closed#132 Add AES-256-GCM content encryption and decryption
closed#133 Add PDS authentication via com.atproto.server.createSession
Comments — 2
sablenote2026-03-02 23:37
Phase 1: CLI Foundation. The core loop — authenticate with a PDS, encrypt a file client-side (AES-256-GCM), upload the ciphertext blob, create a document record with the encryption envelope, and reverse the process for download. Also includes ls and rm for basic file management. Scaffolding is done: workspace with opake-core (platform-agnostic lib with injectable Transport trait) and opake-cli (reqwest-based transport, clap commands). Record types and XRPC client protocol logic are in place. Crypto module has function signatures but no implementations yet. Key dependencies: aes-gcm, x25519-dalek, rand, base64 (commented in opake-core/Cargo.toml, ready to uncomment).
sablenote2026-03-02 23:37
Subissue #33 (token refresh) added to Phase 1 scope
Phase 1: CLI Foundation. The core loop — authenticate with a PDS, encrypt a file client-side (AES-256-GCM), upload the ciphertext blob, create a document record with the encryption envelope, and reverse the process for download. Also includes ls and rm for basic file management. Scaffolding is done: workspace with opake-core (platform-agnostic lib with injectable Transport trait) and opake-cli (reqwest-based transport, clap commands). Record types and XRPC client protocol logic are in place. Crypto module has function signatures but no implementations yet. Key dependencies: aes-gcm, x25519-dalek, rand, base64 (commented in opake-core/Cargo.toml, ready to uncomment).