Develop Seed Hypermedia

Develop Seed Hypermedia

Develop Seed Hypermedia
/Meeting Notes/Private documents Meeting
Private documents Meeting

Gabo H Beaumont

8 October 2025, 15:44

    User Stories

      As a Writer, I create a private directory on a Site.

      As a Writer, I create a private document in the private documents directory that all the site writers have access to.

        We start with private documents for writing permission.

      As a Writer, I want to embed a private document into a public document.

      As a Writer a publish

      As a writer, when i am removed as a writer I stop syncing new updates.

    Bitswap

      Principles

        Any server can become a Publisher/Canonical Server.

        We must add security in Bitswap.

        Bitswap must not give you blobs that you don't have access to.

        Bitswap must provide you only with the blobs/blocks you request.

        We want to control whether there was a leak.

        Syncing retrieves the hashes, while Bitswap retrieves the content.

    Create a new Bitswap protocol extension.

      There are private and public blobs.

      Peers with the document.

      Handshake to prove that you own an account.

    Publisher Server

      Handshake between a peer and a publisher server.

        Authenticated Sync.

        Non- Authenticated Sync.

      If the peer doesn't authenticate or doesn't have the capability: ACCESS DENIED.

      The Home Document, a public document, needs to have a WebURL (publisher server):

        The Document must store as metadata the Publisher Server. (WebURL or PEERID)

          PEERID signed by the owner.

          WebURL eventually could be a list of websites republishing content.

          We don't know what is the canonical peer of an account. WEBSITES are PUBLIC!

      Solves metadata leaks.

      Always talk with the Server Peer.

      The rest of the Peers don't have the right to distribute the document.

    Security Options

      We want to implement this step by step:

        Know the pointer.

        Authorization.

        Encrypted documents

      Option from Peerblob

        Blob brings a token. You give it only.

    Push

      We need to improve the Push.

      Authenticated Push.

        I need to identify my peer.

      Queue of events.

      works for private documents but always works for public documents.

      The gateway accepts pushes from anyone.

    Tasks

      Syncing needs to know what are public or private documents and authenticate peers.

        Authenticated Handshake. (expiry?) challenge.

        Add security to bitswap.

        only publisher servers distribute private documents.

      Refactor push for a more robust push.

        authentication

      WEBURL: home document metadata for private document with publisher server.

      discovery, id needs to know if they are private. not to reveal private documents.

      ACCESS DENIED Response

      Private listing on Sites.

Powered by Seed Hypermedia