubkey === 'me'
|
|
|
|
|
let peerName = 'Unknown'
|
|
|
|
|
if (isSent) {
|
|
|
|
|
peerName = 'You'
|
|
|
|
|
} else if (m.from_name) {
|
|
|
|
|
peerName = m.from_name
|
|
|
|
|
} else if (fedNodeNames.value[m.from_pubkey]) {
|
2026-04-13 08:01:21 -04:00
|
|
|
peerName = fedNodeNames.value[m.from_pubkey]!
|
2026-04-12 12:11:00 -04:00
|
|
|
} else {
|
|
|
|
|
peerName = m.from_pubkey.slice(0, 12) + '...'
|
|
|
|
|
}
|
2026-04-13 13:19:30 -04:00
|
|
|
const mm: MeshMessage = {
|
2026-03-20 08:26:40 +00:00
|
|
|
id: i,
|
|
|
|
|
peer_contact_id: -99,
|
2026-04-12 12:11:00 -04:00
|
|
|
peer_name: peerName,
|
2026-03-20 08:26:40 +00:00
|
|
|
direction: (isSent ? 'sent' : 'received') as 'sent' | 'received',
|
|
|
|
|
plaintext: m.message,
|
|
|
|
|
timestamp: m.timestamp,
|
|
|
|
|
delivered: true,
|
|
|
|
|
encrypted: false,
|
|
|
|
|
message_type: undefined,
|
|
|
|
|
typed_payload: undefined,
|
2026-04-13 13:19:30 -04:00
|
|
|
sender_pubkey: null,
|
|
|
|
|
sender_seq: null,
|
2026-03-20 08:26:40 +00:00
|
|
|
}
|
2026-04-13 13:19:30 -04:00
|
|
|
return mm
|
2026-03-20 08:26:40 +00:00
|
|
|
})
|
2026-03-19 22:24:27 +00:00
|
|
|
}
|
2026-04-13 13:19:30 -04:00
|
|
|
// Reactions are auxiliary — they render as chips under their target
|
|
|
|
|
// bubble, not as standalone chat stream entries.
|
|
|
|
|
const hideReactions = (m: MeshMessage) => m.message_type !== 'reaction'
|
2026-03-17 00:03:08 +00:00
|
|
|
if (activeChatChannel.value) {
|
2026-04-12 12:11:00 -04:00
|
|
|
const chanId = channelContactId(activeChatChannel.value.index)
|
2026-04-13 13:19:30 -04:00
|
|
|
return mesh.messages.filter(m => m.peer_contact_id === chanId && hideReactions(m))
|
2026-03-17 00:03:08 +00:00
|
|
|
}
|
|
|
|
|
if (activeChatPeer.value) {
|
|
|
|
|
const cid = activeChatPeer.value.contact_id
|
2026-04-13 13:19:30 -04:00
|
|
|
return mesh.messages.filter(m => m.peer_contact_id === cid && hideReactions(m))
|
2026-03-17 00:03:08 +00:00
|
|
|
}
|
|
|
|
|
return []
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
function isArchyNode(peer: MeshPeer): boolean {
|
|
|
|
|
return peer.advert_name.startsWith('Archy-')
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-13 18:50:08 -04:00
|
|
|
/// Build a contact_id → latest-message-timestamp map once per render so
|
|
|
|
|
/// we can sort the chat list by recency (freshest thread at the top,
|
|
|
|
|
/// Telegram-style). Empty threads keep their lexicographic fallback.
|
|
|
|
|
const lastMessageAt = computed<Map<number, number>>(() => {
|
|
|
|
|
const out = new Map<number, number>()
|
|
|
|
|
for (const m of mesh.messages) {
|
|
|
|
|
const ts = Date.parse(m.timestamp)
|
|
|
|
|
if (Number.isNaN(ts)) continue
|
|
|
|
|
const prev = out.get(m.peer_contact_id)
|
|
|
|
|
if (prev === undefined || ts > prev) out.set(m.peer_contact_id, ts)
|
|
|
|
|
}
|
|
|
|
|
return out
|
|
|
|
|
})
|
|
|
|
|
|
2026-03-17 00:03:08 +00:00
|
|
|
const sortedPeers = computed(() => {
|
|
|
|
|
return [...mesh.peers].sort((a, b) => {
|
2026-04-13 18:50:08 -04:00
|
|
|
const aTs = lastMessageAt.value.get(a.contact_id) ?? 0
|
|
|
|
|
const bTs = lastMessageAt.value.get(b.contact_id) ?? 0
|
|
|
|
|
if (aTs !== bTs) return bTs - aTs
|
2026-03-17 00:03:08 +00:00
|
|
|
const aArchy = isArchyNode(a) ? 0 : 1
|
|
|
|
|
const bArchy = isArchyNode(b) ? 0 : 1
|
|
|
|
|
if (aArchy !== bArchy) return aArchy - bArchy
|
|
|
|
|
return a.advert_name.localeCompare(b.advert_name)
|
|
|
|
|
})
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
function openChat(peer: MeshPeer) {
|
|
|
|
|
activeChatPeer.value = peer
|
|
|
|
|
activeChatChannel.value = null
|
2026-03-19 22:24:27 +00:00
|
|
|
archChannelActive.value = false
|
2026-03-17 00:03:08 +00:00
|
|
|
sendError.value = ''
|
|
|
|
|
messageText.value = ''
|
feat: v1.2.0-alpha — E2E encrypted mesh relay, steganography, relay status polling
Phase 5 mesh networking:
- E2E encrypted TX relay (X25519 + ChaCha20-Poly1305) — non-Archy nodes
relay encrypted blobs transparently via Meshcore native routing
- Steganographic encoding modes (WeatherStation, SensorNetwork) — traffic
looks like sensor data on the wire, 0xAA marker, configurable per-node
- Pre-flight Bitcoin Core health check on relay node — specific error codes
(bitcoin_unreachable, bitcoin_syncing, tx_rejected) instead of generic fails
- mesh.relay-status RPC endpoint — frontend polls for relay result every 3s
- On-Chain / Lightning tabs in Off-Grid Bitcoin panel
- Archy Peers vs Mesh Broadcast relay mode selector
- Mesh view fills viewport (no page scroll), internal panel scrolling
- Version bump to 1.2.0-alpha
Also includes: deploy hardening, container fixes, IndeedHub updates,
boot screen, dashboard improvements, MASTER_PLAN task tracking
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-17 23:56:37 +00:00
|
|
|
activeTab.value = 'chat'
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
mobileShowChat.value = true
|
2026-03-17 00:03:08 +00:00
|
|
|
mesh.markChatRead(peer.contact_id)
|
|
|
|
|
nextTick(() => scrollChatToBottom())
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function openChannelChat(channel: { index: number; name: string }) {
|
|
|
|
|
activeChatChannel.value = channel
|
|
|
|
|
activeChatPeer.value = null
|
2026-03-19 22:24:27 +00:00
|
|
|
archChannelActive.value = false
|
2026-03-17 00:03:08 +00:00
|
|
|
sendError.value = ''
|
|
|
|
|
messageText.value = ''
|
feat: v1.2.0-alpha — E2E encrypted mesh relay, steganography, relay status polling
Phase 5 mesh networking:
- E2E encrypted TX relay (X25519 + ChaCha20-Poly1305) — non-Archy nodes
relay encrypted blobs transparently via Meshcore native routing
- Steganographic encoding modes (WeatherStation, SensorNetwork) — traffic
looks like sensor data on the wire, 0xAA marker, configurable per-node
- Pre-flight Bitcoin Core health check on relay node — specific error codes
(bitcoin_unreachable, bitcoin_syncing, tx_rejected) instead of generic fails
- mesh.relay-status RPC endpoint — frontend polls for relay result every 3s
- On-Chain / Lightning tabs in Off-Grid Bitcoin panel
- Archy Peers vs Mesh Broadcast relay mode selector
- Mesh view fills viewport (no page scroll), internal panel scrolling
- Version bump to 1.2.0-alpha
Also includes: deploy hardening, container fixes, IndeedHub updates,
boot screen, dashboard improvements, MASTER_PLAN task tracking
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-17 23:56:37 +00:00
|
|
|
activeTab.value = 'chat'
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
mobileShowChat.value = true
|
2026-04-12 12:11:00 -04:00
|
|
|
mesh.markChatRead(channelContactId(channel.index))
|
2026-03-17 00:03:08 +00:00
|
|
|
nextTick(() => scrollChatToBottom())
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function closeChat() {
|
|
|
|
|
activeChatPeer.value = null
|
|
|
|
|
activeChatChannel.value = null
|
2026-03-19 22:24:27 +00:00
|
|
|
archChannelActive.value = false
|
|
|
|
|
if (archPollInterval) { clearInterval(archPollInterval); archPollInterval = null }
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
mobileShowChat.value = false
|
2026-03-17 00:03:08 +00:00
|
|
|
mesh.clearViewingChat()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function handleSendMessage() {
|
2026-03-19 22:24:27 +00:00
|
|
|
if (archChannelActive.value) {
|
|
|
|
|
await sendArchMessage()
|
|
|
|
|
nextTick(() => scrollChatToBottom())
|
|
|
|
|
return
|
|
|
|
|
}
|
2026-04-13 13:19:30 -04:00
|
|
|
// Pending reply: Send flushes as mesh.send-reply targeting the stashed
|
|
|
|
|
// MessageKey. Takes precedence over a pending attachment — we don't try
|
|
|
|
|
// to express "attach-as-reply" in one go.
|
2026-04-13 18:50:08 -04:00
|
|
|
// Pending edit: Send flushes as mesh.edit-message against the stashed seq.
|
|
|
|
|
if (pendingEdit.value && activeChatPeer.value) {
|
|
|
|
|
if (!messageText.value.trim()) return
|
|
|
|
|
sendError.value = ''
|
|
|
|
|
try {
|
|
|
|
|
await mesh.editMessage(
|
|
|
|
|
activeChatPeer.value.contact_id,
|
|
|
|
|
pendingEdit.value.target_seq,
|
|
|
|
|
messageText.value.trim(),
|
|
|
|
|
)
|
|
|
|
|
messageText.value = ''
|
|
|
|
|
pendingEdit.value = null
|
|
|
|
|
nextTick(() => scrollChatToBottom())
|
|
|
|
|
} catch (err: unknown) {
|
|
|
|
|
sendError.value = err instanceof Error ? err.message : 'Edit failed'
|
|
|
|
|
}
|
|
|
|
|
return
|
|
|
|
|
}
|
2026-04-13 13:19:30 -04:00
|
|
|
if (pendingReply.value && activeChatPeer.value) {
|
|
|
|
|
if (!messageText.value.trim()) return
|
|
|
|
|
sendError.value = ''
|
|
|
|
|
try {
|
|
|
|
|
await mesh.sendReply(
|
|
|
|
|
activeChatPeer.value.contact_id,
|
|
|
|
|
pendingReply.value.target_pubkey,
|
|
|
|
|
pendingReply.value.target_seq,
|
|
|
|
|
messageText.value.trim(),
|
|
|
|
|
)
|
|
|
|
|
messageText.value = ''
|
|
|
|
|
pendingReply.value = null
|
|
|
|
|
nextTick(() => scrollChatToBottom())
|
|
|
|
|
} catch (err: unknown) {
|
|
|
|
|
sendError.value = err instanceof Error ? err.message : 'Reply failed'
|
|
|
|
|
}
|
|
|
|
|
return
|
|
|
|
|
}
|
2026-04-13 12:58:04 -04:00
|
|
|
// Pending share-to-mesh attachment: Send flushes the CID as a ContentRef
|
|
|
|
|
// rather than a plain text message. Any text in the input becomes the
|
|
|
|
|
// caption. Only valid for direct peers (channel broadcast of content_ref
|
|
|
|
|
// isn't in scope for Phase 3c).
|
|
|
|
|
if (pendingAttachment.value && activeChatPeer.value) {
|
|
|
|
|
sendError.value = ''
|
|
|
|
|
try {
|
|
|
|
|
const caption = messageText.value.trim() || undefined
|
|
|
|
|
await mesh.sendContent(activeChatPeer.value.contact_id, pendingAttachment.value.cid, caption)
|
|
|
|
|
messageText.value = ''
|
|
|
|
|
pendingAttachment.value = null
|
|
|
|
|
nextTick(() => scrollChatToBottom())
|
|
|
|
|
} catch (err: unknown) {
|
|
|
|
|
sendError.value = err instanceof Error ? err.message : 'Share failed'
|
|
|
|
|
}
|
|
|
|
|
return
|
|
|
|
|
}
|
2026-04-12 12:11:00 -04:00
|
|
|
if (!messageText.value.trim()) return
|
2026-03-17 00:03:08 +00:00
|
|
|
sendError.value = ''
|
|
|
|
|
try {
|
2026-04-12 12:11:00 -04:00
|
|
|
if (activeChatChannel.value) {
|
|
|
|
|
await mesh.sendChannelMessage(activeChatChannel.value.index, messageText.value)
|
|
|
|
|
messageText.value = ''
|
|
|
|
|
nextTick(() => scrollChatToBottom())
|
|
|
|
|
} else if (activeChatPeer.value) {
|
|
|
|
|
await mesh.sendMessage(activeChatPeer.value.contact_id, messageText.value)
|
|
|
|
|
messageText.value = ''
|
|
|
|
|
nextTick(() => scrollChatToBottom())
|
|
|
|
|
}
|
2026-03-17 00:03:08 +00:00
|
|
|
} catch (err: unknown) {
|
|
|
|
|
sendError.value = err instanceof Error ? err.message : 'Send failed'
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function scrollChatToBottom() {
|
|
|
|
|
if (chatScrollEl.value) {
|
|
|
|
|
chatScrollEl.value.scrollTop = chatScrollEl.value.scrollHeight
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function handleBroadcast() {
|
|
|
|
|
broadcasting.value = true
|
|
|
|
|
try { await mesh.broadcastIdentity() } finally { broadcasting.value = false }
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function handleToggleEnabled() {
|
|
|
|
|
configuring.value = true
|
|
|
|
|
try {
|
|
|
|
|
const newEnabled = !(mesh.status?.enabled ?? false)
|
|
|
|
|
await mesh.configure({ enabled: newEnabled })
|
|
|
|
|
} finally { configuring.value = false }
|
|
|
|
|
}
|
|
|
|
|
|
2026-03-18 10:50:13 +00:00
|
|
|
async function handleConnectDevice(devicePath: string) {
|
|
|
|
|
connectingDevice.value = devicePath
|
|
|
|
|
try {
|
|
|
|
|
await mesh.configure({ enabled: true, device_path: devicePath } as Partial<import('@/stores/mesh').MeshStatus>)
|
|
|
|
|
} finally {
|
|
|
|
|
connectingDevice.value = null
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2026-03-17 00:03:08 +00:00
|
|
|
function signalBars(rssi: number | null): number {
|
|
|
|
|
if (rssi === null) return 0
|
|
|
|
|
if (rssi > -60) return 4
|
|
|
|
|
if (rssi > -75) return 3
|
|
|
|
|
if (rssi > -90) return 2
|
|
|
|
|
return 1
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function timeAgo(iso: string): string {
|
|
|
|
|
const diff = Date.now() - new Date(iso).getTime()
|
|
|
|
|
const secs = Math.floor(diff / 1000)
|
|
|
|
|
if (secs < 60) return `${secs}s ago`
|
|
|
|
|
const mins = Math.floor(secs / 60)
|
|
|
|
|
if (mins < 60) return `${mins}m ago`
|
|
|
|
|
const hours = Math.floor(mins / 60)
|
|
|
|
|
return `${hours}h ago`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function truncatePubkey(hex: string | null): string {
|
|
|
|
|
if (!hex) return ''
|
|
|
|
|
return hex.slice(0, 8) + '...' + hex.slice(-6)
|
|
|
|
|
}
|
2026-04-13 08:48:48 -04:00
|
|
|
|
2026-04-13 13:19:30 -04:00
|
|
|
// ── Reply + Reaction (Phase 2a) ───────────────────────────────────────────
|
|
|
|
|
// Pending reply state: when the user picks "Reply" on a bubble, we stash its
|
|
|
|
|
// MessageKey here; next Send uses mesh.send-reply instead of mesh.send.
|
|
|
|
|
interface PendingReply {
|
|
|
|
|
target_pubkey: string
|
|
|
|
|
target_seq: number
|
|
|
|
|
preview: string
|
|
|
|
|
}
|
|
|
|
|
const pendingReply = ref<PendingReply | null>(null)
|
|
|
|
|
const actionMenuForId = ref<number | null>(null)
|
|
|
|
|
const QUICK_REACTIONS = ['👍', '❤️', '😂', '😮', '😢', '🙏']
|
|
|
|
|
|
2026-04-13 18:50:08 -04:00
|
|
|
function openActionMenu(msgId: number, ev?: Event) {
|
|
|
|
|
ev?.stopPropagation()
|
2026-04-13 13:19:30 -04:00
|
|
|
actionMenuForId.value = actionMenuForId.value === msgId ? null : msgId
|
|
|
|
|
}
|
|
|
|
|
function closeActionMenu() {
|
|
|
|
|
actionMenuForId.value = null
|
|
|
|
|
}
|
2026-04-13 18:50:08 -04:00
|
|
|
function handleDocClickForMenu(ev: MouseEvent) {
|
|
|
|
|
if (actionMenuForId.value === null) return
|
|
|
|
|
const target = ev.target as HTMLElement | null
|
|
|
|
|
if (!target) return
|
|
|
|
|
if (target.closest('.mesh-chat-action-menu')) return
|
|
|
|
|
if (target.closest('.mesh-chat-action-trigger')) return
|
|
|
|
|
actionMenuForId.value = null
|
|
|
|
|
}
|
2026-04-13 13:19:30 -04:00
|
|
|
function messageKeyFor(msg: { sender_pubkey?: string | null; sender_seq?: number | null }): { pubkey: string; seq: number } | null {
|
|
|
|
|
if (!msg.sender_pubkey || msg.sender_seq == null) return null
|
|
|
|
|
return { pubkey: msg.sender_pubkey, seq: msg.sender_seq }
|
|
|
|
|
}
|
|
|
|
|
function startReplyTo(msg: MeshMessage) {
|
|
|
|
|
const key = messageKeyFor(msg)
|
|
|
|
|
if (!key) return
|
|
|
|
|
pendingReply.value = {
|
|
|
|
|
target_pubkey: key.pubkey,
|
|
|
|
|
target_seq: key.seq,
|
2026-04-13 18:50:08 -04:00
|
|
|
preview: summarizeForPreview(msg),
|
2026-04-13 13:19:30 -04:00
|
|
|
}
|
|
|
|
|
closeActionMenu()
|
|
|
|
|
}
|
|
|
|
|
function clearPendingReply() {
|
|
|
|
|
pendingReply.value = null
|
|
|
|
|
}
|
2026-04-13 18:50:08 -04:00
|
|
|
|
|
|
|
|
// ── Edit / Delete / Forward (Phase 2b) ───────────────────────────────────
|
|
|
|
|
// Pending edit: when the user picks "Edit" on an own message, we stash its
|
|
|
|
|
// sender_seq and prefill the composer. Next Send calls mesh.edit-message
|
|
|
|
|
// instead of mesh.send.
|
|
|
|
|
interface PendingEdit { target_seq: number; original_text: string }
|
|
|
|
|
const pendingEdit = ref<PendingEdit | null>(null)
|
|
|
|
|
function startEditOf(msg: MeshMessage) {
|
|
|
|
|
if (msg.direction !== 'sent' || msg.sender_seq == null) return
|
|
|
|
|
pendingEdit.value = { target_seq: msg.sender_seq, original_text: msg.plaintext }
|
|
|
|
|
messageText.value = msg.plaintext
|
|
|
|
|
closeActionMenu()
|
|
|
|
|
}
|
|
|
|
|
function clearPendingEdit() {
|
|
|
|
|
pendingEdit.value = null
|
|
|
|
|
messageText.value = ''
|
|
|
|
|
}
|
|
|
|
|
async function deleteOwnMessage(msg: MeshMessage) {
|
|
|
|
|
if (msg.direction !== 'sent' || msg.sender_seq == null || !activeChatPeer.value) return
|
|
|
|
|
if (!window.confirm('Delete this message? Peers already received it — this only marks it as deleted.')) return
|
|
|
|
|
try {
|
|
|
|
|
await mesh.deleteMessage(activeChatPeer.value.contact_id, msg.sender_seq)
|
|
|
|
|
} catch (e) {
|
|
|
|
|
sendError.value = e instanceof Error ? e.message : 'delete failed'
|
|
|
|
|
} finally {
|
|
|
|
|
closeActionMenu()
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
async function forwardToCurrent(msg: MeshMessage) {
|
|
|
|
|
if (!activeChatPeer.value) return
|
|
|
|
|
try {
|
|
|
|
|
await mesh.forwardMessage(activeChatPeer.value.contact_id, msg.id)
|
|
|
|
|
} catch (e) {
|
|
|
|
|
sendError.value = e instanceof Error ? e.message : 'forward failed'
|
|
|
|
|
} finally {
|
|
|
|
|
closeActionMenu()
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
function isEditedMessage(msg: MeshMessage): number | null {
|
|
|
|
|
const ts = msg.typed_payload?.edited_at
|
|
|
|
|
return typeof ts === 'number' ? ts : null
|
|
|
|
|
}
|
|
|
|
|
function isDeletedMessage(msg: MeshMessage): boolean {
|
|
|
|
|
return msg.message_type === 'delete' || msg.typed_payload?.deleted === true
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Read-receipt: after render, if the bottom message is from the peer (direction='received')
|
|
|
|
|
// and has a MessageKey, fire mesh.send-read-receipt up to that seq. Debounced so scroll
|
|
|
|
|
// doesn't spam the wire.
|
|
|
|
|
const lastReceiptSentForSeq = ref<Map<number, number>>(new Map()) // contactId → last acked seq
|
|
|
|
|
let receiptDebounce: ReturnType<typeof setTimeout> | null = null
|
|
|
|
|
function scheduleReadReceipt() {
|
|
|
|
|
if (receiptDebounce) clearTimeout(receiptDebounce)
|
|
|
|
|
receiptDebounce = setTimeout(() => {
|
|
|
|
|
const peer = activeChatPeer.value
|
|
|
|
|
if (!peer) return
|
|
|
|
|
const received = chatMessages.value.filter((m) => m.direction === 'received' && m.sender_seq != null)
|
|
|
|
|
if (received.length === 0) return
|
|
|
|
|
const latest = received[received.length - 1]
|
|
|
|
|
const latestSeq = latest.sender_seq as number
|
|
|
|
|
const already = lastReceiptSentForSeq.value.get(peer.contact_id) ?? -1
|
|
|
|
|
if (latestSeq <= already) return
|
|
|
|
|
const pubkey = latest.sender_pubkey
|
|
|
|
|
if (!pubkey) return
|
|
|
|
|
lastReceiptSentForSeq.value.set(peer.contact_id, latestSeq)
|
|
|
|
|
void mesh.sendReadReceipt(peer.contact_id, pubkey, latestSeq)
|
|
|
|
|
}, 400)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const reactionInFlight = ref<string | null>(null) // `${msgId}:${emoji}` while RPC is running
|
2026-04-13 13:19:30 -04:00
|
|
|
async function reactTo(msg: MeshMessage, emoji: string) {
|
|
|
|
|
const key = messageKeyFor(msg)
|
|
|
|
|
if (!key || !activeChatPeer.value) return
|
2026-04-13 18:50:08 -04:00
|
|
|
const marker = `${msg.id}:${emoji}`
|
|
|
|
|
reactionInFlight.value = marker
|
2026-04-13 13:19:30 -04:00
|
|
|
try {
|
|
|
|
|
await mesh.sendReaction(activeChatPeer.value.contact_id, key.pubkey, key.seq, emoji)
|
2026-04-13 18:50:08 -04:00
|
|
|
closeActionMenu()
|
2026-04-13 13:19:30 -04:00
|
|
|
} catch (e) {
|
|
|
|
|
sendError.value = e instanceof Error ? e.message : 'reaction failed'
|
|
|
|
|
} finally {
|
2026-04-13 18:50:08 -04:00
|
|
|
if (reactionInFlight.value === marker) reactionInFlight.value = null
|
2026-04-13 13:19:30 -04:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Build a map from target MessageKey (pubkey:seq) → emoji strings seen in
|
|
|
|
|
/// the current message window. Iterates in timestamp order so the freshest
|
|
|
|
|
/// reaction per (reactor, target) wins; an empty emoji clears the reactor.
|
|
|
|
|
interface ReactionChip { emoji: string; count: number; by_self: boolean }
|
|
|
|
|
const reactionIndex = computed<Map<string, ReactionChip[]>>(() => {
|
|
|
|
|
const perTarget = new Map<string, Map<string, string>>() // target → (reactor → emoji)
|
|
|
|
|
for (const m of mesh.messages) {
|
|
|
|
|
if (m.message_type !== 'reaction' || !m.typed_payload) continue
|
|
|
|
|
const target = m.typed_payload.target as { sender_pubkey?: string; sender_seq?: number } | undefined
|
|
|
|
|
if (!target?.sender_pubkey || target.sender_seq == null) continue
|
|
|
|
|
const key = `${target.sender_pubkey}:${target.sender_seq}`
|
|
|
|
|
const reactor = m.direction === 'sent' ? '__self__' : (m.sender_pubkey ?? `peer:${m.peer_contact_id}`)
|
|
|
|
|
let slot = perTarget.get(key)
|
|
|
|
|
if (!slot) { slot = new Map(); perTarget.set(key, slot) }
|
|
|
|
|
const emoji = String(m.typed_payload.emoji ?? '')
|
|
|
|
|
if (emoji === '') {
|
|
|
|
|
slot.delete(reactor)
|
|
|
|
|
} else {
|
|
|
|
|
slot.set(reactor, emoji)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
const out = new Map<string, ReactionChip[]>()
|
|
|
|
|
for (const [key, slot] of perTarget) {
|
|
|
|
|
const counts = new Map<string, { count: number; by_self: boolean }>()
|
|
|
|
|
for (const [reactor, emoji] of slot) {
|
|
|
|
|
const cur = counts.get(emoji) ?? { count: 0, by_self: false }
|
|
|
|
|
cur.count++
|
|
|
|
|
if (reactor === '__self__') cur.by_self = true
|
|
|
|
|
counts.set(emoji, cur)
|
|
|
|
|
}
|
|
|
|
|
out.set(key, Array.from(counts, ([emoji, v]) => ({ emoji, count: v.count, by_self: v.by_self })))
|
|
|
|
|
}
|
|
|
|
|
return out
|
|
|
|
|
})
|
|
|
|
|
function reactionsFor(msg: { sender_pubkey?: string | null; sender_seq?: number | null }): ReactionChip[] {
|
|
|
|
|
const key = messageKeyFor(msg)
|
|
|
|
|
if (!key) return []
|
|
|
|
|
return reactionIndex.value.get(`${key.pubkey}:${key.seq}`) ?? []
|
|
|
|
|
}
|
|
|
|
|
/// Lookup the target of a reply bubble so we can show a mini-quote above it.
|
|
|
|
|
function replyTargetPreview(msg: MeshMessage): string | null {
|
|
|
|
|
if (msg.message_type !== 'reply' || !msg.typed_payload) return null
|
|
|
|
|
const target = msg.typed_payload.target as { sender_pubkey?: string; sender_seq?: number } | undefined
|
|
|
|
|
if (!target?.sender_pubkey || target.sender_seq == null) return null
|
|
|
|
|
const match = mesh.messages.find(
|
|
|
|
|
(m) => m.sender_pubkey === target.sender_pubkey && m.sender_seq === target.sender_seq,
|
|
|
|
|
)
|
2026-04-13 18:50:08 -04:00
|
|
|
if (!match) return `→ ${String(target.sender_pubkey).slice(0, 8)}…#${target.sender_seq}`
|
|
|
|
|
return summarizeForPreview(match)
|
|
|
|
|
}
|
|
|
|
|
function summarizeForPreview(m: MeshMessage): string {
|
|
|
|
|
const text = m.plaintext?.trim()
|
|
|
|
|
if (text) return text.slice(0, 80)
|
|
|
|
|
switch (m.message_type) {
|
|
|
|
|
case 'content_ref': return `📎 ${m.typed_payload?.filename || m.typed_payload?.mime || 'attachment'}`
|
|
|
|
|
case 'invoice': return `⚡ ${(m.typed_payload?.amount_sats || 0).toLocaleString()} sats`
|
|
|
|
|
case 'coordinate': return '📍 Location'
|
|
|
|
|
case 'alert': return `🚨 ${m.typed_payload?.message || 'Alert'}`.slice(0, 80)
|
|
|
|
|
default: return `(${m.message_type || 'message'})`
|
|
|
|
|
}
|
2026-04-13 13:19:30 -04:00
|
|
|
}
|
|
|
|
|
|
2026-04-13 12:58:04 -04:00
|
|
|
// ── share-to-mesh iframe intent (Phase 3c) ────────────────────────────────
|
|
|
|
|
// Marketplace app iframes POST a file to `/api/share-to-mesh` then call
|
|
|
|
|
// `window.parent.postMessage({type:'share-to-mesh', cid, ...})`. We park the
|
|
|
|
|
// CID as a pending attachment; next time the user picks a peer and hits Send
|
|
|
|
|
// (with optional caption text), we call mesh.send-content on that CID.
|
|
|
|
|
interface PendingAttachment {
|
|
|
|
|
cid: string
|
|
|
|
|
size: number
|
|
|
|
|
mime: string
|
|
|
|
|
filename: string | null
|
|
|
|
|
self_url?: string
|
|
|
|
|
}
|
|
|
|
|
const pendingAttachment = ref<PendingAttachment | null>(null)
|
|
|
|
|
|
|
|
|
|
function loadPendingFromSession() {
|
|
|
|
|
try {
|
|
|
|
|
const raw = sessionStorage.getItem('archipelago_share_to_mesh')
|
|
|
|
|
if (!raw) return
|
|
|
|
|
sessionStorage.removeItem('archipelago_share_to_mesh')
|
|
|
|
|
const data = JSON.parse(raw) as { cid?: string; size?: number; mime?: string; filename?: string | null; self_url?: string }
|
|
|
|
|
if (!data.cid) return
|
|
|
|
|
pendingAttachment.value = {
|
|
|
|
|
cid: data.cid,
|
|
|
|
|
size: data.size ?? 0,
|
|
|
|
|
mime: data.mime ?? 'application/octet-stream',
|
|
|
|
|
filename: data.filename ?? null,
|
|
|
|
|
self_url: data.self_url,
|
|
|
|
|
}
|
|
|
|
|
} catch {
|
|
|
|
|
/* ignore */
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function clearPendingAttachment() {
|
|
|
|
|
pendingAttachment.value = null
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-13 11:10:59 -04:00
|
|
|
// ── ContentRef attach + fetch (Phase 3b) ──────────────────────────────────
|
|
|
|
|
const attaching = ref(false)
|
|
|
|
|
const attachError = ref<string | null>(null)
|
|
|
|
|
const fetchingCids = ref<Set<string>>(new Set())
|
|
|
|
|
const fetchedUrls = ref<Map<string, string>>(new Map())
|
|
|
|
|
|
|
|
|
|
async function handleAttachFile(ev: Event) {
|
|
|
|
|
const input = ev.target as HTMLInputElement
|
|
|
|
|
const file = input.files?.[0]
|
|
|
|
|
if (!file) return
|
|
|
|
|
if (!activeChatPeer.value) {
|
|
|
|
|
attachError.value = 'Pick a peer first'
|
|
|
|
|
if (input) input.value = ''
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
attaching.value = true
|
|
|
|
|
attachError.value = null
|
|
|
|
|
try {
|
|
|
|
|
const buf = await file.arrayBuffer()
|
|
|
|
|
const up = await fetch('/api/blob', {
|
|
|
|
|
method: 'POST',
|
|
|
|
|
headers: {
|
|
|
|
|
'X-Blob-Mime': file.type || 'application/octet-stream',
|
|
|
|
|
'X-Blob-Filename': file.name,
|
|
|
|
|
'Content-Type': 'application/octet-stream',
|
|
|
|
|
},
|
|
|
|
|
credentials: 'include',
|
|
|
|
|
body: buf,
|
|
|
|
|
})
|
|
|
|
|
if (!up.ok) {
|
|
|
|
|
attachError.value = `upload failed: ${up.status}`
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
const { cid } = (await up.json()) as { cid: string }
|
2026-04-13 14:13:36 -04:00
|
|
|
// Resolve the federation onion for this mesh peer. Meshcore adverts
|
|
|
|
|
// don't carry an archipelago DID so the backend can't link them on its
|
|
|
|
|
// own — we match on name (both sides use the node's display name).
|
|
|
|
|
// Falls back to undefined; the backend will try its own DID lookup or
|
|
|
|
|
// error out if no federation path exists.
|
|
|
|
|
let peerOnion: string | undefined
|
|
|
|
|
try {
|
|
|
|
|
const fed = await rpcClient.federationListNodes()
|
|
|
|
|
const peerName = activeChatPeer.value.advert_name
|
|
|
|
|
const hit = fed.nodes.find(
|
|
|
|
|
(n: { name?: string; onion?: string }) =>
|
|
|
|
|
(n.name ?? '').toLowerCase() === peerName.toLowerCase() ||
|
|
|
|
|
(n.name ?? '').toLowerCase().includes(peerName.toLowerCase()) ||
|
|
|
|
|
peerName.toLowerCase().includes((n.name ?? '').toLowerCase()),
|
|
|
|
|
)
|
|
|
|
|
peerOnion = hit?.onion ?? undefined
|
|
|
|
|
} catch {
|
|
|
|
|
/* non-fatal — backend will try its own lookup */
|
|
|
|
|
}
|
|
|
|
|
await mesh.sendContent(
|
|
|
|
|
activeChatPeer.value.contact_id,
|
|
|
|
|
cid,
|
|
|
|
|
messageText.value.trim() || undefined,
|
|
|
|
|
peerOnion,
|
|
|
|
|
)
|
2026-04-13 11:10:59 -04:00
|
|
|
messageText.value = ''
|
|
|
|
|
nextTick(() => scrollChatToBottom())
|
|
|
|
|
} catch (e) {
|
|
|
|
|
attachError.value = e instanceof Error ? e.message : 'attach failed'
|
|
|
|
|
} finally {
|
|
|
|
|
attaching.value = false
|
|
|
|
|
if (input) input.value = ''
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function handleFetchContent(payload: {
|
|
|
|
|
cid: string
|
|
|
|
|
sender_onion: string
|
|
|
|
|
cap_token: string
|
|
|
|
|
cap_exp: number
|
|
|
|
|
mime?: string
|
|
|
|
|
filename?: string | null
|
|
|
|
|
}) {
|
|
|
|
|
if (fetchingCids.value.has(payload.cid)) return
|
|
|
|
|
fetchingCids.value.add(payload.cid)
|
|
|
|
|
try {
|
|
|
|
|
const res = await mesh.fetchContent({
|
|
|
|
|
cid: payload.cid,
|
|
|
|
|
sender_onion: payload.sender_onion,
|
|
|
|
|
cap_token: payload.cap_token,
|
|
|
|
|
cap_exp: payload.cap_exp,
|
|
|
|
|
mime: payload.mime,
|
|
|
|
|
filename: payload.filename ?? undefined,
|
|
|
|
|
})
|
|
|
|
|
const r = res as { local_url?: string }
|
|
|
|
|
if (r.local_url) {
|
|
|
|
|
fetchedUrls.value.set(payload.cid, r.local_url)
|
|
|
|
|
fetchedUrls.value = new Map(fetchedUrls.value)
|
|
|
|
|
}
|
|
|
|
|
} catch (e) {
|
|
|
|
|
console.error('fetch-content failed', e)
|
|
|
|
|
} finally {
|
|
|
|
|
fetchingCids.value.delete(payload.cid)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function isImageMime(mime?: string): boolean {
|
|
|
|
|
return !!mime && mime.startsWith('image/')
|
|
|
|
|
}
|
|
|
|
|
|
2026-03-17 00:03:08 +00:00
|
|
|
</script>
|
|
|
|
|
|
|
|
|
|
<template>
|
|
|
|
|
<div class="mesh-view">
|
2026-03-21 02:43:28 +00:00
|
|
|
<!-- Header (hidden on mobile) -->
|
feat: Phase 4 — off-grid Bitcoin relay, block headers, dead man's switch
- Typed message dispatch in listener (BlockHeader, TxRelay, LightningRelay, Alert, TxConfirmation)
- Base64 encoding for binary payloads over LoRa (fixes NUL byte truncation)
- Compact block header announcements (88 bytes, fits 160-byte LoRa limit)
- Block header announcer: internet nodes auto-announce new blocks to Archy peers
- TX relay: mesh-only nodes can broadcast transactions via internet-connected peers
- Confirmation tracking: relay node monitors 1/3, 2/3, 3/3 confirmations, sends updates back
- Dead man's switch background task with configurable interval and signed alert broadcast
- 6 new RPC endpoints: relay-tx, block-headers, relay-lightning, deadman-status/configure/checkin
- lnd.create-raw-tx: create signed TX without broadcasting (for mesh relay)
- Web5 wallet: offline detection + "Send via mesh?" prompt with auto relay + confirmation polling
- Mesh.vue: Off-Grid Bitcoin tab, Dead Man tab, Send Bitcoin/Lightning buttons
- TX/Lightning relay sends only to Archy peers (not broadcast to all devices)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-17 15:51:56 +00:00
|
|
|
<div class="mesh-header hidden md:flex">
|
2026-03-17 00:03:08 +00:00
|
|
|
<div class="mesh-header-left">
|
|
|
|
|
<h1 class="mesh-title">Mesh Network</h1>
|
|
|
|
|
<p class="mesh-subtitle">
|
|
|
|
|
{{ mesh.status?.peer_count ?? 0 }} peer{{ (mesh.status?.peer_count ?? 0) !== 1 ? 's' : '' }}
|
|
|
|
|
<span v-if="mesh.status?.device_connected" class="mesh-subtitle-badge">Live</span>
|
|
|
|
|
</p>
|
|
|
|
|
</div>
|
|
|
|
|
<a
|
|
|
|
|
href="https://flasher.meshcore.co.uk/"
|
|
|
|
|
target="_blank"
|
|
|
|
|
rel="noopener noreferrer"
|
|
|
|
|
class="glass-button mesh-flasher-btn"
|
|
|
|
|
>
|
|
|
|
|
Flash Meshcore <span class="mesh-flasher-sep">|</span> Choose Companion USB
|
|
|
|
|
</a>
|
|
|
|
|
</div>
|
|
|
|
|
|
|
|
|
|
<!-- Error banner -->
|
|
|
|
|
<div v-if="mesh.error" class="mesh-error">{{ mesh.error }}</div>
|
|
|
|
|
|
2026-03-21 02:43:28 +00:00
|
|
|
<!-- Responsive column layout -->
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
<div class="mesh-columns" :class="{ 'mesh-columns-wide': isWideDesktop }">
|
2026-03-17 00:03:08 +00:00
|
|
|
<!-- LEFT COLUMN: Status + Peers -->
|
2026-03-30 10:24:48 +01:00
|
|
|
<div class="mesh-left" data-controller-zone="mesh-left" :class="{ 'mobile-hidden': mobileShowChat }">
|
2026-03-17 00:03:08 +00:00
|
|
|
<!-- Device Status -->
|
feat: gamepad navigation rewrite, focus styling, container grid system
- Rewrite useControllerNav.ts with clean console-style navigation:
Sidebar (up/down wrap, right→containers, left→nothing),
Container tile grid (spatial nav, no wrap at edges),
Nav bar support (up from containers, down to grid),
Inner controls (enter drills in, escape exits, trapped arrows)
- Add data-controller-container to Mesh, Fleet, Settings pages
- Fix Home.vue fragment (modals outside root div) causing Vue warnings
- Remove skip-to-content link (handled by controller nav)
- Orange ambient glow focus styling matching glass aesthetic
- Disable PWA service worker in dev mode (fixes HMR caching)
- Add gamepad-nav skill and GAMEPAD-NAV-MAP.md spec document
- 39 tests covering all navigation patterns
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-28 17:01:17 +00:00
|
|
|
<div data-controller-container tabindex="0" class="glass-card mesh-status-card">
|
2026-03-17 00:03:08 +00:00
|
|
|
<div class="mesh-status-header">
|
|
|
|
|
<div class="mesh-status-indicator" :class="mesh.status?.device_connected ? 'connected' : 'disconnected'" />
|
|
|
|
|
<h2 class="mesh-section-title">Device</h2>
|
|
|
|
|
</div>
|
|
|
|
|
|
|
|
|
|
<div v-if="mesh.loading && !mesh.status" class="mesh-loading">Loading...</div>
|
|
|
|
|
|
|
|
|
|
<div v-else-if="mesh.status" class="mesh-status-grid">
|
|
|
|
|
<div class="mesh-stat">
|
|
|
|
|
<span class="mesh-stat-label">Status</span>
|
|
|
|
|
<span class="mesh-stat-value" :class="mesh.status.device_connected ? 'text-green' : mesh.status.enabled ? 'text-orange' : 'text-muted'">
|
|
|
|
|
{{ mesh.status.device_connected ? 'Broadcasting' : mesh.status.enabled ? 'Connecting...' : 'Disabled' }}
|
|
|
|
|
</span>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="mesh-stat">
|
|
|
|
|
<span class="mesh-stat-label">Type</span>
|
|
|
|
|
<span class="mesh-stat-value">{{ mesh.status.device_type === 'unknown' ? '—' : mesh.status.device_type }}</span>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="mesh-stat">
|
|
|
|
|
<span class="mesh-stat-label">Port</span>
|
|
|
|
|
<span class="mesh-stat-value">{{ mesh.status.device_path ?? 'Auto' }}</span>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="mesh-stat">
|
|
|
|
|
<span class="mesh-stat-label">Sent</span>
|
|
|
|
|
<span class="mesh-stat-value">{{ mesh.status.messages_sent }}</span>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="mesh-stat">
|
|
|
|
|
<span class="mesh-stat-label">Recv</span>
|
|
|
|
|
<span class="mesh-stat-value">{{ mesh.status.messages_received }}</span>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="mesh-stat">
|
|
|
|
|
<span class="mesh-stat-label">Channel</span>
|
|
|
|
|
<span class="mesh-stat-value">{{ mesh.status.channel_name }}</span>
|
|
|
|
|
</div>
|
|
|
|
|
</div>
|
|
|
|
|
|
|
|
|
|
<!-- Detected USB devices -->
|
|
|
|
|
<div v-if="mesh.status?.detected_devices?.length" class="mesh-detected-devices">
|
|
|
|
|
<div v-for="dev in mesh.status.detected_devices" :key="dev" class="mesh-device-row">
|
|
|
|
|
<div class="mesh-device-indicator" />
|
|
|
|
|
<span class="mesh-device-path">{{ dev }}</span>
|
2026-03-18 10:50:13 +00:00
|
|
|
<button
|
|
|
|
|
v-if="!mesh.status?.device_connected"
|
|
|
|
|
class="glass-button mesh-connect-btn"
|
|
|
|
|
:disabled="connectingDevice !== null"
|
|
|
|
|
@click="handleConnectDevice(dev)"
|
|
|
|
|
>
|
|
|
|
|
{{ connectingDevice === dev ? 'Connecting...' : 'Connect' }}
|
|
|
|
|
</button>
|
2026-03-17 00:03:08 +00:00
|
|
|
</div>
|
|
|
|
|
</div>
|
|
|
|
|
</div>
|
|
|
|
|
|
2026-03-17 00:45:37 +00:00
|
|
|
<!-- Off-grid mode banner -->
|
|
|
|
|
<div v-if="transport.meshOnly" class="mesh-offgrid-banner">
|
|
|
|
|
<svg class="w-4 h-4 text-orange-400 shrink-0" fill="none" stroke="currentColor" viewBox="0 0 24 24">
|
|
|
|
|
<path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M18.364 5.636a9 9 0 11-12.728 0M12 9v4m0 4h.01" />
|
|
|
|
|
</svg>
|
|
|
|
|
<span class="text-sm font-medium text-orange-300">OFF-GRID</span>
|
|
|
|
|
<span class="text-xs text-white/50">Tor disabled — mesh only</span>
|
|
|
|
|
</div>
|
|
|
|
|
|
2026-03-17 00:03:08 +00:00
|
|
|
<!-- Actions row -->
|
2026-03-30 10:24:48 +01:00
|
|
|
<div class="mesh-actions" data-controller-container tabindex="0">
|
2026-03-17 00:03:08 +00:00
|
|
|
<button class="glass-button mesh-action-btn" :disabled="configuring" @click="handleToggleEnabled">
|
|
|
|
|
{{ mesh.status?.enabled ? 'Disable' : 'Enable' }}
|
|
|
|
|
</button>
|
|
|
|
|
<button class="glass-button mesh-action-btn" :disabled="!mesh.status?.device_connected || broadcasting" @click="handleBroadcast">
|
|
|
|
|
{{ broadcasting ? 'Sending...' : 'Broadcast' }}
|
|
|
|
|
</button>
|
2026-03-17 00:45:37 +00:00
|
|
|
<button
|
|
|
|
|
class="glass-button mesh-action-btn"
|
|
|
|
|
:class="transport.meshOnly ? 'mesh-offgrid-active' : ''"
|
|
|
|
|
:disabled="togglingOffGrid"
|
|
|
|
|
@click="handleToggleOffGrid"
|
|
|
|
|
>
|
|
|
|
|
{{ transport.meshOnly ? 'Go Online' : 'Off-Grid' }}
|
|
|
|
|
</button>
|
2026-03-17 00:03:08 +00:00
|
|
|
<button class="glass-button mesh-action-btn" @click="mesh.refreshAll()">Refresh</button>
|
|
|
|
|
</div>
|
|
|
|
|
|
2026-03-21 02:43:28 +00:00
|
|
|
<!-- Peers list -->
|
feat: gamepad navigation rewrite, focus styling, container grid system
- Rewrite useControllerNav.ts with clean console-style navigation:
Sidebar (up/down wrap, right→containers, left→nothing),
Container tile grid (spatial nav, no wrap at edges),
Nav bar support (up from containers, down to grid),
Inner controls (enter drills in, escape exits, trapped arrows)
- Add data-controller-container to Mesh, Fleet, Settings pages
- Fix Home.vue fragment (modals outside root div) causing Vue warnings
- Remove skip-to-content link (handled by controller nav)
- Orange ambient glow focus styling matching glass aesthetic
- Disable PWA service worker in dev mode (fixes HMR caching)
- Add gamepad-nav skill and GAMEPAD-NAV-MAP.md spec document
- 39 tests covering all navigation patterns
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-28 17:01:17 +00:00
|
|
|
<div data-controller-container tabindex="0" class="glass-card mesh-peers-card">
|
2026-03-17 00:03:08 +00:00
|
|
|
<h2 class="mesh-section-title">Peers <span class="mesh-peer-count">{{ mesh.peers.length }}</span></h2>
|
|
|
|
|
|
|
|
|
|
<div v-if="mesh.peers.length === 0 && !mesh.status?.device_connected" class="mesh-empty">
|
|
|
|
|
No peers discovered yet.
|
|
|
|
|
</div>
|
|
|
|
|
|
|
|
|
|
<div v-else class="mesh-peer-list">
|
2026-03-21 02:43:28 +00:00
|
|
|
<!-- Archipelago Channel -->
|
2026-03-19 22:24:27 +00:00
|
|
|
<div
|
|
|
|
|
class="mesh-peer-row is-channel"
|
|
|
|
|
:class="{ active: archChannelActive }"
|
2026-03-30 10:24:48 +01:00
|
|
|
tabindex="0"
|
|
|
|
|
role="button"
|
2026-03-19 22:24:27 +00:00
|
|
|
@click="openArchChannel"
|
2026-03-30 10:24:48 +01:00
|
|
|
@keydown.enter="openArchChannel"
|
2026-03-19 22:24:27 +00:00
|
|
|
>
|
|
|
|
|
<div class="mesh-peer-avatar channel" style="background: rgba(251,146,60,0.2); color: #fb923c;">A</div>
|
|
|
|
|
<div class="mesh-peer-info">
|
|
|
|
|
<div class="mesh-peer-name">Archipelago</div>
|
|
|
|
|
<div class="mesh-peer-sub">All nodes over Tor</div>
|
|
|
|
|
</div>
|
|
|
|
|
<span v-if="archUnread > 0" class="ml-auto text-[10px] px-1.5 py-0.5 rounded-full bg-orange-500/30 text-orange-300">{{ archUnread }}</span>
|
|
|
|
|
</div>
|
2026-03-21 02:43:28 +00:00
|
|
|
<!-- Public channel -->
|
2026-03-17 00:03:08 +00:00
|
|
|
<div
|
|
|
|
|
class="mesh-peer-row is-channel"
|
|
|
|
|
:class="{ active: activeChatChannel?.index === 0 }"
|
2026-03-30 10:24:48 +01:00
|
|
|
tabindex="0"
|
|
|
|
|
role="button"
|
2026-03-17 00:03:08 +00:00
|
|
|
@click="openChannelChat(publicChannel)"
|
2026-03-30 10:24:48 +01:00
|
|
|
@keydown.enter="openChannelChat(publicChannel)"
|
2026-03-17 00:03:08 +00:00
|
|
|
>
|
|
|
|
|
<div class="mesh-peer-avatar channel">#</div>
|
|
|
|
|
<div class="mesh-peer-info">
|
|
|
|
|
<div class="mesh-peer-name">Public</div>
|
2026-03-19 22:24:27 +00:00
|
|
|
<div class="mesh-peer-sub">Mesh radio</div>
|
2026-03-17 00:03:08 +00:00
|
|
|
</div>
|
2026-04-12 12:11:00 -04:00
|
|
|
<span v-if="mesh.unreadCounts[channelContactId(0)]" class="ml-auto text-[10px] px-1.5 py-0.5 rounded-full bg-orange-500/30 text-orange-300">{{ mesh.unreadCounts[channelContactId(0)] }}</span>
|
2026-03-17 00:03:08 +00:00
|
|
|
</div>
|
|
|
|
|
<div
|
|
|
|
|
v-for="peer in sortedPeers" :key="peer.contact_id"
|
|
|
|
|
class="mesh-peer-row"
|
|
|
|
|
:class="{ active: activeChatPeer?.contact_id === peer.contact_id, 'is-archy': isArchyNode(peer) }"
|
2026-03-30 10:24:48 +01:00
|
|
|
tabindex="0"
|
|
|
|
|
role="button"
|
2026-03-17 00:03:08 +00:00
|
|
|
@click="openChat(peer)"
|
2026-03-30 10:24:48 +01:00
|
|
|
@keydown.enter="openChat(peer)"
|
2026-03-17 00:03:08 +00:00
|
|
|
>
|
|
|
|
|
<div class="mesh-peer-avatar" :class="{ archy: isArchyNode(peer) }">
|
|
|
|
|
<AnimatedLogo v-if="isArchyNode(peer)" size="sm" />
|
|
|
|
|
<template v-else>{{ peer.advert_name.charAt(0).toUpperCase() }}</template>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="mesh-peer-info">
|
|
|
|
|
<div class="mesh-peer-name">
|
|
|
|
|
{{ peer.advert_name || `Node #${peer.contact_id}` }}
|
|
|
|
|
<span v-if="isArchyNode(peer)" class="mesh-peer-archy-badge">Archy</span>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="mesh-peer-sub">{{ truncatePubkey(peer.pubkey_hex) }}</div>
|
|
|
|
|
</div>
|
|
|
|
|
<span v-if="mesh.unreadCounts[peer.contact_id]" class="mesh-unread-badge">
|
|
|
|
|
{{ mesh.unreadCounts[peer.contact_id] }}
|
|
|
|
|
</span>
|
|
|
|
|
<div class="mesh-peer-signal">
|
|
|
|
|
<div class="mesh-signal-bars">
|
|
|
|
|
<div v-for="i in 4" :key="i" class="mesh-signal-bar" :class="{ active: i <= signalBars(peer.rssi) }" />
|
|
|
|
|
</div>
|
|
|
|
|
</div>
|
|
|
|
|
</div>
|
|
|
|
|
</div>
|
|
|
|
|
</div>
|
|
|
|
|
</div>
|
|
|
|
|
|
feat: Phase 4 — off-grid Bitcoin relay, block headers, dead man's switch
- Typed message dispatch in listener (BlockHeader, TxRelay, LightningRelay, Alert, TxConfirmation)
- Base64 encoding for binary payloads over LoRa (fixes NUL byte truncation)
- Compact block header announcements (88 bytes, fits 160-byte LoRa limit)
- Block header announcer: internet nodes auto-announce new blocks to Archy peers
- TX relay: mesh-only nodes can broadcast transactions via internet-connected peers
- Confirmation tracking: relay node monitors 1/3, 2/3, 3/3 confirmations, sends updates back
- Dead man's switch background task with configurable interval and signed alert broadcast
- 6 new RPC endpoints: relay-tx, block-headers, relay-lightning, deadman-status/configure/checkin
- lnd.create-raw-tx: create signed TX without broadcasting (for mesh relay)
- Web5 wallet: offline detection + "Send via mesh?" prompt with auto relay + confirmation polling
- Mesh.vue: Off-Grid Bitcoin tab, Dead Man tab, Send Bitcoin/Lightning buttons
- TX/Lightning relay sends only to Archy peers (not broadcast to all devices)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-17 15:51:56 +00:00
|
|
|
<!-- RIGHT COLUMN: Tabbed panels -->
|
2026-03-30 10:24:48 +01:00
|
|
|
<div class="mesh-right" data-controller-zone="mesh-chat" :class="{ 'mobile-hidden': !mobileShowChat }">
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
<!-- Tab bar (medium desktop only) -->
|
|
|
|
|
<div v-if="showTabBar" class="mesh-tab-bar">
|
feat: Phase 4 — off-grid Bitcoin relay, block headers, dead man's switch
- Typed message dispatch in listener (BlockHeader, TxRelay, LightningRelay, Alert, TxConfirmation)
- Base64 encoding for binary payloads over LoRa (fixes NUL byte truncation)
- Compact block header announcements (88 bytes, fits 160-byte LoRa limit)
- Block header announcer: internet nodes auto-announce new blocks to Archy peers
- TX relay: mesh-only nodes can broadcast transactions via internet-connected peers
- Confirmation tracking: relay node monitors 1/3, 2/3, 3/3 confirmations, sends updates back
- Dead man's switch background task with configurable interval and signed alert broadcast
- 6 new RPC endpoints: relay-tx, block-headers, relay-lightning, deadman-status/configure/checkin
- lnd.create-raw-tx: create signed TX without broadcasting (for mesh relay)
- Web5 wallet: offline detection + "Send via mesh?" prompt with auto relay + confirmation polling
- Mesh.vue: Off-Grid Bitcoin tab, Dead Man tab, Send Bitcoin/Lightning buttons
- TX/Lightning relay sends only to Archy peers (not broadcast to all devices)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-17 15:51:56 +00:00
|
|
|
<button class="mesh-tab" :class="{ active: activeTab === 'chat' }" @click="activeTab = 'chat'">Chat</button>
|
|
|
|
|
<button class="mesh-tab" :class="{ active: activeTab === 'bitcoin' }" @click="activeTab = 'bitcoin'">
|
|
|
|
|
Off-Grid Bitcoin
|
|
|
|
|
<span v-if="mesh.latestBlockHeight > 0" class="mesh-tab-badge">{{ mesh.latestBlockHeight }}</span>
|
|
|
|
|
</button>
|
|
|
|
|
<button class="mesh-tab" :class="{ active: activeTab === 'deadman' }" @click="activeTab = 'deadman'">
|
|
|
|
|
Dead Man
|
|
|
|
|
<span v-if="mesh.deadmanStatus?.triggered" class="mesh-tab-badge mesh-tab-badge-alert">!</span>
|
|
|
|
|
</button>
|
2026-03-19 16:12:01 +00:00
|
|
|
<button class="mesh-tab" :class="{ active: activeTab === 'map' }" @click="activeTab = 'map'">
|
|
|
|
|
Map
|
|
|
|
|
<span v-if="mesh.nodePositions.size > 0" class="mesh-tab-badge">{{ mesh.nodePositions.size }}</span>
|
|
|
|
|
</button>
|
feat: Phase 4 — off-grid Bitcoin relay, block headers, dead man's switch
- Typed message dispatch in listener (BlockHeader, TxRelay, LightningRelay, Alert, TxConfirmation)
- Base64 encoding for binary payloads over LoRa (fixes NUL byte truncation)
- Compact block header announcements (88 bytes, fits 160-byte LoRa limit)
- Block header announcer: internet nodes auto-announce new blocks to Archy peers
- TX relay: mesh-only nodes can broadcast transactions via internet-connected peers
- Confirmation tracking: relay node monitors 1/3, 2/3, 3/3 confirmations, sends updates back
- Dead man's switch background task with configurable interval and signed alert broadcast
- 6 new RPC endpoints: relay-tx, block-headers, relay-lightning, deadman-status/configure/checkin
- lnd.create-raw-tx: create signed TX without broadcasting (for mesh relay)
- Web5 wallet: offline detection + "Send via mesh?" prompt with auto relay + confirmation polling
- Mesh.vue: Off-Grid Bitcoin tab, Dead Man tab, Send Bitcoin/Lightning buttons
- TX/Lightning relay sends only to Archy peers (not broadcast to all devices)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-17 15:51:56 +00:00
|
|
|
</div>
|
|
|
|
|
|
2026-03-21 02:43:28 +00:00
|
|
|
<!-- Chat Panel -->
|
feat: gamepad navigation rewrite, focus styling, container grid system
- Rewrite useControllerNav.ts with clean console-style navigation:
Sidebar (up/down wrap, right→containers, left→nothing),
Container tile grid (spatial nav, no wrap at edges),
Nav bar support (up from containers, down to grid),
Inner controls (enter drills in, escape exits, trapped arrows)
- Add data-controller-container to Mesh, Fleet, Settings pages
- Fix Home.vue fragment (modals outside root div) causing Vue warnings
- Remove skip-to-content link (handled by controller nav)
- Orange ambient glow focus styling matching glass aesthetic
- Disable PWA service worker in dev mode (fixes HMR caching)
- Add gamepad-nav skill and GAMEPAD-NAV-MAP.md spec document
- 39 tests covering all navigation patterns
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-28 17:01:17 +00:00
|
|
|
<div v-if="showChatPanel" data-controller-container tabindex="0" class="glass-card mesh-chat-card">
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
<div v-if="!hasActiveChat" class="mesh-chat-empty">
|
|
|
|
|
<div class="mesh-chat-empty-icon">📡</div>
|
|
|
|
|
<p>Select a peer or channel to chat</p>
|
|
|
|
|
<p class="mesh-chat-empty-sub">Messages are sent over LoRa mesh radio</p>
|
|
|
|
|
</div>
|
|
|
|
|
<template v-else>
|
|
|
|
|
<div class="mesh-chat-header">
|
|
|
|
|
<button class="mesh-chat-back" @click="closeChat">←</button>
|
|
|
|
|
<div class="mesh-chat-header-info">
|
|
|
|
|
<div class="mesh-chat-header-name">
|
|
|
|
|
{{ activeChatName }}
|
|
|
|
|
<span v-if="activeChatPeer && isArchyNode(activeChatPeer)" class="mesh-peer-archy-badge">Archy</span>
|
|
|
|
|
<span v-if="activeChatChannel" class="mesh-peer-channel-badge">Channel</span>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="mesh-chat-header-sub">{{ activeChatSub }}</div>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="mesh-chat-header-status">
|
|
|
|
|
<span v-if="activeChatPeer && peerSessionInfo" class="mesh-session-badge" :class="peerSessionInfo.forward_secrecy ? 'session-ratchet' : peerSessionInfo.has_session ? 'session-static' : 'session-none'" :title="peerSessionInfo.forward_secrecy ? 'Double Ratchet (forward secrecy)' : peerSessionInfo.has_session ? 'Static encryption' : 'No encryption'">🛡</span>
|
2026-04-13 18:50:08 -04:00
|
|
|
<button v-if="activeChatPeer && peerSessionInfo" class="mesh-session-rotate" :disabled="rotatingPrekeys" :title="'Rotate prekeys'" @click="handleRotatePrekeys">{{ rotatingPrekeys ? '…' : '⟲' }}</button>
|
|
|
|
|
<span v-if="outboxCount > 0" class="mesh-outbox-badge" :title="outboxCount + ' queued messages waiting for delivery'">📤 {{ outboxCount }}</span>
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
<span v-if="activeChatPeer" class="mesh-chat-header-time">{{ timeAgo(activeChatPeer.last_heard) }}</span>
|
|
|
|
|
</div>
|
|
|
|
|
</div>
|
2026-04-13 18:50:08 -04:00
|
|
|
<div ref="chatScrollEl" class="mesh-chat-messages" @scroll="scheduleReadReceipt">
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
<div v-if="chatMessages.length === 0" class="mesh-chat-no-messages">
|
|
|
|
|
No messages yet. Say hello!
|
|
|
|
|
</div>
|
|
|
|
|
<div
|
|
|
|
|
v-for="msg in chatMessages" :key="msg.id"
|
|
|
|
|
class="mesh-chat-bubble-wrapper"
|
|
|
|
|
:class="msg.direction"
|
|
|
|
|
>
|
2026-04-13 18:50:08 -04:00
|
|
|
<div class="mesh-chat-bubble" :class="[msg.direction, msg.message_type ? 'typed-' + msg.message_type : '', { 'menu-open': actionMenuForId === msg.id }]">
|
2026-04-13 13:19:30 -04:00
|
|
|
<div v-if="replyTargetPreview(msg)" class="mesh-chat-reply-quote">
|
|
|
|
|
↳ {{ replyTargetPreview(msg) }}
|
|
|
|
|
</div>
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
<!-- Invoice card -->
|
|
|
|
|
<div v-if="msg.message_type === 'invoice' && msg.typed_payload" class="mesh-typed-invoice">
|
|
|
|
|
<div class="mesh-typed-invoice-header">
|
|
|
|
|
<span class="mesh-typed-icon">⚡</span>
|
|
|
|
|
<span class="mesh-typed-label">Lightning Invoice</span>
|
|
|
|
|
<span v-if="msg.typed_payload.paid" class="mesh-typed-paid">Paid</span>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="mesh-typed-invoice-amount">{{ (msg.typed_payload.amount_sats || 0).toLocaleString() }} sats</div>
|
|
|
|
|
<div v-if="msg.typed_payload.memo" class="mesh-typed-invoice-memo">{{ msg.typed_payload.memo }}</div>
|
|
|
|
|
<div class="mesh-typed-invoice-bolt11">{{ (msg.typed_payload.bolt11 || '').substring(0, 40) }}...</div>
|
|
|
|
|
</div>
|
|
|
|
|
<!-- Alert card -->
|
|
|
|
|
<div v-else-if="msg.message_type === 'alert' && msg.typed_payload" class="mesh-typed-alert" :class="'alert-' + (msg.typed_payload.alert_type || 'status')">
|
|
|
|
|
<div class="mesh-typed-alert-header">
|
|
|
|
|
<span class="mesh-typed-icon">{{ msg.typed_payload.alert_type === 'emergency' ? '🚨' : msg.typed_payload.alert_type === 'dead_man' ? '☠' : 'ℹ' }}</span>
|
|
|
|
|
<span class="mesh-typed-label">{{ msg.typed_payload.alert_type === 'emergency' ? 'EMERGENCY' : msg.typed_payload.alert_type === 'dead_man' ? 'DEAD MAN' : 'Status' }}</span>
|
|
|
|
|
<span v-if="msg.typed_payload.signed" class="mesh-typed-signed">Signed</span>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="mesh-typed-alert-message">{{ msg.typed_payload.message }}</div>
|
|
|
|
|
<a v-if="msg.typed_payload.coordinate" class="mesh-typed-alert-location" :href="'https://www.openstreetmap.org/?mlat=' + (msg.typed_payload.coordinate.lat / 1000000) + '&mlon=' + (msg.typed_payload.coordinate.lng / 1000000) + '&zoom=14'" target="_blank" rel="noopener">
|
|
|
|
|
📍 {{ msg.typed_payload.coordinate.label || 'View location' }}
|
|
|
|
|
</a>
|
|
|
|
|
</div>
|
|
|
|
|
<!-- Coordinate card -->
|
|
|
|
|
<div v-else-if="msg.message_type === 'coordinate' && msg.typed_payload" class="mesh-typed-coordinate">
|
|
|
|
|
<div class="mesh-typed-coordinate-header">
|
|
|
|
|
<span class="mesh-typed-icon">📍</span>
|
|
|
|
|
<span class="mesh-typed-label">Location</span>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="mesh-typed-coordinate-value">{{ (msg.typed_payload.lat / 1000000).toFixed(4) }}, {{ (msg.typed_payload.lng / 1000000).toFixed(4) }}</div>
|
|
|
|
|
<div v-if="msg.typed_payload.label" class="mesh-typed-coordinate-label">{{ msg.typed_payload.label }}</div>
|
|
|
|
|
<a class="mesh-typed-coordinate-link" :href="'https://www.openstreetmap.org/?mlat=' + (msg.typed_payload.lat / 1000000) + '&mlon=' + (msg.typed_payload.lng / 1000000) + '&zoom=14'" target="_blank" rel="noopener">Open Map</a>
|
|
|
|
|
</div>
|
|
|
|
|
<!-- Block header -->
|
|
|
|
|
<div v-else-if="msg.message_type === 'block_header' && msg.typed_payload" class="mesh-typed-block">
|
|
|
|
|
<span class="mesh-typed-icon">⛓</span>
|
|
|
|
|
<span class="mesh-typed-label">{{ msg.typed_payload.message || msg.plaintext }}</span>
|
|
|
|
|
</div>
|
2026-04-13 08:01:21 -04:00
|
|
|
<!-- TX relay request -->
|
|
|
|
|
<div v-else-if="msg.message_type === 'tx_relay' && msg.typed_payload" class="mesh-typed-block">
|
|
|
|
|
<span class="mesh-typed-icon">↪</span>
|
|
|
|
|
<span class="mesh-typed-label">TX relay #{{ msg.typed_payload.request_id }} ({{ (msg.typed_payload.tx_hex || '').length }} hex chars)</span>
|
|
|
|
|
</div>
|
|
|
|
|
<!-- TX relay response -->
|
|
|
|
|
<div v-else-if="msg.message_type === 'tx_relay_response' && msg.typed_payload" class="mesh-typed-block">
|
|
|
|
|
<span class="mesh-typed-icon">{{ msg.typed_payload.txid ? '✅' : '❌' }}</span>
|
|
|
|
|
<span class="mesh-typed-label">
|
|
|
|
|
<template v-if="msg.typed_payload.txid">Broadcast #{{ msg.typed_payload.request_id }}: {{ String(msg.typed_payload.txid).substring(0, 12) }}…</template>
|
|
|
|
|
<template v-else>TX relay failed #{{ msg.typed_payload.request_id }}: {{ msg.typed_payload.error || 'unknown' }}</template>
|
|
|
|
|
</span>
|
|
|
|
|
</div>
|
|
|
|
|
<!-- TX confirmation -->
|
|
|
|
|
<div v-else-if="msg.message_type === 'tx_confirmation' && msg.typed_payload" class="mesh-typed-block">
|
|
|
|
|
<span class="mesh-typed-icon">⛓</span>
|
|
|
|
|
<span class="mesh-typed-label">{{ msg.typed_payload.confirmations }} conf @ block {{ msg.typed_payload.block_height }} — {{ String(msg.typed_payload.txid || '').substring(0, 12) }}…</span>
|
|
|
|
|
</div>
|
|
|
|
|
<!-- Lightning relay request -->
|
|
|
|
|
<div v-else-if="msg.message_type === 'lightning_relay' && msg.typed_payload" class="mesh-typed-invoice">
|
|
|
|
|
<div class="mesh-typed-invoice-header">
|
|
|
|
|
<span class="mesh-typed-icon">⚡</span>
|
|
|
|
|
<span class="mesh-typed-label">Lightning Relay Request</span>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="mesh-typed-invoice-amount">{{ (msg.typed_payload.amount_sats || 0).toLocaleString() }} sats</div>
|
|
|
|
|
<div class="mesh-typed-invoice-bolt11">{{ (msg.typed_payload.bolt11 || '').substring(0, 40) }}…</div>
|
|
|
|
|
</div>
|
|
|
|
|
<!-- Lightning relay response -->
|
|
|
|
|
<div v-else-if="msg.message_type === 'lightning_relay_response' && msg.typed_payload" class="mesh-typed-invoice">
|
|
|
|
|
<div class="mesh-typed-invoice-header">
|
|
|
|
|
<span class="mesh-typed-icon">{{ msg.typed_payload.preimage ? '✅' : '❌' }}</span>
|
|
|
|
|
<span class="mesh-typed-label">
|
|
|
|
|
<template v-if="msg.typed_payload.preimage">Lightning Paid</template>
|
|
|
|
|
<template v-else>Lightning Failed</template>
|
|
|
|
|
</span>
|
|
|
|
|
</div>
|
|
|
|
|
<div v-if="msg.typed_payload.payment_hash" class="mesh-typed-invoice-bolt11">hash: {{ String(msg.typed_payload.payment_hash).substring(0, 20) }}…</div>
|
|
|
|
|
<div v-if="msg.typed_payload.preimage" class="mesh-typed-invoice-bolt11">preimage: {{ String(msg.typed_payload.preimage).substring(0, 20) }}…</div>
|
|
|
|
|
<div v-if="msg.typed_payload.error" class="mesh-typed-invoice-memo">{{ msg.typed_payload.error }}</div>
|
|
|
|
|
</div>
|
2026-04-13 11:10:59 -04:00
|
|
|
<div v-else-if="msg.message_type === 'content_ref' && msg.typed_payload" class="mesh-typed-content">
|
|
|
|
|
<div class="mesh-typed-content-meta">
|
|
|
|
|
<span class="mesh-typed-icon">📎</span>
|
|
|
|
|
<span class="mesh-typed-label">{{ msg.typed_payload.filename || msg.typed_payload.mime }}</span>
|
|
|
|
|
<span class="mesh-typed-content-size">{{ msg.typed_payload.size }} B</span>
|
|
|
|
|
</div>
|
|
|
|
|
<div v-if="msg.typed_payload.caption" class="mesh-typed-content-caption">{{ msg.typed_payload.caption }}</div>
|
|
|
|
|
<template v-if="fetchedUrls.get(msg.typed_payload.cid)">
|
|
|
|
|
<img
|
|
|
|
|
v-if="isImageMime(msg.typed_payload.mime)"
|
|
|
|
|
:src="fetchedUrls.get(msg.typed_payload.cid)"
|
|
|
|
|
class="mesh-typed-content-preview"
|
|
|
|
|
alt="attachment"
|
|
|
|
|
/>
|
|
|
|
|
<a v-else :href="fetchedUrls.get(msg.typed_payload.cid)" target="_blank" class="btn">Open</a>
|
|
|
|
|
</template>
|
|
|
|
|
<template v-else-if="msg.direction === 'sent'">
|
|
|
|
|
<span class="mesh-typed-content-hint">(shared from this node)</span>
|
|
|
|
|
</template>
|
|
|
|
|
<template v-else>
|
|
|
|
|
<button
|
|
|
|
|
class="btn"
|
|
|
|
|
:disabled="fetchingCids.has(msg.typed_payload.cid)"
|
|
|
|
|
@click="handleFetchContent(msg.typed_payload as any)"
|
|
|
|
|
>
|
|
|
|
|
{{ fetchingCids.has(msg.typed_payload.cid) ? 'Fetching…' : 'Download' }}
|
|
|
|
|
</button>
|
|
|
|
|
</template>
|
|
|
|
|
</div>
|
2026-04-13 18:50:08 -04:00
|
|
|
<!-- Forwarded message -->
|
|
|
|
|
<div v-else-if="msg.message_type === 'forward' && msg.typed_payload" class="mesh-chat-bubble-text">
|
|
|
|
|
<div class="mesh-chat-forward-header">↪ Forwarded from {{ msg.typed_payload.orig_name || 'unknown' }}</div>
|
|
|
|
|
<div class="mesh-chat-forward-body">{{ msg.plaintext }}</div>
|
|
|
|
|
</div>
|
|
|
|
|
<!-- Deleted tombstone -->
|
|
|
|
|
<div v-else-if="isDeletedMessage(msg)" class="mesh-chat-bubble-text mesh-chat-deleted">🗑 message deleted</div>
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
<!-- Default: plain text -->
|
|
|
|
|
<div v-else class="mesh-chat-bubble-text">{{ msg.plaintext }}</div>
|
|
|
|
|
<div class="mesh-chat-bubble-meta">
|
|
|
|
|
<span v-if="msg.encrypted" class="mesh-chat-e2e">E2E</span>
|
2026-04-13 18:50:08 -04:00
|
|
|
<span v-if="isEditedMessage(msg) !== null" class="mesh-chat-edited">(edited)</span>
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
<span v-if="msg.delivered && msg.direction === 'sent'" class="mesh-chat-ack">✓✓</span>
|
|
|
|
|
<span class="mesh-chat-bubble-time">{{ timeAgo(msg.timestamp) }}</span>
|
2026-04-13 18:50:08 -04:00
|
|
|
<button
|
|
|
|
|
v-if="messageKeyFor(msg) && msg.message_type !== 'reaction'"
|
|
|
|
|
class="mesh-chat-action-trigger"
|
|
|
|
|
:class="{ active: actionMenuForId === msg.id }"
|
|
|
|
|
:title="actionMenuForId === msg.id ? 'Close' : 'React / Reply'"
|
|
|
|
|
@click.stop="openActionMenu(msg.id, $event)"
|
|
|
|
|
>⋯</button>
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
</div>
|
2026-04-13 13:19:30 -04:00
|
|
|
<div v-if="reactionsFor(msg).length > 0" class="mesh-chat-reactions">
|
|
|
|
|
<span
|
|
|
|
|
v-for="chip in reactionsFor(msg)"
|
|
|
|
|
:key="chip.emoji"
|
|
|
|
|
class="mesh-chat-reaction-chip"
|
|
|
|
|
:class="{ 'by-self': chip.by_self }"
|
|
|
|
|
>{{ chip.emoji }}<span v-if="chip.count > 1" class="mesh-chat-reaction-count">{{ chip.count }}</span></span>
|
|
|
|
|
</div>
|
|
|
|
|
<div
|
|
|
|
|
v-if="actionMenuForId === msg.id && messageKeyFor(msg) && msg.message_type !== 'reaction' && activeChatPeer"
|
|
|
|
|
class="mesh-chat-action-menu"
|
|
|
|
|
@click.stop
|
|
|
|
|
>
|
2026-04-13 18:50:08 -04:00
|
|
|
<button class="mesh-chat-action-btn" :disabled="reactionInFlight !== null" @click="startReplyTo(msg)">Reply</button>
|
|
|
|
|
<button class="mesh-chat-action-btn" :disabled="reactionInFlight !== null" @click="forwardToCurrent(msg)">Forward</button>
|
|
|
|
|
<button v-if="msg.direction === 'sent'" class="mesh-chat-action-btn" :disabled="reactionInFlight !== null" @click="startEditOf(msg)">Edit</button>
|
|
|
|
|
<button v-if="msg.direction === 'sent'" class="mesh-chat-action-btn mesh-chat-action-danger" :disabled="reactionInFlight !== null" @click="deleteOwnMessage(msg)">Delete</button>
|
2026-04-13 13:19:30 -04:00
|
|
|
<button
|
|
|
|
|
v-for="emoji in QUICK_REACTIONS"
|
|
|
|
|
:key="emoji"
|
|
|
|
|
class="mesh-chat-reaction-btn"
|
2026-04-13 18:50:08 -04:00
|
|
|
:class="{ 'is-busy': reactionInFlight === `${msg.id}:${emoji}` }"
|
|
|
|
|
:disabled="reactionInFlight !== null"
|
2026-04-13 13:19:30 -04:00
|
|
|
@click="reactTo(msg, emoji)"
|
2026-04-13 18:50:08 -04:00
|
|
|
>
|
|
|
|
|
<span v-if="reactionInFlight === `${msg.id}:${emoji}`" class="mesh-spinner" aria-hidden="true"></span>
|
|
|
|
|
<span v-else>{{ emoji }}</span>
|
|
|
|
|
</button>
|
|
|
|
|
<button class="mesh-chat-action-btn" :disabled="reactionInFlight !== null" @click="closeActionMenu">✕</button>
|
2026-04-13 13:19:30 -04:00
|
|
|
</div>
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
</div>
|
|
|
|
|
</div>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="mesh-chat-compose">
|
|
|
|
|
<div v-if="sendError" class="mesh-chat-send-error">{{ sendError }}</div>
|
2026-04-13 11:10:59 -04:00
|
|
|
<div v-if="attachError" class="mesh-chat-send-error">{{ attachError }}</div>
|
2026-04-13 13:19:30 -04:00
|
|
|
<div v-if="pendingReply" class="mesh-chat-pending-reply">
|
|
|
|
|
<span class="mesh-typed-icon">↳</span>
|
|
|
|
|
<span class="mesh-chat-pending-name">Replying to: {{ pendingReply.preview }}</span>
|
|
|
|
|
<button class="mesh-chat-pending-clear" @click="clearPendingReply" title="Cancel reply">✕</button>
|
|
|
|
|
</div>
|
2026-04-13 18:50:08 -04:00
|
|
|
<div v-if="pendingEdit" class="mesh-chat-pending-reply">
|
|
|
|
|
<span class="mesh-typed-icon">✎</span>
|
|
|
|
|
<span class="mesh-chat-pending-name">Editing: {{ pendingEdit.original_text }}</span>
|
|
|
|
|
<button class="mesh-chat-pending-clear" @click="clearPendingEdit" title="Cancel edit">✕</button>
|
|
|
|
|
</div>
|
2026-04-13 12:58:04 -04:00
|
|
|
<div v-if="pendingAttachment" class="mesh-chat-pending-attachment">
|
|
|
|
|
<span class="mesh-typed-icon">📎</span>
|
|
|
|
|
<span class="mesh-chat-pending-name">{{ pendingAttachment.filename || pendingAttachment.mime }}</span>
|
|
|
|
|
<span class="mesh-chat-pending-size">{{ pendingAttachment.size }} B</span>
|
|
|
|
|
<button class="mesh-chat-pending-clear" @click="clearPendingAttachment" title="Discard attachment">✕</button>
|
|
|
|
|
</div>
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
<div class="mesh-chat-compose-row">
|
2026-04-13 11:10:59 -04:00
|
|
|
<label
|
|
|
|
|
v-if="activeChatPeer"
|
|
|
|
|
class="glass-button mesh-chat-attach-btn"
|
2026-04-13 18:50:08 -04:00
|
|
|
:class="{ 'is-busy': attaching }"
|
2026-04-13 11:10:59 -04:00
|
|
|
:title="attaching ? 'uploading…' : 'Attach file'"
|
|
|
|
|
>
|
|
|
|
|
<input type="file" @change="handleAttachFile" style="display:none;" :disabled="attaching" />
|
2026-04-13 18:50:08 -04:00
|
|
|
<span v-if="attaching" class="mesh-spinner" aria-hidden="true"></span>
|
|
|
|
|
<span v-else>📎</span>
|
2026-04-13 11:10:59 -04:00
|
|
|
</label>
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
<input
|
|
|
|
|
v-model="messageText"
|
|
|
|
|
class="mesh-chat-input"
|
2026-04-13 11:10:59 -04:00
|
|
|
:placeholder="activeChatPeer ? 'Type a message or pick a file…' : 'Type a message...'"
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
maxlength="160"
|
|
|
|
|
@keydown.enter.exact.prevent="handleSendMessage"
|
|
|
|
|
/>
|
|
|
|
|
<button
|
|
|
|
|
class="glass-button mesh-chat-send-btn"
|
2026-04-13 12:58:04 -04:00
|
|
|
:disabled="(!messageText.trim() && !pendingAttachment) || mesh.sending || sendingArch"
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
@click="handleSendMessage"
|
|
|
|
|
>
|
2026-04-13 13:19:30 -04:00
|
|
|
{{ (mesh.sending || sendingArch) ? '...' : (pendingReply ? 'Reply' : (pendingAttachment ? 'Share' : 'Send')) }}
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
</button>
|
|
|
|
|
</div>
|
|
|
|
|
</div>
|
|
|
|
|
</template>
|
|
|
|
|
</div>
|
|
|
|
|
|
2026-03-30 10:24:48 +01:00
|
|
|
<!-- Tools panels (3rd column on wide screens) -->
|
|
|
|
|
<div class="mesh-tools-wrapper" data-controller-zone="mesh-tools">
|
2026-03-21 02:43:28 +00:00
|
|
|
<!-- Tools tab bar (wide desktop only) -->
|
|
|
|
|
<div v-if="isWideDesktop" class="mesh-tools-tab-bar">
|
|
|
|
|
<button class="mesh-tab" :class="{ active: toolsTab === 'bitcoin' }" @click="toolsTab = 'bitcoin'">
|
|
|
|
|
Off-Grid Bitcoin
|
|
|
|
|
<span v-if="mesh.latestBlockHeight > 0" class="mesh-tab-badge">{{ mesh.latestBlockHeight }}</span>
|
feat: Phase 4 — off-grid Bitcoin relay, block headers, dead man's switch
- Typed message dispatch in listener (BlockHeader, TxRelay, LightningRelay, Alert, TxConfirmation)
- Base64 encoding for binary payloads over LoRa (fixes NUL byte truncation)
- Compact block header announcements (88 bytes, fits 160-byte LoRa limit)
- Block header announcer: internet nodes auto-announce new blocks to Archy peers
- TX relay: mesh-only nodes can broadcast transactions via internet-connected peers
- Confirmation tracking: relay node monitors 1/3, 2/3, 3/3 confirmations, sends updates back
- Dead man's switch background task with configurable interval and signed alert broadcast
- 6 new RPC endpoints: relay-tx, block-headers, relay-lightning, deadman-status/configure/checkin
- lnd.create-raw-tx: create signed TX without broadcasting (for mesh relay)
- Web5 wallet: offline detection + "Send via mesh?" prompt with auto relay + confirmation polling
- Mesh.vue: Off-Grid Bitcoin tab, Dead Man tab, Send Bitcoin/Lightning buttons
- TX/Lightning relay sends only to Archy peers (not broadcast to all devices)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-17 15:51:56 +00:00
|
|
|
</button>
|
2026-03-21 02:43:28 +00:00
|
|
|
<button class="mesh-tab" :class="{ active: toolsTab === 'deadman' }" @click="toolsTab = 'deadman'">
|
|
|
|
|
Dead Man
|
|
|
|
|
<span v-if="mesh.deadmanStatus?.triggered" class="mesh-tab-badge mesh-tab-badge-alert">!</span>
|
feat: Phase 4 — off-grid Bitcoin relay, block headers, dead man's switch
- Typed message dispatch in listener (BlockHeader, TxRelay, LightningRelay, Alert, TxConfirmation)
- Base64 encoding for binary payloads over LoRa (fixes NUL byte truncation)
- Compact block header announcements (88 bytes, fits 160-byte LoRa limit)
- Block header announcer: internet nodes auto-announce new blocks to Archy peers
- TX relay: mesh-only nodes can broadcast transactions via internet-connected peers
- Confirmation tracking: relay node monitors 1/3, 2/3, 3/3 confirmations, sends updates back
- Dead man's switch background task with configurable interval and signed alert broadcast
- 6 new RPC endpoints: relay-tx, block-headers, relay-lightning, deadman-status/configure/checkin
- lnd.create-raw-tx: create signed TX without broadcasting (for mesh relay)
- Web5 wallet: offline detection + "Send via mesh?" prompt with auto relay + confirmation polling
- Mesh.vue: Off-Grid Bitcoin tab, Dead Man tab, Send Bitcoin/Lightning buttons
- TX/Lightning relay sends only to Archy peers (not broadcast to all devices)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-17 15:51:56 +00:00
|
|
|
</button>
|
2026-03-21 02:43:28 +00:00
|
|
|
<button class="mesh-tab" :class="{ active: toolsTab === 'map' }" @click="toolsTab = 'map'">
|
|
|
|
|
Map
|
|
|
|
|
<span v-if="mesh.nodePositions.size > 0" class="mesh-tab-badge">{{ mesh.nodePositions.size }}</span>
|
feat: Phase 4 — off-grid Bitcoin relay, block headers, dead man's switch
- Typed message dispatch in listener (BlockHeader, TxRelay, LightningRelay, Alert, TxConfirmation)
- Base64 encoding for binary payloads over LoRa (fixes NUL byte truncation)
- Compact block header announcements (88 bytes, fits 160-byte LoRa limit)
- Block header announcer: internet nodes auto-announce new blocks to Archy peers
- TX relay: mesh-only nodes can broadcast transactions via internet-connected peers
- Confirmation tracking: relay node monitors 1/3, 2/3, 3/3 confirmations, sends updates back
- Dead man's switch background task with configurable interval and signed alert broadcast
- 6 new RPC endpoints: relay-tx, block-headers, relay-lightning, deadman-status/configure/checkin
- lnd.create-raw-tx: create signed TX without broadcasting (for mesh relay)
- Web5 wallet: offline detection + "Send via mesh?" prompt with auto relay + confirmation polling
- Mesh.vue: Off-Grid Bitcoin tab, Dead Man tab, Send Bitcoin/Lightning buttons
- TX/Lightning relay sends only to Archy peers (not broadcast to all devices)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-17 15:51:56 +00:00
|
|
|
</button>
|
|
|
|
|
</div>
|
|
|
|
|
|
2026-03-21 02:43:28 +00:00
|
|
|
<div v-if="showMapPanel" class="glass-card mesh-map-panel"><MeshMap /></div>
|
|
|
|
|
<MeshBitcoinPanel v-if="showBitcoinPanel" />
|
|
|
|
|
<MeshDeadmanPanel v-if="showDeadmanPanel" />
|
feat: Phase 4 — off-grid Bitcoin relay, block headers, dead man's switch
- Typed message dispatch in listener (BlockHeader, TxRelay, LightningRelay, Alert, TxConfirmation)
- Base64 encoding for binary payloads over LoRa (fixes NUL byte truncation)
- Compact block header announcements (88 bytes, fits 160-byte LoRa limit)
- Block header announcer: internet nodes auto-announce new blocks to Archy peers
- TX relay: mesh-only nodes can broadcast transactions via internet-connected peers
- Confirmation tracking: relay node monitors 1/3, 2/3, 3/3 confirmations, sends updates back
- Dead man's switch background task with configurable interval and signed alert broadcast
- 6 new RPC endpoints: relay-tx, block-headers, relay-lightning, deadman-status/configure/checkin
- lnd.create-raw-tx: create signed TX without broadcasting (for mesh relay)
- Web5 wallet: offline detection + "Send via mesh?" prompt with auto relay + confirmation polling
- Mesh.vue: Off-Grid Bitcoin tab, Dead Man tab, Send Bitcoin/Lightning buttons
- TX/Lightning relay sends only to Archy peers (not broadcast to all devices)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-17 15:51:56 +00:00
|
|
|
</div>
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
</div>
|
2026-03-17 00:03:08 +00:00
|
|
|
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
<!-- Mobile tools: show under peers list on first view -->
|
|
|
|
|
<div v-if="showMobileTools" class="mesh-mobile-tools">
|
|
|
|
|
<div class="mesh-tools-tab-bar">
|
|
|
|
|
<button class="mesh-tab" :class="{ active: toolsTab === 'bitcoin' }" @click="toolsTab = 'bitcoin'">
|
|
|
|
|
Off-Grid Bitcoin
|
|
|
|
|
<span v-if="mesh.latestBlockHeight > 0" class="mesh-tab-badge">{{ mesh.latestBlockHeight }}</span>
|
|
|
|
|
</button>
|
|
|
|
|
<button class="mesh-tab" :class="{ active: toolsTab === 'deadman' }" @click="toolsTab = 'deadman'">
|
|
|
|
|
Dead Man
|
|
|
|
|
<span v-if="mesh.deadmanStatus?.triggered" class="mesh-tab-badge mesh-tab-badge-alert">!</span>
|
|
|
|
|
</button>
|
2026-03-19 16:12:01 +00:00
|
|
|
<button class="mesh-tab" :class="{ active: toolsTab === 'map' }" @click="toolsTab = 'map'">
|
|
|
|
|
Map
|
|
|
|
|
<span v-if="mesh.nodePositions.size > 0" class="mesh-tab-badge">{{ mesh.nodePositions.size }}</span>
|
|
|
|
|
</button>
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
</div>
|
2026-03-19 16:12:01 +00:00
|
|
|
<div v-if="showMapPanel" class="glass-card mesh-map-panel"><MeshMap /></div>
|
2026-03-21 02:43:28 +00:00
|
|
|
<MeshBitcoinPanel v-if="showBitcoinPanel" />
|
|
|
|
|
<MeshDeadmanPanel v-if="showDeadmanPanel" />
|
2026-03-17 00:03:08 +00:00
|
|
|
</div>
|
|
|
|
|
</div>
|
2026-04-13 08:48:48 -04:00
|
|
|
|
2026-03-17 00:03:08 +00:00
|
|
|
</div>
|
|
|
|
|
</template>
|
|
|
|
|
|
2026-03-22 03:30:21 +00:00
|
|
|
<!-- Styles extracted to mesh/mesh-styles.css -->
|