Tree:
9fed1261ad
imwald
imwald-v0.58.10
imwald-v0.58.5
main
v0.1.0
v0.10.0
v0.10.1
v0.10.2
v0.10.3
v0.10.4
v0.10.5
v0.11.0
v0.11.1
v0.11.2
v0.11.3
v0.12.0
v0.12.1
v0.12.2
v0.12.3
v0.13.0
v0.13.1
v0.13.2
v0.14.0
v0.14.1
v0.14.2
v0.14.3
v0.14.4
v0.15.0
v0.16.0
v0.16.1
v0.16.2
v0.16.3
v0.17.0
v0.17.1
v0.17.10
v0.17.11
v0.17.12
v0.17.13
v0.17.14
v0.17.15
v0.17.16
v0.17.17
v0.17.18
v0.17.2
v0.17.3
v0.17.4
v0.17.5
v0.17.6
v0.17.7
v0.17.8
v0.17.9
v0.18.0
v0.19.0
v0.19.1
v0.19.10
v0.19.2
v0.19.3
v0.19.4
v0.19.5
v0.19.6
v0.19.7
v0.19.8
v0.19.9
v0.2.0
v0.2.1
v0.20.0
v0.20.1
v0.20.2
v0.20.3
v0.20.4
v0.20.5
v0.20.6
v0.21.0
v0.21.1
v0.21.2
v0.21.3
v0.21.4
v0.22.0
v0.23.0
v0.23.1
v0.23.3
v0.23.4
v0.24.0
v0.24.1
v0.24.2
v0.24.3
v0.24.4
v0.24.5
v0.24.6
v0.24.7
v0.25.0
v0.25.1
v0.25.3
v0.25.4
v0.25.5
v0.25.6
v0.25.7
v0.26.0
v0.26.1
v0.26.2
v0.26.3
v0.26.4
v0.27.0
v0.27.1
v0.27.2
v0.27.3
v0.27.4
v0.27.5
v0.27.6
v0.27.7
v0.27.8
v0.27.9
v0.28.0
v0.28.1
v0.28.3
v0.29.0
v0.29.1
v0.29.10
v0.29.11
v0.29.12
v0.29.13
v0.29.14
v0.29.15
v0.29.16
v0.29.17
v0.29.18
v0.29.19
v0.29.2
v0.29.20
v0.29.3
v0.29.4
v0.29.6
v0.29.7
v0.29.8
v0.29.9
v0.3.0
v0.3.1
v0.3.2
v0.30.0
v0.30.1
v0.30.2
v0.30.3
v0.31.0
v0.31.1
v0.31.1-bump
v0.31.10
v0.31.11
v0.31.2
v0.31.3
v0.31.4
v0.31.5
v0.31.6
v0.31.7
v0.31.8
v0.31.9
v0.32.0
v0.32.1
v0.32.2
v0.32.3
v0.32.4
v0.32.5
v0.32.6
v0.32.7
v0.33.0
v0.33.1
v0.34.0
v0.34.1
v0.34.2
v0.34.3
v0.34.4
v0.34.5
v0.34.6
v0.34.7
v0.35.0
v0.35.1
v0.35.2
v0.35.3
v0.35.4
v0.35.5
v0.36.0
v0.36.1
v0.36.10
v0.36.11
v0.36.12
v0.36.13
v0.36.14
v0.36.15
v0.36.16
v0.36.17
v0.36.18
v0.36.19
v0.36.2
v0.36.20
v0.36.21
v0.36.22
v0.36.23
v0.36.3
v0.36.4
v0.36.5
v0.36.6
v0.36.7
v0.36.8
v0.36.9
v0.37.0
v0.37.1
v0.37.2
v0.37.3
v0.38.0
v0.38.1
v0.39.0
v0.39.1
v0.39.2
v0.39.3
v0.39.4
v0.4.0
v0.4.1
v0.4.2
v0.4.3
v0.4.4
v0.4.5
v0.4.6
v0.4.9
v0.40.0
v0.40.1
v0.41.0
v0.42.0
v0.43.0
v0.43.1
v0.44.0
v0.44.1
v0.44.2
v0.44.3
v0.44.4
v0.44.5
v0.44.6
v0.44.7
v0.46.0
v0.46.1
v0.46.2
v0.47.0
v0.47.1
v0.48.1
v0.48.10
v0.48.11
v0.48.12
v0.48.13
v0.48.14
v0.48.15
v0.48.8
v0.48.9
v0.49.0
v0.49.1
v0.49.2
v0.50.0
v0.50.1
v0.51.0
v0.52.0
v0.52.1
v0.52.10
v0.52.11
v0.52.12
v0.52.17
v0.52.2
v0.52.3
v0.52.4
v0.52.5
v0.52.6
v0.52.7
v0.52.8
v0.52.9
v0.53.0
v0.53.1
v0.54.0
v0.55.0
v0.55.10
v0.55.11
v0.55.4
v0.55.5
v0.55.6
v0.56.0
v0.56.1
v0.56.2
v0.56.3
v0.56.4
v0.56.5
v0.56.6
v0.56.8
v0.56.9
v0.57.0
v0.57.1
v0.57.2
v0.58.0
v0.58.1
v0.58.2
v0.58.3
v0.58.4
v0.58.5
v0.6.0
v0.6.1
v0.6.2
v0.6.3
v0.6.4
v0.7.1
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.8.4
v0.8.5
v0.8.6
v0.8.7
v0.8.8
v0.8.9
v0.9.0
v0.9.1
v0.9.2
v0.9.3
v4.1.0
${ noResults }
2 Commits (9fed1261ad64a1bbce86e22a00e0d4952738f0cb)
| Author | SHA1 | Message | Date |
|---|---|---|---|
mleku
|
ea4a54c5e7 |
Add Cashu blind signature access tokens (NIP-XX draft)
Implements privacy-preserving bearer tokens for relay access control using Cashu-style blind signatures. Tokens prove whitelist membership without linking issuance to usage. Features: - BDHKE crypto primitives (HashToCurve, Blind, Sign, Unblind, Verify) - Keyset management with weekly rotation - Token format with kind permissions and scope isolation - Generic issuer/verifier with pluggable authorization - HTTP endpoints: POST /cashu/mint, GET /cashu/keysets, GET /cashu/info - ACL adapter bridging ORLY's access control to Cashu AuthzChecker - Stateless revocation via ACL re-check on each token use - Two-token rotation for seamless renewal (max 2 weeks after blacklist) Configuration: - ORLY_CASHU_ENABLED: Enable Cashu tokens - ORLY_CASHU_TOKEN_TTL: Token validity (default: 1 week) - ORLY_CASHU_SCOPES: Allowed scopes (relay, nip46, blossom, api) - ORLY_CASHU_REAUTHORIZE: Re-check ACL on each verification Files: - pkg/cashu/bdhke/: Core blind signature cryptography - pkg/cashu/keyset/: Keyset management and rotation - pkg/cashu/token/: Token format with kind permissions - pkg/cashu/issuer/: Token issuance with authorization - pkg/cashu/verifier/: Token verification with middleware - pkg/interfaces/cashu/: AuthzChecker, KeysetStore interfaces - pkg/bunker/acl_adapter.go: ORLY ACL integration - app/handle-cashu.go: HTTP endpoints - docs/NIP-XX-CASHU-ACCESS-TOKENS.md: Full specification 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> |
5 months ago |
|
mleku
|
e84949140b |
Add WireGuard VPN with random /31 subnet isolation (v0.40.0)
- Add embedded WireGuard VPN server using wireguard-go + netstack - Implement deterministic /31 subnet allocation from seed + sequence - Use Badger's built-in Sequence for atomic counter allocation - Add NIP-46 bunker server for remote signing over VPN - Add revoked key tracking and access audit logging for users - Add Bunker tab to web UI with WireGuard/bunker QR codes - Support key regeneration with old keypair archiving New environment variables: - ORLY_WG_ENABLED: Enable WireGuard VPN server - ORLY_WG_PORT: UDP port for WireGuard (default 51820) - ORLY_WG_ENDPOINT: Public endpoint for WireGuard - ORLY_WG_NETWORK: Base network for subnet pool (default 10.0.0.0/8) - ORLY_BUNKER_ENABLED: Enable NIP-46 bunker - ORLY_BUNKER_PORT: WebSocket port for bunker (default 3335) Files added: - pkg/wireguard/: WireGuard server, keygen, subnet pool, errors - pkg/bunker/: NIP-46 bunker server and session handling - pkg/database/wireguard.go: Peer storage with audit logging - app/handle-wireguard.go: API endpoints for config/regenerate/audit - app/wireguard-helpers.go: Key derivation helpers - app/web/src/BunkerView.svelte: Bunker UI with QR codes 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> |
5 months ago |