archy/CHANGELOG.md

# Changelog

All notable changes to Archipelago will be documented in this file.

The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## [Unreleased]

## [0.8.0-rc1] - 2026-03-11

### Added

#### W3C Identity & Credentials
- W3C DID Core v1.0 compliant DID Document generation (`did:key` method)
- DID Document verification and cross-node resolution over Tor
- JSON-LD Verifiable Credentials (VC Data Model 2.0, Ed25519Signature2020 proofs)
- Verifiable Presentation creation with selective disclosure
- Credentials management UI at `/dashboard/web5/credentials`

#### Decentralized Web Node (DWN)
- DWN message store with CRUD, protocol registration, and query interface
- DWN HTTP API (`POST /dwn`, `GET /dwn/health`)
- Bidirectional peer sync over Tor via SOCKS proxy
- DWN management UI in Web5 page with protocol browser

#### Multi-Node Federation
- Node federation protocol with invite codes (`fed1:` prefix), trust levels, state sync
- Federation dashboard at `/dashboard/server/federation`
- Federated app deployment to trusted peers over Tor
- Architecture documented in `docs/multi-node-architecture.md`

#### Decentralized Marketplace
- NIP-78 Nostr-based app manifest discovery across relays
- Trust scoring (0-100) based on DID verification, relay consensus, federation trust
- App manifest publishing with Nostr secp256k1 signing
- Community marketplace tab in App Store with trust score badges

#### Networking
- VPN integration (Tailscale + WireGuard) with keypair generation and status display
- Mesh networking via Meshtastic LoRa devices with node discovery
- DNS-over-HTTPS configuration (Cloudflare, Google, Quad9, Mullvad, Custom)
- WiFi/Ethernet configuration via `nmcli` with scan-and-connect modal
- Network interfaces display in Server page

#### Hardware Wallet Support
- PSBT signing flow (create, QR display, finalize, broadcast)
- USB hardware wallet detection (ColdCard, Trezor, Ledger)
- Hardware wallet signing UI in LND views

#### System Management
- System monitoring (CPU, RAM, disk gauges on Dashboard)
- Automatic update system with download, apply, rollback, and scheduling
- Disk space management with auto-cleanup at 90% usage
- Container health monitoring with auto-recovery (max 3 restart attempts)
- Crash recovery via PID-file detection and container snapshot restoration
- Graceful shutdown with in-flight request draining (5s timeout)

#### Backup & Restore
- Full backup with tar.gz + ChaCha20-Poly1305 encryption
- Backup create, list, verify, restore, delete via RPC
- USB drive detection and backup-to-USB
- Backup UI in Settings page

#### Kiosk Mode
- Chromium kiosk with auto-restart and watchdog service
- Recovery page at `/recovery` (no auth required)
- Kiosk keyboard shortcuts (Ctrl+Shift+R/H/Q)
- Systemd services for kiosk and watchdog

#### ARM64 Support
- Cross-compilation for aarch64 with rustls-tls
- All 6 core apps verified with multi-arch images
- Parameterized ISO build script (`ARCH=arm64`)
- RPi 5 testing guide

#### Testing
- 236 frontend tests across 17 test files (Vitest)
- 124+ backend tests (cargo test)
- Playwright visual regression suite (12 pages)
- Chaos testing (SIGKILL recovery, concurrent RPC, rapid restarts)
- App lifecycle testing and dependency chain verification
- 1-week continuous uptime monitoring

#### Documentation
- Developer guide, API reference (100+ endpoints), app developer SDK guide
- 5 Architecture Decision Records (Podman, DID:key, Nostr, Tor, ChaCha20)
- Release process, canary deploy, quality baseline documentation

### Changed
- Settings sections use `glass-card` instead of `path-option-card`
- Web3 card shows "Coming Soon" badges instead of fake data
- Network diagnostics moved from Settings to Server page
- Removed `core/startos/` (2MB of dead code, zero dependencies)

### Fixed
- CSRF protection on all state-changing RPC calls
- CORS restricted to same-origin (removed `Access-Control-Allow-Origin: *`)
- Nginx security headers (X-Frame-Options, CSP, X-Content-Type-Options)
- All 24 silent catch blocks now log in dev mode
- Zero `console.log` outside dev gate, zero `any` types

### Security
- CSRF token validation on all state-changing endpoints
- Same-origin CORS policy
- Nginx security headers (SAMEORIGIN, nosniff, CSP, Referrer-Policy)
- Container security hardened (readonly root, dropped caps, non-root, no-new-privileges)
- Secrets rotation with AES-256-GCM and automatic scheduling

## [0.5.0-beta] - 2026-03-11

### Added

#### Security Hardening
- Session inactivity expiry (24h), max 5 concurrent sessions with oldest eviction
- Session rotation on password change (invalidates all other sessions)
- Container security: `--cap-drop=ALL`, `--security-opt=no-new-privileges:true`, read-only root
- Secrets rotation with AES-256-GCM encryption and metadata tracking
- Path traversal prevention (nginx regex blocks + client-side sanitizePath)
- Cookie-based auth for File Browser (removed token from URLs)
- Login rate limiting (5 failures per 60s per IP)
- TOTP two-factor authentication with backup codes

#### Performance
- Backend startup: ~100ms
- Frontend bundle: ~105 KB gzipped initial load
- WebSocket heartbeat (30s ping/pong) with exponential backoff reconnection
- Server-side 5-minute inactivity timeout for stale WebSocket connections
- Real-time install progress reporting via WebSocket during container pulls
- Connection state machine (connecting/connected/disconnecting/disconnected)

#### Apps & Integrations
- Pinned all container images to specific versions (no `:latest` tags)
- Fedimint and Fedimint Gateway with auto-LND detection
- IndeedHub virtual app integration
- Expanded read-only root filesystem support (electrs, nostr-relay, ollama)
- Dependency chain validation (Bitcoin → Electrs → Mempool, Bitcoin → LND)

#### Documentation
- Comprehensive user guide (docs/user-guide.md)
- Beta release checklist (docs/BETA-RELEASE-CHECKLIST.md)
- 72-hour stability test script

### Fixed
- Penpot hardcoded secret key replaced with SHA256-derived key
- WebSocket reconnection reliability after network interruption

## [0.1.0] - 2026-01-28

### 🎉 Initial Release

The first production release of Archipelago - a next-generation Bitcoin Node OS for macOS.

### Added

#### Core Features
- **Native Rust Backend** - High-performance async server using Tokio and Hyper
- **Modern Vue.js Frontend** - Beautiful glassmorphism UI with Tailwind CSS
- **Docker Integration** - Seamless container orchestration via Docker Desktop
- **Real-time WebSocket** - Live updates for container status and system events
- **Authentication System** - Secure user login and session management

#### Bitcoin & Lightning
- **Bitcoin Core** - Full node in regtest mode with custom UI
- **LND** - Lightning Network Daemon with dedicated interface
- **BTCPay Server** - Bitcoin payment processing
- **Mempool Explorer** - Blockchain visualization and analytics

#### Applications
- **Penpot** - Open-source design and prototyping platform
- **Endurain** - Self-hosted fitness tracking
- **Morphos** - File conversion utility
- **Nextcloud** - Cloud storage and file management
- **Home Assistant** - Home automation hub
- **Grafana** - Metrics and monitoring dashboards
- **OnlyOffice** - Document editing suite
- **SearXNG** - Privacy-respecting search engine
- **Fedimint** - Federated e-cash system

#### User Interface
- **Onboarding Flow** - Guided setup for new users
- **Dashboard** - Real-time system overview
- **My Apps** - Alphabetically sorted app management
- **Cloud Interface** - File management by type (Documents, Photos, Videos, Music)
- **Web5 Explorer** - Decentralized identity and data management
- **Settings** - System configuration and preferences
- **Custom Launch Pages** - Dedicated UIs for Bitcoin Core and LND

#### Technical Features
- **Container Runtime Abstraction** - Support for Docker and Podman
- **Dynamic Package Discovery** - Automatic detection of running containers
- **Health Monitoring** - Container status and health checks
- **Data Persistence** - Docker volumes for app data
- **Network Isolation** - Secure container networking
- **Resource Management** - CPU and memory allocation

### Architecture

- **Backend**: Rust + Tokio + Hyper + WebSocket
- **Frontend**: Vue 3 + TypeScript + Vite + Pinia
- **Styling**: Tailwind CSS + Custom Glassmorphism
- **Containers**: Docker Compose + Dockerode API
- **Build System**: Cargo + npm + macOS App Bundle

### Known Limitations

- Requires Docker Desktop (23.0+)
- macOS only (Intel and Apple Silicon)
- Single-user mode
- No auto-updates (manual download required)
- Ollama excluded due to image size
- Manual Docker container management

### System Requirements

- macOS 10.15 (Catalina) or later
- 8GB RAM minimum (16GB recommended)
- 20GB free disk space (50GB+ for blockchain data)
- Docker Desktop 23.0 or later
- Internet connection for initial container downloads

### Installation

1. Download `Archipelago-0.1.0-macOS.dmg`
2. Open the DMG and drag Archipelago to Applications
3. Install Docker Desktop if not already installed
4. Launch Archipelago from Applications
5. Access the UI at http://localhost:8100

### Security

- **Code Signed**: Yes (Developer ID)
- **Notarized**: Yes (Apple notarization)
- **Sandboxed**: No (requires full disk access for Docker)
- **Hardened Runtime**: Yes
- **Gatekeeper**: Compatible

### Documentation

- README.md - Project overview
- BUILD_MACOS.md - Build instructions
- DEPLOYMENT_CHECKLIST.md - Release process
- docs/ - Detailed documentation

### Credits

Built with:
- Rust (backend)
- Vue.js (frontend)
- Docker (containers)
- Alpine Linux (inspiration)
- Parmanode (Bitcoin scripts)
- And many open-source dependencies

### License

[Specify your license here]

---

## Version History

### 0.1.0 - 2026-01-28
Initial public release

---

## Future Roadmap

See GitHub Issues for planned features:
- [ ] Auto-update system
- [ ] Multi-user support
- [ ] Native container runtime (no Docker Desktop)
- [ ] iOS companion app
- [ ] Hardware wallet integration
- [ ] Tor integration
- [ ] VPN/Tailscale support
- [ ] Backup/restore functionality
- [ ] Mac App Store distribution
- [ ] Windows and Linux builds

## Contributing

See CONTRIBUTING.md for development setup and guidelines.

## Support

- GitHub Issues: Report bugs and request features
- Documentation: See `/docs` directory
- Community: [Discord/Telegram/Forum link]