+1603

readme-brainstorm.org

··· 1 1 + * uncategorized notes 2 2 + 3 3 + ** sync 4 4 + - each client keeps the full data set 5 5 + - dexie sync and observable let us stream change sets 6 6 + - we can publish the "latest" to all peers 7 7 + - on first pull, if not the first client, we can request a dump out of band 8 8 + 9 9 + *** rss feed data 10 10 + - do we want to backup feed data? 11 11 + - conceptually, this should be refetchable 12 12 + - but feeds go away, and some will only show recent stories 13 13 + - so yes, we'll need this 14 14 + - but server side, we can dedupe 15 15 + - content-addressed server-side cache? 16 16 + 17 17 + - server side does RSS pulling 18 18 + - can feeds be marked private, such that they won't be pulled through the proxy? 19 19 + - but then we require everything to be fetchable via cors 20 20 + - client configured proxy settings? 21 21 + 22 22 + *** peer connection 23 23 + - on startup, check for current realm-id and key pair 24 24 + - if not present, ask to login or start new 25 25 + - if login, run through the [[* pairing]] process 26 26 + - if start new, run through the [[* registration]] process 27 27 + - use keypair to authenticate to server 28 28 + - response includes list of active peers to connect 29 29 + - clients negotiate sync from there 30 30 + - an identity is a keypair and a realm 31 31 + 32 32 + - realm is uuid 33 33 + - realm on the server is the socket connection for peer discovery 34 34 + - keeps a list of verified public keys 35 35 + - and manages the /current/ ~public-key->peer ids~ mapping 36 36 + - realm on the client side is first piece of info required for sync 37 37 + - when connecting to the signalling server, you present a realm, and a signed public key 38 38 + - server accepts/rejects based on signature and current verified keys 39 39 + 40 40 + - a new keypair can create a realm 41 41 + 42 42 + - a new keypair can double sign an invitation 43 43 + - invite = ~{ realm:, nonce:, not_before:, not_after:, authorizer: }~, signed with verified key 44 44 + - exchanging an invite = ~{ invite: }~, signed with my key 45 45 + 46 46 + - on startup 47 47 + - start stand-alone (no syncing required, usually the case on first-run) 48 48 + - generate a keypair 49 49 + - want server backup? 50 50 + - sign a "setup" message with new keypair and send to the server 51 51 + - server responds with a new realm, that this keypair is already verified for 52 52 + - move along 53 53 + - exchange invite to sync to other devices 54 54 + - generate a keypair 55 55 + - sign the exchange message with the invite and send to the server 56 56 + - server verifies the invite 57 57 + - adds the new public key to the peer list and publishes downstream 58 58 + - move along 59 59 + 60 60 + ***** standalone 61 61 + in this mode, there is no syncing. this is the most likely first-time run option. 62 62 + 63 63 + - generate a keypair on startup, so we have a stable fingerprint in the future 64 64 + - done 65 65 + 66 66 + ***** pairing 67 67 + in this mode, there is syncing to a named realm, but not necessarily server resources consumed 68 68 + we don't need an email, since the server is just doing signalling and peer management 69 69 + 70 70 + - generate an invite from an existing verified peer 71 71 + - ~{ realm:, not_before:, not_after:, inviter: peer.public_key }~ 72 72 + - sign that invitation from the existing verified peer 73 73 + 74 74 + - standalone -> paired 75 75 + - get the invitation somehow (QR code?) 76 76 + - sign an invite exchange with the standalone's public key 77 77 + - send to server 78 78 + - server verifies the invite 79 79 + - adds the new public key to the peer list and publishes downstream 80 80 + 81 81 + ***** server backup 82 82 + in this mode, there is syncing to a named realm by email. 83 83 + 84 84 + goal of server backup mode is that we can go from email->fully working client with latest data without having to have any clients left around that could participate in the sync. 85 85 + 86 86 + - generate a keypair on startup 87 87 + - sign a registration message sent to the server 88 88 + - send a verification email 89 89 + - if email/realm already exists, this is authorization 90 90 + - if not, it's email validation 91 91 + - server starts a realm and associates the public key 92 92 + - server acts as a peer for the realm, and stores private data 93 93 + 94 94 + - since dexie is publishing change sets, we should be able to just store deltas 95 95 + - but we'll need to store _all_ deltas, unless we're materializing on the server side too 96 96 + - should we use an indexdb shim so we can import/export from the server for clean start? 97 97 + - how much materialization does the server need? 98 98 + 99 99 + ** summarized architecture design (may 28-29) :ai:claude: 100 100 + 101 101 + key decisions and system design: 102 102 + 103 103 + *** sync model 104 104 + - device-specific records for playback state/queues to avoid conflicts 105 105 + - content-addressed server cache with deduplication 106 106 + - dual-JWT invitation flow for secure realm joining 107 107 + 108 108 + *** data structures 109 109 + - tag-based filtering system instead of rigid hierarchies 110 110 + - regex patterns for episode title parsing and organization 111 111 + - service worker caching with background download support 112 112 + 113 113 + *** core schemas 114 114 + **** client (dexie) 115 115 + - Channel/ChannelEntry for RSS feeds and episodes 116 116 + - PlayRecord/QueueItem scoped by deviceId 117 117 + - FilterView for virtual feed organization 118 118 + 119 119 + **** server (drizzle) 120 120 + - ContentStore for deduplicated content by hash 121 121 + - Realm/PeerConnection for sync authorization 122 122 + - HttpCache with health tracking and TTL 123 123 + 124 124 + *** push sync strategy 125 125 + - revision-based sync (just send revision ranges in push notifications) 126 126 + - background fetch API for large downloads where supported 127 127 + - graceful degradation to reactive caching 128 128 + 129 129 + *** research todos :ai:claude: 130 130 + **** sync and data management 131 131 + ***** DONE identity and signature management 132 132 + ***** TODO dexie sync capabilities vs rxdb for multi-device sync implementation 133 133 + ***** TODO webrtc p2p sync implementation patterns and reliability 134 134 + ***** TODO conflict resolution strategies for device-specific data in distributed sync 135 135 + ***** TODO content-addressed deduplication algorithms for rss/podcast content 136 136 + **** client-side storage and caching 137 137 + ***** TODO opfs storage limits and cleanup strategies for client-side caching 138 138 + ***** TODO practical background fetch api limits and edge cases for podcast downloads 139 139 + **** automation and intelligence 140 140 + ***** TODO llm-based regex generation for episode title parsing automation 141 141 + ***** TODO push notification subscription management and realm authentication 142 142 + **** platform and browser capabilities 143 143 + ***** TODO browser audio api capabilities for podcast-specific features (speed, silence skip) 144 144 + ***** TODO progressive web app installation and platform-specific behaviors 145 145 + 146 146 + ** <2025-05-28 Wed> 147 147 + getting everything setup 148 148 + 149 149 + the biggest open question I have is what sort of privacy/encryption guarantee I need. I 150 150 + want the server to be able to do things like cache and store feed data long-term. 151 151 + 152 152 + Is "if you want full privacy, self-host" valid? 153 153 + 154 154 + *** possibilities 155 155 + 156 156 + - fully PWA 157 157 + - CON: cors, which would require a proxy anyway 158 158 + - CON: audio analysis, llm based stuff for categorization, etc. won't work 159 159 + - PRO: private as all get out 160 160 + - can still do WebRTC p2p sync for resiliancy 161 161 + - can still do server backups, if sync stream is encrypted, but no compaction would be available 162 162 + - could do _explicit_ server backups as dump files 163 163 + 164 164 + - self hostable 165 165 + - PRO: can do bunches of private stuff on the server, because if you don't want me to see it, do it elsewhere 166 166 + - CON: hard for folk to use 167 167 + 168 168 + *** sync conflict resolution design discussion :ai:claude: 169 169 + 170 170 + discussed the sync architecture and dexie conflict handling: 171 171 + 172 172 + *dexie syncable limitations*: 173 173 + - logical clocks handle causally-related changes well 174 174 + - basic timestamp-based conflict resolution for concurrent updates 175 175 + - last-writer-wins for same field conflicts 176 176 + - no sophisticated CRDT or vector clock support 177 177 + 178 178 + *solutions for podcast-specific conflicts*: 179 179 + 180 180 + - play records: device-specific approach 181 181 + - store separate ~play_records~ per ~device_id~ 182 182 + - each record: ~{ episode_id, device_id, position, completed, timestamp }~ 183 183 + - UI handles conflict resolution with "continue from X device?" prompts 184 184 + - avoids arbitrary timestamp wins, gives users control 185 185 + 186 186 + - subscription trees 187 187 + - store ~parent_path~ as single string field ("/Tech/Programming") 188 188 + - simpler than managing folder membership tables 189 189 + - conflicts still possible but contained to single field 190 190 + - could store move operations as events for richer resolution 191 191 + 192 192 + *other sync considerations*: 193 193 + - settings/preferences: distinguish device-local vs global 194 194 + - bulk operations: "mark all played" can create duplicate operations 195 195 + - metadata updates: server RSS updates vs local renames 196 196 + - temporal ordering: recently played lists, queue reordering 197 197 + - storage limits: cleanup operations conflicting across devices 198 198 + - feed state: refresh timestamps, error states 199 199 + 200 200 + *approach*: prefer "events not state" pattern and device-specific records where semantic conflicts are likely 201 201 + 202 202 + *** data model brainstorm :ai:claude: 203 203 + 204 204 + core entities designed with sync in mind: 205 205 + 206 206 + **** ~Feed~ :: RSS/podcast subscription 207 207 + - ~parent_path~ field for folder structure (eg. ~/Tech/Programming~) 208 208 + - ~is_private~ flag to skip server proxy 209 209 + - ~refresh_interval~ for custom update frequencies 210 210 + 211 211 + **** ~Episode~ :: individual podcast episodes 212 212 + - standard RSS metadata (guid, title, description, media url) 213 213 + - duration and file info for playback 214 214 + 215 215 + **** ~PlayRecord~ :: device-specific playback state 216 216 + - separate record per ~device_id~ to avoid timestamp conflicts 217 217 + - position, completed status, playback speed 218 218 + - UI can prompt "continue from X device?" for resolution 219 219 + 220 220 + **** ~QueueItem~ :: device-specific episode queue 221 221 + - ordered list with position field 222 222 + - ~device_id~ scoped to avoid queue conflicts 223 223 + 224 224 + **** ~Subscription~ :: feed membership settings 225 225 + - can be global or device-specific 226 226 + - auto-download preferences per device 227 227 + 228 228 + **** ~Settings~ :: split global vs device-local 229 229 + - theme, default speed = global 230 230 + - download path, audio device = device-local 231 231 + 232 232 + **** Event tables for complex operations: 233 233 + - ~FeedMoveEvent~ for folder reorganization 234 234 + - ~BulkMarkPlayedEvent~ for "mark all read" operations 235 235 + - better conflict resolution than direct state updates 236 236 + 237 237 + **** sync considerations 238 238 + - device identity established on first run 239 239 + - dexie syncable handles basic timestamp conflicts 240 240 + - prefer device-scoped records for semantic conflicts 241 241 + - event-driven pattern for bulk operations 242 242 + 243 243 + *** schema evolution from previous iteration :ai:claude: 244 244 + 245 245 + reviewed existing schema from tmp/feed.ts - well designed foundation: 246 246 + 247 247 + **** keep from original 248 248 + - Channel/ChannelEntry naming and structure 249 249 + - ~refreshHP~ adaptive refresh system (much better than simple intervals) 250 250 + - rich podcast metadata (people, tags, enclosure, podcast object) 251 251 + - HTTP caching with etag/status tracking 252 252 + - epoch millisecond timestamps 253 253 + - ~hashId()~ approach for entry IDs 254 254 + 255 255 + **** add for multi-device sync 256 256 + - ~PlayState~ table (device-scoped position/completion) 257 257 + - Subscription table (with ~parentPath~ for folders, device-scoped settings) 258 258 + - ~QueueItem~ table (device-scoped episode queues) 259 259 + - Device table (identity management) 260 260 + 261 261 + **** migration considerations 262 262 + - existing Channel/ChannelEntry can be preserved 263 263 + - new tables are additive 264 264 + - ~fetchAndUpsert~ method works well with server proxy architecture 265 265 + - dexie sync vs rxdb - need to evaluate change tracking capabilities 266 266 + 267 267 + *** content-addressed caching for offline resilience :ai:claude: 268 268 + 269 269 + designed caching system for when upstream feeds fail/disappear, building on existing cache-schema.ts: 270 270 + 271 271 + **** server-side schema evolution (drizzle sqlite): 272 272 + - keep existing ~httpCacheTable~ design (health tracking, http headers, ttl) 273 273 + - add ~contentHash~ field pointing to deduplicated content 274 274 + - new ~contentStoreTable~: deduplicated blobs by sha256 hash 275 275 + - new ~contentHistoryTable~: url -> contentHash timeline with isLatest flag 276 276 + - reference counting for garbage collection 277 277 + 278 278 + **** client-side OPFS storage 279 279 + - ~/cache/content/{contentHash}.xml~ for raw feeds 280 280 + - ~/cache/media/{contentHash}.mp3~ for podcast episodes 281 281 + - ~LocalCacheEntry~ metadata tracks expiration and offline-only flags 282 282 + - maintains last N versions per feed for historical access 283 283 + 284 284 + **** fetch strategy & fallback 285 285 + 1. check local OPFS cache first (fastest) 286 286 + 2. try server proxy ~/api/feed?url={feedUrl}~ (deduplicated) 287 287 + 3. server checks ~contentHistory~, serves latest or fetches upstream 288 288 + 4. server returns ~{contentHash, content, cached: boolean}~ 289 289 + 5. client stores with content hash as filename 290 290 + 6. emergency mode: serve stale content when upstream fails 291 291 + 292 292 + - preserves existing health tracking and HTTP caching logic 293 293 + - popular feeds cached once on server, many clients benefit 294 294 + - bandwidth savings via content hash comparison 295 295 + - historical feed state preservation (feeds disappear!) 296 296 + - true offline operation after initial sync 297 297 + 298 298 + ** <2025-05-29 Thu> :ai:claude: 299 299 + e2e encryption and invitation flow design 300 300 + 301 301 + worked through the crypto and invitation architecture. key decisions: 302 302 + 303 303 + *** keypair strategy 304 304 + - use jwk format for interoperability (server stores public keys) 305 305 + - ed25519 for signing, separate x25519 for encryption if needed 306 306 + - zustand lazy initialization pattern: ~ensureKeypair()~ on first use 307 307 + - store private jwk in persisted zustand state 308 308 + 309 309 + *** invitation flow: dual-jwt approach 310 310 + solved the chicken-and-egg problem of sharing encryption keys securely. 311 311 + 312 312 + **** qr code contains two signed jwts: 313 313 + 1. invitation token: ~{iss: inviter_fingerprint, sub: invitation_id, purpose: "realm_invite"}~ 314 314 + 2. encryption key token: ~{iss: inviter_fingerprint, ephemeral_private: base64_key, purpose: "ephemeral_key"}~ 315 315 + 316 316 + **** exchange process: 317 317 + 1. invitee posts jwt1 + their public keys to ~/invitations~ 318 318 + 2. server verifies jwt1 signature against realm members 319 319 + 3. if valid: adds invitee to realm, returns ~{realm_id, realm_members, encrypted_realm_key}~ 320 320 + 4. invitee verifies jwt2 signature against returned realm members 321 321 + 5. invitee extracts ephemeral private key, decrypts realm encryption key 322 322 + 323 323 + **** security properties: 324 324 + - server never has decryption capability (missing ephemeral private key) 325 325 + - both jwts must be signed by verified realm member 326 326 + - if first exchange fails, second jwt is cryptographically worthless 327 327 + - atomic operation: identity added only if invitation valid 328 328 + - built-in expiration and tamper detection via jwt standard 329 329 + 330 330 + **** considered alternatives: 331 331 + - raw ephemeral keys in qr: simpler but no authenticity 332 332 + - ecdh key agreement: chicken-and-egg problem with public key exchange 333 333 + - server escrow: good but missing authentication layer 334 334 + - password-based: requires secure out-of-band sharing 335 335 + 336 336 + the dual-jwt approach provides proper authenticated invitations while maintaining e2e encryption properties. 337 337 + 338 338 + **** refined dual-jwt with ephemeral signing 339 339 + simplified the approach by using ephemeral key for second jwt signature: 340 340 + 341 341 + **setup**: 342 342 + 1. inviter generates ephemeral keypair 343 343 + 2. encrypts realm key with ephemeral private key 344 344 + 3. posts to server: ~{invitation_id, realm_id, ephemeral_public, encrypted_realm_key}~ 345 345 + 346 346 + **qr code contains**: 347 347 + #+BEGIN_SRC json 348 348 + // JWT 1: signed with inviter's realm signing key 349 349 + { 350 350 + "realm_id": "uuid", 351 351 + "invitation_id": "uuid", 352 352 + "iss": "inviter_fingerprint" 353 353 + } 354 354 + 355 355 + // JWT 2: signed with ephemeral private key 356 356 + { 357 357 + "ephemeral_private": "base64_key", 358 358 + "invitation_id": "uuid" 359 359 + } 360 360 + #+END_SRC 361 361 + 362 362 + **exchange flow**: 363 363 + 1. submit jwt1 → server verifies against realm members → returns ~{invitation_id, realm_id, ephemeral_public, encrypted_realm_key}~ 364 364 + 2. verify jwt2 signature using ~ephemeral_public~ from server response 365 365 + 3. extract ~ephemeral_private~ from jwt2, decrypt realm key 366 366 + 367 367 + **benefits over previous version**: 368 368 + - no premature key disclosure (invitee keys shared via normal webrtc peering) 369 369 + - self-contained verification (ephemeral public key verifies jwt2) 370 370 + - cleaner separation of realm auth vs encryption key distribution 371 371 + - simpler flow (no need to return realm member list) 372 372 + 373 373 + **crypto verification principle**: digital signatures work as sign-with-private/verify-with-public, while encryption works as encrypt-with-public/decrypt-with-private. jwt2 verification uses signature verification, not decryption. 374 374 + 375 375 + **invitation flow diagram**: 376 376 + #+BEGIN_SRC mermaid 377 377 + sequenceDiagram 378 378 + participant I as Inviter 379 379 + participant S as Server 380 380 + participant E as Invitee 381 381 + 382 382 + Note over I: Generate ephemeral keypair 383 383 + I->>I: ephemeral_private, ephemeral_public 384 384 + 385 385 + Note over I: Encrypt realm key 386 386 + I->>I: encrypted_realm_key = encrypt(realm_key, ephemeral_private) 387 387 + 388 388 + I->>S: POST /invitations<br/>{invitation_id, realm_id, ephemeral_public, encrypted_realm_key} 389 389 + S-->>I: OK 390 390 + 391 391 + Note over I: Create JWTs for QR code 392 392 + I->>I: jwt1 = sign({realm_id, invitation_id}, inviter_private) 393 393 + I->>I: jwt2 = sign({ephemeral_private, invitation_id}, ephemeral_private) 394 394 + 395 395 + Note over I,E: QR code contains [jwt1, jwt2] 396 396 + 397 397 + E->>S: POST /invitations/exchange<br/>{jwt1} 398 398 + Note over S: Verify jwt1 signature<br/>against realm members 399 399 + S-->>E: {invitation_id, realm_id, ephemeral_public, encrypted_realm_key} 400 400 + 401 401 + Note over E: Verify jwt2 signature<br/>using ephemeral_public 402 402 + E->>E: verify_signature(jwt2, ephemeral_public) 403 403 + 404 404 + Note over E: Extract key and decrypt 405 405 + E->>E: ephemeral_private = decode(jwt2) 406 406 + E->>E: realm_key = decrypt(encrypted_realm_key, ephemeral_private) 407 407 + 408 408 + Note over E: Now member of realm! 409 409 + #+END_SRC 410 410 + 411 411 + **** jwk keypair generation and validation :ai:claude: 412 412 + 413 413 + discussed jwk vs raw crypto.subtle for keypair storage. since public keys need server storage for realm authorization, jwk is better for interoperability. 414 414 + 415 415 + **keypair generation**: 416 416 + #+BEGIN_SRC typescript 417 417 + const keypair = await crypto.subtle.generateKey( 418 418 + { name: "Ed25519" }, 419 419 + true, 420 420 + ["sign", "verify"] 421 421 + ); 422 422 + 423 423 + const publicJWK = await crypto.subtle.exportKey("jwk", keypair.publicKey); 424 424 + const privateJWK = await crypto.subtle.exportKey("jwk", keypair.privateKey); 425 425 + 426 426 + // JWK format: 427 427 + { 428 428 + "kty": "OKP", 429 429 + "crv": "Ed25519", 430 430 + "x": "base64url-encoded-public-key", 431 431 + "d": "base64url-encoded-private-key" // only in private JWK 432 432 + } 433 433 + #+END_SRC 434 434 + 435 435 + **client validation**: 436 436 + #+BEGIN_SRC typescript 437 437 + function isValidEd25519PublicJWK(jwk: any): boolean { 438 438 + return ( 439 439 + typeof jwk === 'object' && 440 440 + jwk.kty === 'OKP' && 441 441 + jwk.crv === 'Ed25519' && 442 442 + typeof jwk.x === 'string' && 443 443 + jwk.x.length === 43 && // base64url Ed25519 public key length 444 444 + !jwk.d && // public key shouldn't have private component 445 445 + !jwk.use || jwk.use === 'sig' 446 446 + ); 447 447 + } 448 448 + 449 449 + async function validatePublicKey(publicJWK: JsonWebKey): Promise<CryptoKey | null> { 450 450 + try { 451 451 + if (!isValidEd25519PublicJWK(publicJWK)) return null; 452 452 + 453 453 + const key = await crypto.subtle.importKey( 454 454 + 'jwk', 455 455 + publicJWK, 456 456 + { name: 'Ed25519' }, 457 457 + false, 458 458 + ['verify'] 459 459 + ); 460 460 + 461 461 + return key; 462 462 + } catch { 463 463 + return null; 464 464 + } 465 465 + } 466 466 + #+END_SRC 467 467 + 468 468 + **server validation (node.js)**: 469 469 + #+BEGIN_SRC typescript 470 470 + import { webcrypto } from 'node:crypto'; 471 471 + 472 472 + async function validateClientPublicKey(publicJWK: JsonWebKey): Promise<boolean> { 473 473 + try { 474 474 + if (!isValidEd25519PublicJWK(publicJWK)) return false; 475 475 + 476 476 + await webcrypto.subtle.importKey( 477 477 + 'jwk', 478 478 + publicJWK, 479 479 + { name: 'Ed25519' }, 480 480 + false, 481 481 + ['verify'] 482 482 + ); 483 483 + 484 484 + return true; 485 485 + } catch { 486 486 + return false; 487 487 + } 488 488 + } 489 489 + #+END_SRC 490 490 + 491 491 + **authentication flow**: 492 492 + #+BEGIN_SRC typescript 493 493 + // client signs message 494 494 + const authMessage = { 495 495 + realm: 'uuid-here', 496 496 + timestamp: Date.now(), 497 497 + action: 'join' 498 498 + }; 499 499 + 500 500 + const signature = await crypto.subtle.sign( 501 501 + 'Ed25519', 502 502 + privateKey, 503 503 + new TextEncoder().encode(JSON.stringify(authMessage)) 504 504 + ); 505 505 + 506 506 + // server verifies 507 507 + async function verifyAuth(req: AuthRequest): Promise<boolean> { 508 508 + const publicKey = await webcrypto.subtle.importKey( 509 509 + 'jwk', 510 510 + req.publicKey, 511 511 + { name: 'Ed25519' }, 512 512 + false, 513 513 + ['verify'] 514 514 + ); 515 515 + 516 516 + const messageBytes = new TextEncoder().encode(JSON.stringify(req.message)); 517 517 + const signatureBytes = new Uint8Array(req.signature); 518 518 + 519 519 + return await webcrypto.subtle.verify( 520 520 + 'Ed25519', 521 521 + publicKey, 522 522 + signatureBytes, 523 523 + messageBytes 524 524 + ); 525 525 + } 526 526 + #+END_SRC 527 527 + 528 528 + **** proposed schemas :ai:claude: 529 529 + 530 530 + ***** client-side schema (dexie) 531 531 + 532 532 + #+BEGIN_SRC typescript 533 533 + // Core RSS/Podcast data (from your existing design) 534 534 + interface Channel { 535 535 + id: string; 536 536 + feedUrl: string; 537 537 + htmlUrl?: string; 538 538 + imageUrl?: string; 539 539 + title?: string; 540 540 + description?: string; 541 541 + language?: string; 542 542 + people?: Record<string, string>; 543 543 + tags?: string[]; 544 544 + 545 545 + // Refresh management 546 546 + refreshHP: number; 547 547 + nextRefreshAt?: number; 548 548 + lastRefreshAt?: number; 549 549 + lastRefreshStatus?: string; 550 550 + lastRefreshHttpStatus?: number; 551 551 + lastRefreshHttpEtag?: string; 552 552 + 553 553 + // Cache info 554 554 + contentHash?: string; 555 555 + lastFetchedAt?: number; 556 556 + } 557 557 + 558 558 + interface ChannelEntry { 559 559 + id: string; 560 560 + channelId: string; 561 561 + guid: string; 562 562 + title: string; 563 563 + linkUrl?: string; 564 564 + imageUrl?: string; 565 565 + snippet?: string; 566 566 + content?: string; 567 567 + 568 568 + enclosure?: { 569 569 + url: string; 570 570 + type?: string; 571 571 + length?: number; 572 572 + }; 573 573 + 574 574 + podcast?: { 575 575 + explicit?: boolean; 576 576 + duration?: string; 577 577 + seasonNum?: number; 578 578 + episodeNum?: number; 579 579 + transcriptUrl?: string; 580 580 + }; 581 581 + 582 582 + publishedAt?: number; 583 583 + fetchedAt?: number; 584 584 + } 585 585 + 586 586 + // Device-specific sync tables 587 587 + interface PlayRecord { 588 588 + id: string; 589 589 + entryId: string; 590 590 + deviceId: string; 591 591 + position: number; 592 592 + duration?: number; 593 593 + completed: boolean; 594 594 + speed: number; 595 595 + updatedAt: number; 596 596 + } 597 597 + 598 598 + interface Subscription { 599 599 + id: string; 600 600 + channelId: string; 601 601 + deviceId?: string; 602 602 + parentPath: string; // "/Tech/Programming" 603 603 + autoDownload: boolean; 604 604 + downloadLimit?: number; 605 605 + isActive: boolean; 606 606 + createdAt: number; 607 607 + updatedAt: number; 608 608 + } 609 609 + 610 610 + interface QueueItem { 611 611 + id: string; 612 612 + entryId: string; 613 613 + deviceId: string; 614 614 + position: number; 615 615 + addedAt: number; 616 616 + } 617 617 + 618 618 + interface Device { 619 619 + id: string; 620 620 + name: string; 621 621 + platform: string; 622 622 + lastSeen: number; 623 623 + } 624 624 + 625 625 + // Local cache metadata 626 626 + interface LocalCache { 627 627 + id: string; 628 628 + url: string; 629 629 + contentHash: string; 630 630 + filePath: string; // OPFS path 631 631 + cachedAt: number; 632 632 + expiresAt?: number; 633 633 + size: number; 634 634 + isOfflineOnly: boolean; 635 635 + } 636 636 + 637 637 + // Dexie schema 638 638 + const db = new Dexie('SkypodDB'); 639 639 + db.version(1).stores({ 640 640 + channels: '&id, feedUrl, contentHash', 641 641 + channelEntries: '&id, channelId, publishedAt', 642 642 + playRecords: '&id, [entryId+deviceId], deviceId, updatedAt', 643 643 + subscriptions: '&id, channelId, deviceId, parentPath', 644 644 + queueItems: '&id, entryId, deviceId, position', 645 645 + devices: '&id, lastSeen', 646 646 + localCache: '&id, url, contentHash, expiresAt' 647 647 + }); 648 648 + #+END_SRC 649 649 + 650 650 + ***** server-side schema 651 651 + 652 652 + #+BEGIN_SRC typescript 653 653 + // Content-addressed cache 654 654 + interface ContentStore { 655 655 + contentHash: string; // Primary key 656 656 + content: Buffer; // Raw feed content 657 657 + contentType: string; 658 658 + contentLength: number; 659 659 + firstSeenAt: number; 660 660 + referenceCount: number; 661 661 + } 662 662 + 663 663 + interface ContentHistory { 664 664 + id: string; 665 665 + url: string; 666 666 + contentHash: string; 667 667 + fetchedAt: number; 668 668 + isLatest: boolean; 669 669 + } 670 670 + 671 671 + // HTTP cache with health tracking (from your existing design) 672 672 + interface HttpCache { 673 673 + key: string; // URL hash, primary key 674 674 + url: string; 675 675 + 676 676 + status: 'alive' | 'dead'; 677 677 + lastFetchedAt: number; 678 678 + lastFetchError?: string; 679 679 + lastFetchErrorStreak: number; 680 680 + 681 681 + lastHttpStatus: number; 682 682 + lastHttpEtag?: string; 683 683 + lastHttpHeaders: Record<string, string>; 684 684 + expiresAt: number; 685 685 + expirationTtl: number; 686 686 + 687 687 + contentHash: string; // Points to ContentStore 688 688 + } 689 689 + 690 690 + // Sync/auth tables 691 691 + interface Realm { 692 692 + id: string; // UUID 693 693 + createdAt: number; 694 694 + verifiedKeys: string[]; // Public key list 695 695 + } 696 696 + 697 697 + interface PeerConnection { 698 698 + id: string; 699 699 + realmId: string; 700 700 + publicKey: string; 701 701 + lastSeen: number; 702 702 + isOnline: boolean; 703 703 + } 704 704 + 705 705 + // Media cache for podcast episodes 706 706 + interface MediaCache { 707 707 + contentHash: string; // Primary key 708 708 + originalUrl: string; 709 709 + mimeType: string; 710 710 + fileSize: number; 711 711 + content: Buffer; 712 712 + cachedAt: number; 713 713 + accessCount: number; 714 714 + } 715 715 + #+END_SRC 716 716 + 717 717 + **** episode title parsing for sub-feed groupings :ai:claude: 718 718 + 719 719 + *problem*: some podcast feeds contain multiple shows, need hierarchical organization within a feed 720 720 + 721 721 + *example*: "Apocalypse Players" podcast 722 722 + - episode title: "A Term of Art 6 - Winston's Hollow" 723 723 + - desired grouping: "Apocalypse Players > A Term of Art > 6 - Winston's Hollow" 724 724 + - UI shows sub-shows within the main feed 725 725 + 726 726 + ***** approaches considered 727 727 + 728 728 + 1. *manual regex patterns* (short-term solution) 729 729 + - user provides regex with capture groups = tags 730 730 + - reliable, immediate, user-controlled 731 731 + - requires manual setup per feed 732 732 + 733 733 + 2. *LLM-generated regex* (automation goal) 734 734 + - analyze last 100 episode titles 735 735 + - generate regex pattern automatically 736 736 + - good balance of automation + reliability 737 737 + 738 738 + 3. *NER model training* (experimental) 739 739 + - train spacy model for episode title parsing 740 740 + - current prototype: 150 labelled examples, limited success 741 741 + - needs more training data to be viable 742 742 + 743 743 + ***** data model implications 744 744 + 745 745 + - add regex pattern field to Channel/Feed 746 746 + - store extracted groupings as hierarchical tags on ~ChannelEntry~ 747 747 + - maybe add grouping/series field to episodes 748 748 + 749 749 + ***** plan 750 750 + 751 751 + *preference*: start with manual regex, evolve toward LLM automation 752 752 + 753 753 + *implementation design*: 754 754 + - if no title pattern: episodes are direct children of the feed 755 755 + - title pattern = regex with named capture groups + path template 756 756 + 757 757 + *example configuration*: 758 758 + - regex: ~^(?<series>[^0-9]+)\s*(?<episode>\d+)\s*-\s*(?<title>.+)$~ 759 759 + - path template: ~{series} > Episode {episode} - {title}~ 760 760 + - result: "A Term of Art 6 - Winston's Hollow" → "A Term of Art > Episode 6 - Winston's Hollow" 761 761 + 762 762 + *schema additions*: 763 763 + #+BEGIN_SRC typescript 764 764 + interface Channel { 765 765 + // ... existing fields 766 766 + titlePatterns?: Array<{ 767 767 + name: string; // "Main Episodes", "Bonus Content", etc. 768 768 + regex: string; // named capture groups 769 769 + pathTemplate: string; // interpolation template 770 770 + priority: number; // order to try patterns (lower = first) 771 771 + isActive: boolean; // can disable without deleting 772 772 + }>; 773 773 + fallbackPath?: string; // template for unmatched episodes 774 774 + } 775 775 + 776 776 + interface ChannelEntry { 777 777 + // ... existing fields 778 778 + parsedPath?: string; // computed from titlePattern 779 779 + parsedGroups?: Record<string, string>; // captured groups 780 780 + matchedPatternName?: string; // which pattern was used 781 781 + } 782 782 + #+END_SRC 783 783 + 784 784 + *pattern matching logic*: 785 785 + 1. try patterns in priority order (lower number = higher priority) 786 786 + 2. first matching pattern wins 787 787 + 3. if no patterns match, use fallbackPath template (e.g., "Misc > {title}") 788 788 + 4. if no fallbackPath, episode stays direct child of feed 789 789 + 790 790 + *example multi-pattern setup*: 791 791 + - Pattern 1: "Main Episodes" - ~^(?<series>[^0-9]+)\s*(?<episode>\d+)~ → ~{series} > Episode {episode}~ 792 792 + - Pattern 2: "Bonus Content" - ~^Bonus:\s*(?<title>.+)~ → ~Bonus > {title}~ 793 793 + - Fallback: ~Misc > {title}~ 794 794 + 795 795 + **** scoped tags and filter-based UI evolution :ai:claude: 796 796 + 797 797 + *generalization*: move from rigid hierarchies to tag-based filtering system 798 798 + 799 799 + *tag scoping*: 800 800 + - feed-level tags: "Tech", "Gaming", "D&D" 801 801 + - episode-level tags: from regex captures like "series:CriticalRole", "campaign:2", "type:main" 802 802 + - user tags: manual additions like "favorites", "todo" 803 803 + 804 804 + *UI as tag filtering*: 805 805 + - default view: all episodes grouped by feed 806 806 + - filter by ~series:CriticalRole~ → shows only CR episodes across all feeds 807 807 + - filter by ~type:bonus~ → shows bonus content from all podcasts 808 808 + - combine filters: ~series:CriticalRole AND type:main~ → main CR episodes only 809 809 + 810 810 + *benefits*: 811 811 + - no rigid hierarchy - users create their own views 812 812 + - regex patterns become automated episode taggers 813 813 + - same filtering system works for search, organization, queues 814 814 + - tags are syncable metadata, views are client-side 815 815 + 816 816 + *schema evolution*: 817 817 + #+BEGIN_SRC typescript 818 818 + interface Tag { 819 819 + scope: 'feed' | 'episode' | 'user'; 820 820 + key: string; // "series", "type", "campaign" 821 821 + value: string; // "CriticalRole", "bonus", "2" 822 822 + } 823 823 + 824 824 + interface ChannelEntry { 825 825 + // ... existing 826 826 + tags: Tag[]; // includes regex-generated + manual 827 827 + } 828 828 + 829 829 + interface FilterView { 830 830 + id: string; 831 831 + name: string; 832 832 + folderPath: string; // "/Channels/Critical Role" 833 833 + filters: Array<{ 834 834 + key: string; 835 835 + value: string; 836 836 + operator: 'equals' | 'contains' | 'not'; 837 837 + }>; 838 838 + isDefault: boolean; 839 839 + createdAt: number; 840 840 + } 841 841 + #+END_SRC 842 842 + 843 843 + **** default UI construction and feed merging :ai:claude: 844 844 + 845 845 + *auto-generated views on subscribe*: 846 846 + - subscribe to "Critical Role" → creates ~/Channels/Critical Role~ folder 847 847 + - default filter view: ~feed:CriticalRole~ (shows all episodes from that feed) 848 848 + - user can customize, split into sub-views, or delete 849 849 + 850 850 + *smart view suggestions*: 851 851 + - after regex patterns generate tags, suggest splitting views 852 852 + - "I noticed episodes with ~series:Campaign2~ and ~series:Campaign3~ - create separate views?" 853 853 + - "Create view for ~type:bonus~ episodes?" 854 854 + 855 855 + *view management UX*: 856 856 + - right-click feed → "Split by series", "Split by type" 857 857 + - drag episodes between views to create manual filters 858 858 + - views can be nested: ~/Channels/Critical Role/Campaign 2/Main Episodes~ 859 859 + 860 860 + *feed merging for multi-source shows*: 861 861 + problem: patreon feed + main show feed for same podcast 862 862 + 863 863 + #+BEGIN_EXAMPLE 864 864 + /Channels/ 865 865 + Critical Role/ 866 866 + All Episodes # merged view: feed:CriticalRole OR feed:CriticalRolePatreon 867 867 + Main Feed # filter: feed:CriticalRole 868 868 + Patreon Feed # filter: feed:CriticalRolePatreon 869 869 + #+END_EXAMPLE 870 870 + 871 871 + *deduplication strategy*: 872 872 + - episodes matched by ~guid~ or similar content hash 873 873 + - duplicate episodes get ~source:main,patreon~ tags 874 874 + - UI shows single episode with source indicators 875 875 + - user can choose preferred source for playback 876 876 + - play state syncs across all sources of same episode 877 877 + 878 878 + *feed relationship schema*: 879 879 + #+BEGIN_SRC typescript 880 880 + interface FeedGroup { 881 881 + id: string; 882 882 + name: string; // "Critical Role" 883 883 + feedIds: string[]; // [mainFeedId, patreonFeedId] 884 884 + mergeStrategy: 'guid' | 'title' | 'contentHash'; 885 885 + defaultView: FilterView; 886 886 + } 887 887 + 888 888 + interface ChannelEntry { 889 889 + // ... existing 890 890 + duplicateOf?: string; // points to canonical episode ID 891 891 + sources: string[]; // feed IDs where this episode appears 892 892 + } 893 893 + #+END_SRC 894 894 + 895 895 + **per-view settings and state**: 896 896 + each filter view acts like a virtual feed with its own: 897 897 + - unread counts (episodes matching filter that haven't been played) 898 898 + - notification settings (notify for new episodes in this view) 899 899 + - muted state (hide notifications, mark as read automatically) 900 900 + - auto-download preferences (download episodes that match this filter) 901 901 + - play queue integration (add new episodes to queue) 902 902 + 903 903 + **use cases**: 904 904 + - mute "Bonus Content" view but keep notifications for main episodes 905 905 + - auto-download only "Campaign 2" episodes, skip everything else 906 906 + - separate unread counts: "5 unread in Main Episodes, 2 in Bonus" 907 907 + - queue only certain series automatically 908 908 + 909 909 + **schema additions**: 910 910 + #+BEGIN_SRC typescript 911 911 + interface FilterView { 912 912 + // ... existing fields 913 913 + settings: { 914 914 + notificationsEnabled: boolean; 915 915 + isMuted: boolean; 916 916 + autoDownload: boolean; 917 917 + autoQueue: boolean; 918 918 + downloadLimit?: number; // max episodes to keep 919 919 + }; 920 920 + state: { 921 921 + unreadCount: number; 922 922 + lastViewedAt?: number; 923 923 + isCollapsed: boolean; // in sidebar 924 924 + }; 925 925 + } 926 926 + #+END_SRC 927 927 + 928 928 + *inheritance behavior*: 929 929 + - new filter views inherit settings from parent feed/group 930 930 + - user can override per-view 931 931 + - "mute all Critical Role" vs "mute only bonus episodes" 932 932 + 933 933 + **** client-side episode caching strategy :ai:claude: 934 934 + 935 935 + *architecture*: service worker-based transparent caching 936 936 + 937 937 + *flow*: 938 938 + 1. audio player requests ~/audio?url={episodeUrl}~ 939 939 + 2. service worker intercepts request 940 940 + 3. if present in cache (with Range header support): 941 941 + - serve from cache 942 942 + 4. else: 943 943 + - let request continue to server (immediate playback) 944 944 + - simultaneously start background fetch of full audio file 945 945 + - when complete, broadcast "episode-cached" event 946 946 + - audio player catches event and restarts feed → now uses cached version 947 947 + 948 948 + **benefits**: 949 949 + - no playback interruption (streaming starts immediately) 950 950 + - seamless transition to cached version 951 951 + - Range header support for seeking/scrubbing 952 952 + - transparent to audio player implementation 953 953 + 954 954 + *implementation considerations*: 955 955 + - cache storage limits and cleanup policies 956 956 + - partial download resumption if interrupted 957 957 + - cache invalidation when episode URLs change 958 958 + - offline playback support 959 959 + - progress tracking for background downloads 960 960 + 961 961 + **schema additions**: 962 962 + #+BEGIN_SRC typescript 963 963 + interface CachedEpisode { 964 964 + episodeId: string; 965 965 + originalUrl: string; 966 966 + cacheKey: string; // for cache API 967 967 + fileSize: number; 968 968 + cachedAt: number; 969 969 + lastAccessedAt: number; 970 970 + downloadProgress?: number; // 0-100 for in-progress downloads 971 971 + } 972 972 + #+END_SRC 973 973 + 974 974 + **service worker events**: 975 975 + - ~episode-cache-started~ - background download began 976 976 + - ~episode-cache-progress~ - download progress update 977 977 + - ~episode-cache-complete~ - ready to switch to cached version 978 978 + - ~episode-cache-error~ - download failed, stay with streaming 979 979 + 980 980 + **background sync for proactive downloads**: 981 981 + 982 982 + **browser support reality**: 983 983 + - Background Sync API: good support (Chrome/Edge, limited Safari) 984 984 + - Periodic Background Sync: very limited (Chrome only, requires PWA install) 985 985 + - Push notifications: good support, but requires user permission 986 986 + 987 987 + **hybrid approach**: 988 988 + 1. **foreground sync** (reliable): when app is open, check for new episodes 989 989 + 2. **background sync** (opportunistic): register sync event when app closes 990 990 + 3. **push notifications** (fallback): server pushes "new episodes available" 991 991 + 4. **manual sync** (always works): pull-to-refresh, settings toggle 992 992 + 993 993 + **implementation strategy**: 994 994 + #+BEGIN_SRC typescript 995 995 + // Register background sync when app becomes hidden 996 996 + document.addEventListener('visibilitychange', () => { 997 997 + if (document.hidden && 'serviceWorker' in navigator) { 998 998 + navigator.serviceWorker.ready.then(registration => { 999 999 + return registration.sync.register('download-episodes'); 1000 1000 + }); 1001 1001 + } 1002 1002 + }); 1003 1003 + 1004 1004 + // Service worker handles sync event 1005 1005 + self.addEventListener('sync', event => { 1006 1006 + if (event.tag === 'download-episodes') { 1007 1007 + event.waitUntil(syncEpisodes()); 1008 1008 + } 1009 1009 + }); 1010 1010 + #+END_SRC 1011 1011 + 1012 1012 + **realistic expectations**: 1013 1013 + - iOS Safari: very limited background processing 1014 1014 + - Android Chrome: decent background sync support 1015 1015 + - Desktop: mostly works 1016 1016 + - battery/data saver modes: disabled by OS 1017 1017 + 1018 1018 + **fallback strategy**: rely primarily on foreground sync + push notifications, treat background sync as nice-to-have enhancement 1019 1019 + 1020 1020 + **push notification sync workflow**: 1021 1021 + 1022 1022 + **server-side trigger**: 1023 1023 + 1. server detects new episodes during RSS refresh 1024 1024 + 2. check which users are subscribed to that feed 1025 1025 + 3. send push notification with episode metadata payload 1026 1026 + 4. notification wakes up service worker on client 1027 1027 + 1028 1028 + **service worker notification handler**: 1029 1029 + #+BEGIN_SRC typescript 1030 1030 + self.addEventListener('push', event => { 1031 1031 + const data = event.data?.json(); 1032 1032 + 1033 1033 + if (data.type === 'new-episodes') { 1034 1034 + event.waitUntil( 1035 1035 + // Start background download of new episodes 1036 1036 + downloadNewEpisodes(data.episodes) 1037 1037 + .then(() => { 1038 1038 + // Show notification to user 1039 1039 + return self.registration.showNotification('New episodes available', { 1040 1040 + body: ~${data.episodes.length} new episodes downloaded~, 1041 1041 + icon: '/icon-192.png', 1042 1042 + badge: '/badge-72.png', 1043 1043 + tag: 'new-episodes', 1044 1044 + data: { episodeIds: data.episodes.map(e => e.id) } 1045 1045 + }); 1046 1046 + }) 1047 1047 + ); 1048 1048 + } 1049 1049 + }); 1050 1050 + 1051 1051 + // Handle notification click 1052 1052 + self.addEventListener('notificationclick', event => { 1053 1053 + event.notification.close(); 1054 1054 + 1055 1055 + // Open app to specific episode or feed 1056 1056 + event.waitUntil( 1057 1057 + clients.openWindow(~/episodes/${event.notification.data.episodeIds[0]}~) 1058 1058 + ); 1059 1059 + }); 1060 1060 + #+END_SRC 1061 1061 + 1062 1062 + **server push logic**: 1063 1063 + - batch notifications (don't spam for every episode) 1064 1064 + - respect user notification preferences from FilterView settings 1065 1065 + - include episode metadata in payload to avoid round-trip 1066 1066 + - throttle notifications (max 1 per feed per hour?) 1067 1067 + 1068 1068 + **user flow**: 1069 1069 + 1. new episode published → server pushes notification 1070 1070 + 2. service worker downloads episode in background 1071 1071 + 3. user sees "New episodes downloaded" notification 1072 1072 + 4. tap notification → opens app to new episode, ready to play offline 1073 1073 + 1074 1074 + *benefits*: 1075 1075 + - true background downloading without user interaction 1076 1076 + - works even when app is closed 1077 1077 + - respects per-feed notification settings 1078 1078 + 1079 1079 + **push payload size constraints**: 1080 1080 + - **limit**: ~4KB (4,096 bytes) across most services 1081 1081 + - **practical limit**: ~3KB to account for service overhead 1082 1082 + - **implications for episode metadata**: 1083 1083 + 1084 1084 + #+BEGIN_SRC json 1085 1085 + { 1086 1086 + "type": "new-episodes", 1087 1087 + "episodes": [ 1088 1088 + { 1089 1089 + "id": "ep123", 1090 1090 + "channelId": "ch456", 1091 1091 + "title": "Episode Title", 1092 1092 + "url": "https://...", 1093 1093 + "duration": 3600, 1094 1094 + "size": 89432112 1095 1095 + } 1096 1096 + ] 1097 1097 + } 1098 1098 + #+END_SRC 1099 1099 + 1100 1100 + **payload optimization strategies**: 1101 1101 + - minimal episode metadata in push (id, url, basic info) 1102 1102 + - batch multiple episodes in single notification 1103 1103 + - full episode details fetched after service worker wakes up 1104 1104 + - URL shortening for long episode URLs 1105 1105 + - compress JSON payload if needed 1106 1106 + 1107 1107 + **alternative for large payloads**: 1108 1108 + - push notification contains only "new episodes available" signal 1109 1109 + - service worker makes API call to get full episode list 1110 1110 + - trade-off: requires network round-trip but unlimited data 1111 1111 + 1112 1112 + **logical clock sync optimization**: 1113 1113 + 1114 1114 + much simpler approach using sync revisions: 1115 1115 + 1116 1116 + #+BEGIN_SRC json 1117 1117 + { 1118 1118 + "type": "sync-available", 1119 1119 + "fromRevision": 12345, 1120 1120 + "toRevision": 12389, 1121 1121 + "changeCount": 8 1122 1122 + } 1123 1123 + #+END_SRC 1124 1124 + 1125 1125 + **service worker sync flow**: 1126 1126 + 1. push notification wakes service worker with revision range 1127 1127 + 2. service worker fetches ~/sync?from=12345&to=12389~ 1128 1128 + 3. server returns only changes in that range (episodes, feed updates, etc) 1129 1129 + 4. service worker applies changes to local dexie store 1130 1130 + 5. service worker queues background downloads for new episodes 1131 1131 + 6. updates local revision to 12389 1132 1132 + 1133 1133 + **benefits of revision-based approach**: 1134 1134 + - tiny push payload (just revision numbers) 1135 1135 + - server can efficiently return only changes in range 1136 1136 + - automatic deduplication (revision already applied = skip) 1137 1137 + - works for any sync data (episodes, feed metadata, user settings) 1138 1138 + - handles offline gaps gracefully (fetch missing revision ranges) 1139 1139 + 1140 1140 + **sync API response**: 1141 1141 + #+BEGIN_SRC typescript 1142 1142 + interface SyncResponse { 1143 1143 + fromRevision: number; 1144 1144 + toRevision: number; 1145 1145 + changes: Array<{ 1146 1146 + type: 'episode' | 'channel' | 'subscription'; 1147 1147 + operation: 'create' | 'update' | 'delete'; 1148 1148 + data: any; 1149 1149 + revision: number; 1150 1150 + }>; 1151 1151 + } 1152 1152 + #+END_SRC 1153 1153 + 1154 1154 + **integration with episode downloads**: 1155 1155 + - service worker processes sync changes 1156 1156 + - identifies new episodes that match user's auto-download filters 1157 1157 + - queues those for background cache fetching 1158 1158 + - much more efficient than sending episode metadata in push payload 1159 1159 + 1160 1160 + **service worker processing time constraints**: 1161 1161 + 1162 1162 + **hard limits**: 1163 1163 + - **30 seconds idle timeout**: service worker terminates after 30s of inactivity 1164 1164 + - **5 minutes event processing**: single event/request must complete within 5 minutes 1165 1165 + - **30 seconds fetch timeout**: individual network requests timeout after 30s 1166 1166 + - **notification requirement**: push events MUST display notification before promise settles 1167 1167 + 1168 1168 + **practical implications**: 1169 1169 + - sync API call (~/sync?from=X&to=Y~) must complete within 30s 1170 1170 + - large episode downloads must be queued, not started immediately in push handler 1171 1171 + - use ~event.waitUntil()~ to keep service worker alive during processing 1172 1172 + - break large operations into smaller chunks 1173 1173 + 1174 1174 + **recommended push event flow**: 1175 1175 + #+BEGIN_SRC typescript 1176 1176 + self.addEventListener('push', event => { 1177 1177 + const data = event.data?.json(); 1178 1178 + 1179 1179 + event.waitUntil( 1180 1180 + // Must complete within 5 minutes total 1181 1181 + handlePushSync(data) 1182 1182 + .then(() => { 1183 1183 + // Required: show notification before promise settles 1184 1184 + return self.registration.showNotification('Episodes synced'); 1185 1185 + }) 1186 1186 + ); 1187 1187 + }); 1188 1188 + 1189 1189 + async function handlePushSync(data) { 1190 1190 + // 1. Quick sync API call (< 30s) 1191 1191 + const changes = await fetch(~/sync?from=${data.fromRevision}&to=${data.toRevision}~); 1192 1192 + 1193 1193 + // 2. Apply changes to dexie store (fast, local) 1194 1194 + await applyChangesToStore(changes); 1195 1195 + 1196 1196 + // 3. Queue episode downloads for later (don't start here) 1197 1197 + await queueEpisodeDownloads(changes.newEpisodes); 1198 1198 + 1199 1199 + // Total time: < 5 minutes, preferably < 30s 1200 1200 + } 1201 1201 + #+END_SRC 1202 1202 + 1203 1203 + *download strategy*: use push event for sync + queuing, separate background tasks for actual downloads 1204 1204 + 1205 1205 + *background fetch API for large downloads*: 1206 1206 + 1207 1207 + *progressive enhancement approach*: 1208 1208 + #+BEGIN_SRC typescript 1209 1209 + async function queueEpisodeDownloads(episodes) { 1210 1210 + for (const episode of episodes) { 1211 1211 + if ('serviceWorker' in navigator && 'BackgroundFetch' in window) { 1212 1212 + // Chrome/Edge: use Background Fetch API for true background downloading 1213 1213 + await navigator.serviceWorker.ready.then(registration => { 1214 1214 + return registration.backgroundFetch.fetch( 1215 1215 + ~episode-${episode.id}~, 1216 1216 + episode.url, 1217 1217 + { 1218 1218 + icons: [{ src: '/icon-256.png', sizes: '256x256', type: 'image/png' }], 1219 1219 + title: ~Downloading: ${episode.title}~, 1220 1220 + downloadTotal: episode.fileSize 1221 1221 + } 1222 1222 + ); 1223 1223 + }); 1224 1224 + } else { 1225 1225 + // Fallback: queue for reactive download (download while streaming) 1226 1226 + await queueReactiveDownload(episode); 1227 1227 + } 1228 1228 + } 1229 1229 + } 1230 1230 + 1231 1231 + // Handle background fetch completion 1232 1232 + self.addEventListener('backgroundfetch', event => { 1233 1233 + if (event.tag.startsWith('episode-')) { 1234 1234 + event.waitUntil(handleEpisodeDownloadComplete(event)); 1235 1235 + } 1236 1236 + }); 1237 1237 + #+END_SRC 1238 1238 + 1239 1239 + *browser support reality*: 1240 1240 + - *Chrome/Edge*: Background Fetch API supported 1241 1241 + - *Firefox/Safari*: not supported, fallback to reactive caching 1242 1242 + - *mobile*: varies by platform and browser 1243 1243 + 1244 1244 + *benefits when available*: 1245 1245 + - true background downloading (survives app close, browser close) 1246 1246 + - built-in download progress UI 1247 1247 + - automatic retry on network failure 1248 1248 + - no service worker time limits during download 1249 1249 + 1250 1250 + *graceful degradation*: 1251 1251 + - detect support, use when available 1252 1252 + - fallback to reactive caching (download while streaming) 1253 1253 + - user gets best experience possible on their platform 1254 1254 + 1255 1255 + *** research todos :ai:claude: 1256 1256 + 1257 1257 + high-level unanswered questions from architecture brainstorming: 1258 1258 + 1259 1259 + **** sync and data management 1260 1260 + ***** TODO dexie sync capabilities vs rxdb for multi-device sync implementation 1261 1261 + ***** TODO webrtc p2p sync implementation patterns and reliability 1262 1262 + ***** TODO conflict resolution strategies for device-specific data in distributed sync 1263 1263 + ***** TODO content-addressed deduplication algorithms for rss/podcast content 1264 1264 + **** client-side storage and caching 1265 1265 + ***** TODO opfs storage limits and cleanup strategies for client-side caching 1266 1266 + ***** TODO practical background fetch api limits and edge cases for podcast downloads 1267 1267 + **** automation and intelligence 1268 1268 + ***** TODO llm-based regex generation for episode title parsing automation 1269 1269 + ***** TODO push notification subscription management and realm authentication 1270 1270 + **** platform and browser capabilities 1271 1271 + ***** TODO browser audio api capabilities for podcast-specific features (speed, silence skip) 1272 1272 + ***** TODO progressive web app installation and platform-specific behaviors 1273 1273 + 1274 1274 + * webtorrent brainstorming 6/16 :ai:claude: 1275 1275 + 1276 1276 + ** WebTorrent + Event Log CRDT Architecture 1277 1277 + 1278 1278 + *** Core Concept Split 1279 1279 + We identified two fundamentally different types of data that need different sync strategies: 1280 1280 + 1281 1281 + **** 1. Dynamic Metadata (Event Log CRDT) 1282 1282 + - **Data**: Play state, scroll position, settings, subscriptions 1283 1283 + - **Characteristics**: Frequently changing, small, device-specific 1284 1284 + - **Solution**: Event log with Hybrid Logical Clocks (HLC) 1285 1285 + - **Sync**: Merkle tree efficient diff + P2P exchange via realm 1286 1286 + 1287 1287 + **** 2. Static Content (WebTorrent) 1288 1288 + - **Data**: RSS feeds, podcast episodes (audio files) 1289 1289 + - **Characteristics**: Immutable, large, content-addressable 1290 1290 + - **Solution**: WebTorrent with infohash references 1291 1291 + - **Storage**: IndexedDB chunk store (idb-chunk-store npm package) 1292 1292 + 1293 1293 + *** Event Log CRDT Design 1294 1294 + 1295 1295 + **** Hybrid Logical Clock (HLC) 1296 1296 + Based on James Long's crdt-example-app implementation: 1297 1297 + #+BEGIN_SRC typescript 1298 1298 + interface HLC { 1299 1299 + millis: number; // physical time 1300 1300 + counter: number; // logical counter (0-65535) 1301 1301 + node: string; // device identity ID 1302 1302 + } 1303 1303 + 1304 1304 + interface SyncEvent { 1305 1305 + timestamp: HLC; 1306 1306 + type: 'subscribe' | 'unsubscribe' | 'markPlayed' | 'updatePosition' | ... 1307 1307 + payload: any; 1308 1308 + } 1309 1309 + #+END_SRC 1310 1310 + 1311 1311 + **Benefits**: 1312 1312 + - Causality preserved even with clock drift 1313 1313 + - Compact representation (vs full vector clocks) 1314 1314 + - Total ordering via (millis, counter, node) comparison 1315 1315 + - No merge conflicts - just union of events 1316 1316 + 1317 1317 + **** Merkle Tree Sync 1318 1318 + Efficient sync using merkle trees over time ranges: 1319 1319 + 1320 1320 + #+BEGIN_SRC typescript 1321 1321 + interface RangeMerkleNode { 1322 1322 + startTime: HLC; 1323 1323 + endTime: HLC; 1324 1324 + hash: string; 1325 1325 + eventCount: number; 1326 1326 + } 1327 1327 + #+END_SRC 1328 1328 + 1329 1329 + **Sync Protocol**: 1330 1330 + 1. Exchange merkle roots 1331 1331 + 2. If different, drill down to find divergent ranges 1332 1332 + 3. Exchange only missing events 1333 1333 + 4. Apply in HLC order 1334 1334 + 1335 1335 + **Key insight**: No merge conflicts because events are immutable and ordered by HLC 1336 1336 + 1337 1337 + **** Progressive Compaction 1338 1338 + Use idle time to compact old events: 1339 1339 + - Recent (< 5 min): Individual events for active sync 1340 1340 + - Hourly chunks: After 5 minutes 1341 1341 + - Daily chunks: After 24 hours 1342 1342 + - Monthly chunks: After 30 days 1343 1343 + 1344 1344 + Benefits: 1345 1345 + - Fast recent sync 1346 1346 + - Efficient storage of history 1347 1347 + - Old chunks can move to OPFS as blobs 1348 1348 + 1349 1349 + *** WebTorrent Integration 1350 1350 + 1351 1351 + **** Content Flow 1352 1352 + 1. **CORS-friendly feeds**: 1353 1353 + - Browser fetches directly 1354 1354 + - Creates torrent with original URL as webseed 1355 1355 + - Broadcasts infohash to realm 1356 1356 + 1357 1357 + 2. **CORS-blocked feeds**: 1358 1358 + - Server fetches and hashes 1359 1359 + - Returns infohash (server doesn't store content) 1360 1360 + - Client uses WebTorrent with original URL as webseed 1361 1361 + 1362 1362 + **** Realm as Private Tracker 1363 1363 + - Realm members announce infohashes they have 1364 1364 + - No need for DHT or public trackers 1365 1365 + - Existing WebRTC signaling used for peer discovery 1366 1366 + - Private swarm for each realm 1367 1367 + 1368 1368 + **** Storage via Chunk Store 1369 1369 + Use `idb-chunk-store` (or similar) for persistence: 1370 1370 + - WebTorrent handles chunking/verification 1371 1371 + - IndexedDB provides persistence across sessions 1372 1372 + - Abstract-chunk-store interface allows swapping implementations 1373 1373 + 1374 1374 + *** Bootstrap & History Sharing 1375 1375 + 1376 1376 + **** History Snapshots as Torrents 1377 1377 + Serialize event history into content-addressed chunks: 1378 1378 + 1379 1379 + #+BEGIN_SRC typescript 1380 1380 + interface HistorySnapshot { 1381 1381 + period: "2024-05"; 1382 1382 + events: SyncEvent[]; 1383 1383 + merkleRoot: string; 1384 1384 + deviceStates: Record<string, DeviceState>; 1385 1385 + } 1386 1386 + 1387 1387 + // Share via WebTorrent 1388 1388 + const blob = await serializeSnapshot(events); 1389 1389 + const infohash = await createTorrent(blob); 1390 1390 + realm.broadcast({ type: "historySnapshot", period, infohash }); 1391 1391 + #+END_SRC 1392 1392 + 1393 1393 + **** Materialized State Snapshots 1394 1394 + Using dexie-export-import for database snapshots: 1395 1395 + 1396 1396 + #+BEGIN_SRC typescript 1397 1397 + const dbBlob = await exportDB(db, { 1398 1398 + tables: ['channels', 'channelEntries'], 1399 1399 + filter: (table, value) => !isDeviceSpecific(table, value) 1400 1400 + }); 1401 1401 + 1402 1402 + const infohash = await createTorrent(dbBlob); 1403 1403 + #+END_SRC 1404 1404 + 1405 1405 + **** New Device Bootstrap 1406 1406 + 1. Download latest DB snapshot → Instant UI 1407 1407 + 2. Download recent events → Apply updates 1408 1408 + 3. Background: fetch historical event logs 1409 1409 + 4. Result: Fast startup with complete history 1410 1410 + 1411 1411 + *** Implementation Benefits 1412 1412 + 1413 1413 + 1. **Privacy**: No server sees listening history 1414 1414 + 2. **Offline-first**: Everything works locally 1415 1415 + 3. **Efficient sync**: Only exchange missing data 1416 1416 + 4. **P2P content**: Reduce server bandwidth 1417 1417 + 5. **Scalable**: Torrents for bulk data transfer 1418 1418 + 6. **Verifiable**: Merkle trees ensure consistency 1419 1419 + 1420 1420 + *** Next Steps 1421 1421 + - [ ] Implement HLC timestamps 1422 1422 + - [ ] Build merkle tree sync protocol 1423 1423 + - [ ] Integrate WebTorrent with realm signaling 1424 1424 + - [ ] Create history snapshot system 1425 1425 + - [ ] Test cross-device sync scenarios 1426 1426 + 1427 1427 + ** Additional Architecture Insights 1428 1428 + 1429 1429 + *** Unified Infohash Approach 1430 1430 + Instead of having separate hashes for merkle tree and WebTorrent, use infohashes throughout: 1431 1431 + 1432 1432 + **** Hierarchical Infohash Structure 1433 1433 + #+BEGIN_SRC typescript 1434 1434 + // Leaf level: individual files 1435 1435 + const episode1Hash = await createTorrent(episode1.mp3); 1436 1436 + const feedXmlHash = await createTorrent(feed.xml); 1437 1437 + 1438 1438 + // Directory level: multi-file torrent 1439 1439 + const feedTorrent = await createTorrent({ 1440 1440 + name: 'example.com.rss', 1441 1441 + files: [ 1442 1442 + { path: 'rss.xml', infohash: feedXmlHash }, 1443 1443 + { path: 'episode-1.mp3', infohash: episode1Hash } 1444 1444 + ] 1445 1445 + }); 1446 1446 + 1447 1447 + // Root level: torrent of feed torrents 1448 1448 + const rootTorrent = await createTorrent({ 1449 1449 + name: 'feeds', 1450 1450 + folders: [ 1451 1451 + { path: 'example.com.rss', infohash: feedTorrent.infoHash } 1452 1452 + ] 1453 1453 + }); 1454 1454 + #+END_SRC 1455 1455 + 1456 1456 + Benefits: 1457 1457 + - Single hash type throughout system 1458 1458 + - Progressive loading (directory structure first, then files) 1459 1459 + - Natural deduplication 1460 1460 + - WebTorrent native sharing of folder structures 1461 1461 + 1462 1462 + *** Long-term Event Log Scaling 1463 1463 + 1464 1464 + **** Checkpoint + Delta Pattern 1465 1465 + For handling millions of events, use periodic checkpoints: 1466 1466 + 1467 1467 + #+BEGIN_SRC typescript 1468 1468 + interface EventCheckpoint { 1469 1469 + hlc: HLC; 1470 1470 + stateSnapshot: { 1471 1471 + subscriptions: Channel[]; 1472 1472 + playStates: PlayRecord[]; 1473 1473 + settings: Settings; 1474 1474 + }; 1475 1475 + eventCount: number; 1476 1476 + infohash: string; // torrent of this checkpoint 1477 1477 + } 1478 1478 + 1479 1479 + // Every 10k events or monthly 1480 1480 + async function createCheckpoint(): Promise<Checkpoint> { 1481 1481 + const currentHLC = getLatestEventHLC(); 1482 1482 + 1483 1483 + // Export materialized state using dexie-export-import 1484 1484 + const dbBlob = await exportDB(db, { 1485 1485 + filter: (table, value) => { 1486 1486 + return !['activeSyncs', 'tempData'].includes(table); 1487 1487 + } 1488 1488 + }); 1489 1489 + 1490 1490 + const infohash = await createTorrent(dbBlob); 1491 1491 + return { hlc: currentHLC, dbExport: dbBlob, infohash }; 1492 1492 + } 1493 1493 + #+END_SRC 1494 1494 + 1495 1495 + **** Bootstrap Flow with Checkpoints 1496 1496 + 1. New device downloads latest checkpoint via WebTorrent 1497 1497 + 2. Imports directly to IndexedDB: `await importDB(checkpoint.blob)` 1498 1498 + 3. Requests only recent events since checkpoint 1499 1499 + 4. Applies recent events to catch up 1500 1500 + 1501 1501 + Benefits: 1502 1502 + - Fast bootstrap (one checkpoint instead of million events) 1503 1503 + - No double materialization (IndexedDB is already materialized state) 1504 1504 + - P2P distribution of checkpoints 1505 1505 + - Clear version migration path 1506 1506 + 1507 1507 + *** Sync State Management 1508 1508 + 1509 1509 + **** Catching Up vs Live Events 1510 1510 + #+BEGIN_SRC typescript 1511 1511 + interface SyncState { 1512 1512 + localHLC: HLC; 1513 1513 + remoteHLC: HLC; 1514 1514 + mode: 'catching-up' | 'live'; 1515 1515 + } 1516 1516 + 1517 1517 + // Separate handlers for historical vs live events 1518 1518 + async function replayHistoricalEvents(from: HLC, to: HLC) { 1519 1519 + const events = await fetchEvents(from, to); 1520 1520 + 1521 1521 + // Process in batches without UI updates 1522 1522 + await db.transaction('rw', db.tables, async () => { 1523 1523 + for (const batch of chunks(events, 1000)) { 1524 1524 + await Promise.all(batch.map(applyEventSilently)); 1525 1525 + } 1526 1526 + }); 1527 1527 + 1528 1528 + // One UI update at the end 1529 1529 + notifyUI('Sync complete', { newEpisodes: 47 }); 1530 1530 + } 1531 1531 + 1532 1532 + function handleLiveEvent(event: SyncEvent) { 1533 1533 + // Real-time event - update UI immediately 1534 1534 + applyEvent(event); 1535 1535 + if (event.type === 'newEpisode') { 1536 1536 + showNotification(`New episode: ${event.title}`); 1537 1537 + } 1538 1538 + } 1539 1539 + #+END_SRC 1540 1540 + 1541 1541 + **** HLC Comparison for Ordering 1542 1542 + #+BEGIN_SRC typescript 1543 1543 + function compareHLC(a: HLC, b: HLC): number { 1544 1544 + if (a.millis !== b.millis) return a.millis - b.millis; 1545 1545 + if (a.counter !== b.counter) return a.counter - b.counter; 1546 1546 + return a.node.localeCompare(b.node); 1547 1547 + } 1548 1548 + 1549 1549 + // Determine if caught up 1550 1550 + function isCaughtUp(myHLC: HLC, peerHLC: HLC): boolean { 1551 1551 + return compareHLC(myHLC, peerHLC) >= 0; 1552 1552 + } 1553 1553 + #+END_SRC 1554 1554 + 1555 1555 + *** Handling Out-of-Order Events 1556 1556 + 1557 1557 + **** Idempotent Reducers (No Replay Needed) 1558 1558 + Design reducers to handle events arriving out of order: 1559 1559 + 1560 1560 + #+BEGIN_SRC typescript 1561 1561 + // HLC-aware reducer that handles out-of-order events 1562 1562 + function reducePlayPosition(state, event) { 1563 1563 + if (event.type === 'updatePosition') { 1564 1564 + const existing = state.positions[event.episodeId]; 1565 1565 + // Only update if this event is newer 1566 1566 + if (!existing || compareHLC(event.hlc, existing.hlc) > 0) { 1567 1567 + state.positions[event.episodeId] = { 1568 1568 + position: event.position, 1569 1569 + hlc: event.hlc // Track which event set this 1570 1570 + }; 1571 1571 + } 1572 1572 + } 1573 1573 + } 1574 1574 + #+END_SRC 1575 1575 + 1576 1576 + **** Example: Offline Device Rejoining 1577 1577 + #+BEGIN_SRC typescript 1578 1578 + // Device A offline for a week, comes back with old events 1579 1579 + Device A: [ 1580 1580 + { hlc: "1000:0:A", type: "markPlayed", episode: "ep1" }, 1581 1581 + { hlc: "1100:0:A", type: "updatePosition", episode: "ep1", position: 500 } 1582 1582 + ] 1583 1583 + 1584 1584 + // Device B already has newer event 1585 1585 + Device B: [ 1586 1586 + { hlc: "1050:0:B", type: "updatePosition", episode: "ep1", position: 1000 } 1587 1587 + ] 1588 1588 + 1589 1589 + // Smart reducer produces correct final state 1590 1590 + finalState = { 1591 1591 + "ep1": { 1592 1592 + played: true, // from 1000:0:A 1593 1593 + position: 1000, // from 1050:0:B (newer HLC wins) 1594 1594 + lastPositionHLC: "1050:0:B" 1595 1595 + } 1596 1596 + } 1597 1597 + #+END_SRC 1598 1598 + 1599 1599 + Key principles: 1600 1600 + - Store HLC with state changes 1601 1601 + - Use "last write wins" with HLC comparison 1602 1602 + - Make operations commutative when possible 1603 1603 + - No need for full replay when inserting old events

+81 -1265

readme-devlog.org

··· 1 1 #+PROPERTY: COOKIE_DATA recursive 2 2 #+STARTUP: overview 3 3 4 4 - most of this is old, I need to rework it 5 5 - 6 6 - * design 7 7 - 8 8 - ** frontend (packages/app) 9 9 - - http://localhost:7891 10 10 - - proxies ~/api~ and ~/sync~ to the backend in development 11 11 - - uses Dexie for local storage with sync plugin 12 12 - - custom sync replication implementation using PeerJS through the signalling server 13 13 - 14 14 - ** backend (packages/server) 15 15 - - http://localhost:7890 16 16 - - serves ~/dist~ if the directory is present (see ~dist~ script) 17 17 - - serves ~/api~ for RSS caching proxy 18 18 - - file-based routing under the api directory 19 19 - - serves ~/sync~ which is a ~peerjs~ signalling server 20 20 - 21 21 - ** sync 22 22 - - each client keeps the full data set 23 23 - - dexie sync and observable let us stream change sets 24 24 - - we can publish the "latest" to all peers 25 25 - - on first pull, if not the first client, we can request a dump out of band 26 26 - 27 27 - *** rss feed data 28 28 - - do we want to backup feed data? 29 29 - - conceptually, this should be refetchable 30 30 - - but feeds go away, and some will only show recent stories 31 31 - - so yes, we'll need this 32 32 - - but server side, we can dedupe 33 33 - - content-addressed server-side cache? 34 34 - 35 35 - - server side does RSS pulling 36 36 - - can feeds be marked private, such that they won't be pulled through the proxy? 37 37 - - but then we require everything to be fetchable via cors 38 38 - - client configured proxy settings? 39 39 - 40 40 - *** peer connection 41 41 - - on startup, check for current realm-id and key pair 42 42 - - if not present, ask to login or start new 43 43 - - if login, run through the [[* pairing]] process 44 44 - - if start new, run through the [[* registration]] process 45 45 - - use keypair to authenticate to server 46 46 - - response includes list of active peers to connect 47 47 - - clients negotiate sync from there 48 48 - - an identity is a keypair and a realm 49 49 - 50 50 - - realm is uuid 51 51 - - realm on the server is the socket connection for peer discovery 52 52 - - keeps a list of verified public keys 53 53 - - and manages the /current/ ~public-key->peer ids~ mapping 54 54 - - realm on the client side is first piece of info required for sync 55 55 - - when connecting to the signalling server, you present a realm, and a signed public key 56 56 - - server accepts/rejects based on signature and current verified keys 57 57 - 58 58 - - a new keypair can create a realm 59 59 - 60 60 - - a new keypair can double sign an invitation 61 61 - - invite = ~{ realm:, nonce:, not_before:, not_after:, authorizer: }~, signed with verified key 62 62 - - exchanging an invite = ~{ invite: }~, signed with my key 63 63 - 64 64 - - on startup 65 65 - - start stand-alone (no syncing required, usually the case on first-run) 66 66 - - generate a keypair 67 67 - - want server backup? 68 68 - - sign a "setup" message with new keypair and send to the server 69 69 - - server responds with a new realm, that this keypair is already verified for 70 70 - - move along 71 71 - - exchange invite to sync to other devices 72 72 - - generate a keypair 73 73 - - sign the exchange message with the invite and send to the server 74 74 - - server verifies the invite 75 75 - - adds the new public key to the peer list and publishes downstream 76 76 - - move along 77 77 - 78 78 - ***** standalone 79 79 - in this mode, there is no syncing. this is the most likely first-time run option. 80 80 - 81 81 - - generate a keypair on startup, so we have a stable fingerprint in the future 82 82 - - done 83 83 - 84 84 - ***** pairing 85 85 - in this mode, there is syncing to a named realm, but not necessarily server resources consumed 86 86 - we don't need an email, since the server is just doing signalling and peer management 87 87 - 88 88 - - generate an invite from an existing verified peer 89 89 - - ~{ realm:, not_before:, not_after:, inviter: peer.public_key }~ 90 90 - - sign that invitation from the existing verified peer 91 91 - 92 92 - - standalone -> paired 93 93 - - get the invitation somehow (QR code?) 94 94 - - sign an invite exchange with the standalone's public key 95 95 - - send to server 96 96 - - server verifies the invite 97 97 - - adds the new public key to the peer list and publishes downstream 98 98 - 99 99 - ***** server backup 100 100 - in this mode, there is syncing to a named realm by email. 101 101 - 102 102 - goal of server backup mode is that we can go from email->fully working client with latest data without having to have any clients left around that could participate in the sync. 103 103 - 104 104 - - generate a keypair on startup 105 105 - - sign a registration message sent to the server 106 106 - - send a verification email 107 107 - - if email/realm already exists, this is authorization 108 108 - - if not, it's email validation 109 109 - - server starts a realm and associates the public key 110 110 - - server acts as a peer for the realm, and stores private data 111 111 - 112 112 - - since dexie is publishing change sets, we should be able to just store deltas 113 113 - - but we'll need to store _all_ deltas, unless we're materializing on the server side too 114 114 - - should we use an indexdb shim so we can import/export from the server for clean start? 115 115 - - how much materialization does the server need? 116 116 - 117 117 - * ai instructions 118 118 - - when writing to the devlog, add tags to your entries specifying ~:ai:~ and what tool did it. 119 119 - - false starts and prototypes are in ~./devlog/~ 120 120 - 121 121 - * notes and decision record [1/11] 122 122 - ** architecture design (may 28-29) :ai:claude: 123 123 - 124 124 - details notes are in [[./devlog/may-29.org]] 125 125 - key decisions and system design: 126 126 - 127 127 - *** sync model 128 128 - - device-specific records for playback state/queues to avoid conflicts 129 129 - - content-addressed server cache with deduplication 130 130 - - dual-JWT invitation flow for secure realm joining 131 131 - 132 132 - *** data structures 133 133 - - tag-based filtering system instead of rigid hierarchies 134 134 - - regex patterns for episode title parsing and organization 135 135 - - service worker caching with background download support 136 136 - 137 137 - *** core schemas 138 138 - **** client (dexie) 139 139 - - Channel/ChannelEntry for RSS feeds and episodes 140 140 - - PlayRecord/QueueItem scoped by deviceId 141 141 - - FilterView for virtual feed organization 142 142 - 143 143 - **** server (drizzle) 144 144 - - ContentStore for deduplicated content by hash 145 145 - - Realm/PeerConnection for sync authorization 146 146 - - HttpCache with health tracking and TTL 147 147 - 148 148 - *** push sync strategy 149 149 - - revision-based sync (just send revision ranges in push notifications) 150 150 - - background fetch API for large downloads where supported 151 151 - - graceful degradation to reactive caching 152 152 - 153 153 - *** research todos :ai:claude: 154 154 - 155 155 - **** sync and data management 156 156 - ***** DONE identity and signature management 157 157 - ***** TODO dexie sync capabilities vs rxdb for multi-device sync implementation 158 158 - ***** TODO webrtc p2p sync implementation patterns and reliability 159 159 - ***** TODO conflict resolution strategies for device-specific data in distributed sync 160 160 - ***** TODO content-addressed deduplication algorithms for rss/podcast content 161 161 - **** client-side storage and caching 162 162 - ***** TODO opfs storage limits and cleanup strategies for client-side caching 163 163 - ***** TODO practical background fetch api limits and edge cases for podcast downloads 164 164 - **** automation and intelligence 165 165 - ***** TODO llm-based regex generation for episode title parsing automation 166 166 - ***** TODO push notification subscription management and realm authentication 167 167 - **** platform and browser capabilities 168 168 - ***** TODO browser audio api capabilities for podcast-specific features (speed, silence skip) 169 169 - ***** TODO progressive web app installation and platform-specific behaviors 170 170 - 171 171 - # Local Variables: 172 172 - # org-hierarchical-todo-statistics: nil 173 173 - # org-checkbox-hierarchical-statistics: nil 174 174 - # End: 175 175 - 176 176 - ** <2025-05-28 Wed> 177 177 - getting everything setup 178 178 - 179 179 - the biggest open question I have is what sort of privacy/encryption guarantee I need. I want the server to be able to do things like cache and store feed data long-term. 180 180 - 181 181 - Is "if you want full privacy, self-host" valid? 182 182 - 183 183 - *** possibilities 184 184 - 185 185 - - fully PWA 186 186 - - CON: cors, which would require a proxy anyway 187 187 - - CON: audio analysis, llm based stuff for categorization, etc. won't work 188 188 - - PRO: private as all get out 189 189 - - can still do WebRTC p2p sync for resiliancy 190 190 - - can still do server backups, if sync stream is encrypted, but no compaction would be available 191 191 - - could do _explicit_ server backups as dump files 192 192 - 193 193 - - self hostable 194 194 - - PRO: can do bunches of private stuff on the server, because if you don't want me to see it, do it elsewhere 195 195 - - CON: hard for folk to use 196 196 - 197 197 - *** brainstorm :ai:claude: 198 198 - **** sync conflict resolution design discussion :ai:claude: 199 199 - 200 200 - discussed the sync architecture and dexie conflict handling: 201 201 - 202 202 - *dexie syncable limitations*: 203 203 - - logical clocks handle causally-related changes well 204 204 - - basic timestamp-based conflict resolution for concurrent updates 205 205 - - last-writer-wins for same field conflicts 206 206 - - no sophisticated CRDT or vector clock support 207 207 - 208 208 - *solutions for podcast-specific conflicts*: 209 209 - 210 210 - - play records: device-specific approach 211 211 - - store separate ~play_records~ per ~device_id~ 212 212 - - each record: ~{ episode_id, device_id, position, completed, timestamp }~ 213 213 - - UI handles conflict resolution with "continue from X device?" prompts 214 214 - - avoids arbitrary timestamp wins, gives users control 215 215 - 216 216 - - subscription trees 217 217 - - store ~parent_path~ as single string field ("/Tech/Programming") 218 218 - - simpler than managing folder membership tables 219 219 - - conflicts still possible but contained to single field 220 220 - - could store move operations as events for richer resolution 221 221 - 222 222 - *other sync considerations*: 223 223 - - settings/preferences: distinguish device-local vs global 224 224 - - bulk operations: "mark all played" can create duplicate operations 225 225 - - metadata updates: server RSS updates vs local renames 226 226 - - temporal ordering: recently played lists, queue reordering 227 227 - - storage limits: cleanup operations conflicting across devices 228 228 - - feed state: refresh timestamps, error states 229 229 - 230 230 - *approach*: prefer "events not state" pattern and device-specific records where semantic conflicts are likely 231 231 - 232 232 - **** data model brainstorm :ai:claude: 233 233 - 234 234 - core entities designed with sync in mind: 235 235 - 236 236 - ***** ~Feed~ :: RSS/podcast subscription 237 237 - - ~parent_path~ field for folder structure (eg. ~/Tech/Programming~) 238 238 - - ~is_private~ flag to skip server proxy 239 239 - - ~refresh_interval~ for custom update frequencies 240 240 - 241 241 - ***** ~Episode~ :: individual podcast episodes 242 242 - - standard RSS metadata (guid, title, description, media url) 243 243 - - duration and file info for playback 244 244 - 245 245 - ***** ~PlayRecord~ :: device-specific playback state 246 246 - - separate record per ~device_id~ to avoid timestamp conflicts 247 247 - - position, completed status, playback speed 248 248 - - UI can prompt "continue from X device?" for resolution 249 249 - 250 250 - ***** ~QueueItem~ :: device-specific episode queue 251 251 - - ordered list with position field 252 252 - - ~device_id~ scoped to avoid queue conflicts 253 253 - 254 254 - ***** ~Subscription~ :: feed membership settings 255 255 - - can be global or device-specific 256 256 - - auto-download preferences per device 257 257 - 258 258 - ***** ~Settings~ :: split global vs device-local 259 259 - - theme, default speed = global 260 260 - - download path, audio device = device-local 261 261 - 262 262 - ***** Event tables for complex operations: 263 263 - - ~FeedMoveEvent~ for folder reorganization 264 264 - - ~BulkMarkPlayedEvent~ for "mark all read" operations 265 265 - - better conflict resolution than direct state updates 266 266 - 267 267 - ***** sync considerations 268 268 - - device identity established on first run 269 269 - - dexie syncable handles basic timestamp conflicts 270 270 - - prefer device-scoped records for semantic conflicts 271 271 - - event-driven pattern for bulk operations 272 272 - 273 273 - **** schema evolution from previous iteration :ai:claude: 274 274 - 275 275 - reviewed existing schema from tmp/feed.ts - well designed foundation: 276 276 - 277 277 - ***** keep from original 278 278 - - Channel/ChannelEntry naming and structure 279 279 - - ~refreshHP~ adaptive refresh system (much better than simple intervals) 280 280 - - rich podcast metadata (people, tags, enclosure, podcast object) 281 281 - - HTTP caching with etag/status tracking 282 282 - - epoch millisecond timestamps 283 283 - - ~hashId()~ approach for entry IDs 284 284 - 285 285 - ***** add for multi-device sync 286 286 - - ~PlayState~ table (device-scoped position/completion) 287 287 - - Subscription table (with ~parentPath~ for folders, device-scoped settings) 288 288 - - ~QueueItem~ table (device-scoped episode queues) 289 289 - - Device table (identity management) 290 290 - 291 291 - ***** migration considerations 292 292 - - existing Channel/ChannelEntry can be preserved 293 293 - - new tables are additive 294 294 - - ~fetchAndUpsert~ method works well with server proxy architecture 295 295 - - dexie sync vs rxdb - need to evaluate change tracking capabilities 296 296 - 297 297 - **** content-addressed caching for offline resilience :ai:claude: 298 298 - 299 299 - designed caching system for when upstream feeds fail/disappear, building on existing cache-schema.ts: 300 300 - 301 301 - ***** server-side schema evolution (drizzle sqlite): 302 302 - - keep existing ~httpCacheTable~ design (health tracking, http headers, ttl) 303 303 - - add ~contentHash~ field pointing to deduplicated content 304 304 - - new ~contentStoreTable~: deduplicated blobs by sha256 hash 305 305 - - new ~contentHistoryTable~: url -> contentHash timeline with isLatest flag 306 306 - - reference counting for garbage collection 307 307 - 308 308 - ***** client-side OPFS storage 309 309 - - ~/cache/content/{contentHash}.xml~ for raw feeds 310 310 - - ~/cache/media/{contentHash}.mp3~ for podcast episodes 311 311 - - ~LocalCacheEntry~ metadata tracks expiration and offline-only flags 312 312 - - maintains last N versions per feed for historical access 313 313 - 314 314 - ***** fetch strategy & fallback 315 315 - 1. check local OPFS cache first (fastest) 316 316 - 2. try server proxy ~/api/feed?url={feedUrl}~ (deduplicated) 317 317 - 3. server checks ~contentHistory~, serves latest or fetches upstream 318 318 - 4. server returns ~{contentHash, content, cached: boolean}~ 319 319 - 5. client stores with content hash as filename 320 320 - 6. emergency mode: serve stale content when upstream fails 321 321 - 322 322 - - preserves existing health tracking and HTTP caching logic 323 323 - - popular feeds cached once on server, many clients benefit 324 324 - - bandwidth savings via content hash comparison 325 325 - - historical feed state preservation (feeds disappear!) 326 326 - - true offline operation after initial sync 327 327 - 328 328 - ** <2025-05-29 Thu> :ai:claude: 329 329 - e2e encryption and invitation flow design 330 330 - 331 331 - worked through the crypto and invitation architecture. key decisions: 332 332 - 333 333 - *** keypair strategy 334 334 - - use jwk format for interoperability (server stores public keys) 335 335 - - ed25519 for signing, separate x25519 for encryption if needed 336 336 - - zustand lazy initialization pattern: ~ensureKeypair()~ on first use 337 337 - - store private jwk in persisted zustand state 338 338 - 339 339 - *** invitation flow: dual-jwt approach 340 340 - solved the chicken-and-egg problem of sharing encryption keys securely. 341 341 - 342 342 - **** qr code contains two signed jwts: 343 343 - 1. invitation token: ~{iss: inviter_fingerprint, sub: invitation_id, purpose: "realm_invite"}~ 344 344 - 2. encryption key token: ~{iss: inviter_fingerprint, ephemeral_private: base64_key, purpose: "ephemeral_key"}~ 345 345 - 346 346 - **** exchange process: 347 347 - 1. invitee posts jwt1 + their public keys to ~/invitations~ 348 348 - 2. server verifies jwt1 signature against realm members 349 349 - 3. if valid: adds invitee to realm, returns ~{realm_id, realm_members, encrypted_realm_key}~ 350 350 - 4. invitee verifies jwt2 signature against returned realm members 351 351 - 5. invitee extracts ephemeral private key, decrypts realm encryption key 352 352 - 353 353 - **** security properties: 354 354 - - server never has decryption capability (missing ephemeral private key) 355 355 - - both jwts must be signed by verified realm member 356 356 - - if first exchange fails, second jwt is cryptographically worthless 357 357 - - atomic operation: identity added only if invitation valid 358 358 - - built-in expiration and tamper detection via jwt standard 359 359 - 360 360 - **** considered alternatives: 361 361 - - raw ephemeral keys in qr: simpler but no authenticity 362 362 - - ecdh key agreement: chicken-and-egg problem with public key exchange 363 363 - - server escrow: good but missing authentication layer 364 364 - - password-based: requires secure out-of-band sharing 365 365 - 366 366 - the dual-jwt approach provides proper authenticated invitations while maintaining e2e encryption properties. 367 367 - 368 368 - **** refined dual-jwt with ephemeral signing 369 369 - simplified the approach by using ephemeral key for second jwt signature: 370 370 - 371 371 - **setup**: 372 372 - 1. inviter generates ephemeral keypair 373 373 - 2. encrypts realm key with ephemeral private key 374 374 - 3. posts to server: ~{invitation_id, realm_id, ephemeral_public, encrypted_realm_key}~ 375 375 - 376 376 - **qr code contains**: 377 377 - #+BEGIN_SRC json 378 378 - // JWT 1: signed with inviter's realm signing key 379 379 - { 380 380 - "realm_id": "uuid", 381 381 - "invitation_id": "uuid", 382 382 - "iss": "inviter_fingerprint" 383 383 - } 384 384 - 385 385 - // JWT 2: signed with ephemeral private key 386 386 - { 387 387 - "ephemeral_private": "base64_key", 388 388 - "invitation_id": "uuid" 389 389 - } 390 390 - #+END_SRC 391 391 - 392 392 - **exchange flow**: 393 393 - 1. submit jwt1 → server verifies against realm members → returns ~{invitation_id, realm_id, ephemeral_public, encrypted_realm_key}~ 394 394 - 2. verify jwt2 signature using ~ephemeral_public~ from server response 395 395 - 3. extract ~ephemeral_private~ from jwt2, decrypt realm key 396 396 - 397 397 - **benefits over previous version**: 398 398 - - no premature key disclosure (invitee keys shared via normal webrtc peering) 399 399 - - self-contained verification (ephemeral public key verifies jwt2) 400 400 - - cleaner separation of realm auth vs encryption key distribution 401 401 - - simpler flow (no need to return realm member list) 402 402 - 403 403 - **crypto verification principle**: digital signatures work as sign-with-private/verify-with-public, while encryption works as encrypt-with-public/decrypt-with-private. jwt2 verification uses signature verification, not decryption. 404 404 - 405 405 - **invitation flow diagram**: 406 406 - #+BEGIN_SRC mermaid 407 407 - sequenceDiagram 408 408 - participant I as Inviter 409 409 - participant S as Server 410 410 - participant E as Invitee 411 411 - 412 412 - Note over I: Generate ephemeral keypair 413 413 - I->>I: ephemeral_private, ephemeral_public 414 414 - 415 415 - Note over I: Encrypt realm key 416 416 - I->>I: encrypted_realm_key = encrypt(realm_key, ephemeral_private) 417 417 - 418 418 - I->>S: POST /invitations<br/>{invitation_id, realm_id, ephemeral_public, encrypted_realm_key} 419 419 - S-->>I: OK 420 420 - 421 421 - Note over I: Create JWTs for QR code 422 422 - I->>I: jwt1 = sign({realm_id, invitation_id}, inviter_private) 423 423 - I->>I: jwt2 = sign({ephemeral_private, invitation_id}, ephemeral_private) 424 424 - 425 425 - Note over I,E: QR code contains [jwt1, jwt2] 426 426 - 427 427 - E->>S: POST /invitations/exchange<br/>{jwt1} 428 428 - Note over S: Verify jwt1 signature<br/>against realm members 429 429 - S-->>E: {invitation_id, realm_id, ephemeral_public, encrypted_realm_key} 430 430 - 431 431 - Note over E: Verify jwt2 signature<br/>using ephemeral_public 432 432 - E->>E: verify_signature(jwt2, ephemeral_public) 433 433 - 434 434 - Note over E: Extract key and decrypt 435 435 - E->>E: ephemeral_private = decode(jwt2) 436 436 - E->>E: realm_key = decrypt(encrypted_realm_key, ephemeral_private) 437 437 - 438 438 - Note over E: Now member of realm! 439 439 - #+END_SRC 440 440 - 441 441 - **** jwk keypair generation and validation :ai:claude: 442 442 - 443 443 - discussed jwk vs raw crypto.subtle for keypair storage. since public keys need server storage for realm authorization, jwk is better for interoperability. 444 444 - 445 445 - **keypair generation**: 446 446 - #+BEGIN_SRC typescript 447 447 - const keypair = await crypto.subtle.generateKey( 448 448 - { name: "Ed25519" }, 449 449 - true, 450 450 - ["sign", "verify"] 451 451 - ); 452 452 - 453 453 - const publicJWK = await crypto.subtle.exportKey("jwk", keypair.publicKey); 454 454 - const privateJWK = await crypto.subtle.exportKey("jwk", keypair.privateKey); 455 455 - 456 456 - // JWK format: 457 457 - { 458 458 - "kty": "OKP", 459 459 - "crv": "Ed25519", 460 460 - "x": "base64url-encoded-public-key", 461 461 - "d": "base64url-encoded-private-key" // only in private JWK 462 462 - } 463 463 - #+END_SRC 464 464 - 465 465 - **client validation**: 466 466 - #+BEGIN_SRC typescript 467 467 - function isValidEd25519PublicJWK(jwk: any): boolean { 468 468 - return ( 469 469 - typeof jwk === 'object' && 470 470 - jwk.kty === 'OKP' && 471 471 - jwk.crv === 'Ed25519' && 472 472 - typeof jwk.x === 'string' && 473 473 - jwk.x.length === 43 && // base64url Ed25519 public key length 474 474 - !jwk.d && // public key shouldn't have private component 475 475 - !jwk.use || jwk.use === 'sig' 476 476 - ); 477 477 - } 478 478 - 479 479 - async function validatePublicKey(publicJWK: JsonWebKey): Promise<CryptoKey | null> { 480 480 - try { 481 481 - if (!isValidEd25519PublicJWK(publicJWK)) return null; 482 482 - 483 483 - const key = await crypto.subtle.importKey( 484 484 - 'jwk', 485 485 - publicJWK, 486 486 - { name: 'Ed25519' }, 487 487 - false, 488 488 - ['verify'] 489 489 - ); 490 490 - 491 491 - return key; 492 492 - } catch { 493 493 - return null; 494 494 - } 495 495 - } 496 496 - #+END_SRC 497 497 - 498 498 - **server validation (node.js)**: 499 499 - #+BEGIN_SRC typescript 500 500 - import { webcrypto } from 'node:crypto'; 501 501 - 502 502 - async function validateClientPublicKey(publicJWK: JsonWebKey): Promise<boolean> { 503 503 - try { 504 504 - if (!isValidEd25519PublicJWK(publicJWK)) return false; 505 505 - 506 506 - await webcrypto.subtle.importKey( 507 507 - 'jwk', 508 508 - publicJWK, 509 509 - { name: 'Ed25519' }, 510 510 - false, 511 511 - ['verify'] 512 512 - ); 513 513 - 514 514 - return true; 515 515 - } catch { 516 516 - return false; 517 517 - } 518 518 - } 519 519 - #+END_SRC 520 520 - 521 521 - **authentication flow**: 522 522 - #+BEGIN_SRC typescript 523 523 - // client signs message 524 524 - const authMessage = { 525 525 - realm: 'uuid-here', 526 526 - timestamp: Date.now(), 527 527 - action: 'join' 528 528 - }; 529 529 - 530 530 - const signature = await crypto.subtle.sign( 531 531 - 'Ed25519', 532 532 - privateKey, 533 533 - new TextEncoder().encode(JSON.stringify(authMessage)) 534 534 - ); 535 535 - 536 536 - // server verifies 537 537 - async function verifyAuth(req: AuthRequest): Promise<boolean> { 538 538 - const publicKey = await webcrypto.subtle.importKey( 539 539 - 'jwk', 540 540 - req.publicKey, 541 541 - { name: 'Ed25519' }, 542 542 - false, 543 543 - ['verify'] 544 544 - ); 545 545 - 546 546 - const messageBytes = new TextEncoder().encode(JSON.stringify(req.message)); 547 547 - const signatureBytes = new Uint8Array(req.signature); 548 548 - 549 549 - return await webcrypto.subtle.verify( 550 550 - 'Ed25519', 551 551 - publicKey, 552 552 - signatureBytes, 553 553 - messageBytes 554 554 - ); 555 555 - } 556 556 - #+END_SRC 557 557 - 558 558 - **** proposed schemas :ai:claude: 559 559 - 560 560 - ***** client-side schema (dexie) 561 561 - 562 562 - #+BEGIN_SRC typescript 563 563 - // Core RSS/Podcast data (from your existing design) 564 564 - interface Channel { 565 565 - id: string; 566 566 - feedUrl: string; 567 567 - htmlUrl?: string; 568 568 - imageUrl?: string; 569 569 - title?: string; 570 570 - description?: string; 571 571 - language?: string; 572 572 - people?: Record<string, string>; 573 573 - tags?: string[]; 574 574 - 575 575 - // Refresh management 576 576 - refreshHP: number; 577 577 - nextRefreshAt?: number; 578 578 - lastRefreshAt?: number; 579 579 - lastRefreshStatus?: string; 580 580 - lastRefreshHttpStatus?: number; 581 581 - lastRefreshHttpEtag?: string; 582 582 - 583 583 - // Cache info 584 584 - contentHash?: string; 585 585 - lastFetchedAt?: number; 586 586 - } 587 587 - 588 588 - interface ChannelEntry { 589 589 - id: string; 590 590 - channelId: string; 591 591 - guid: string; 592 592 - title: string; 593 593 - linkUrl?: string; 594 594 - imageUrl?: string; 595 595 - snippet?: string; 596 596 - content?: string; 597 597 - 598 598 - enclosure?: { 599 599 - url: string; 600 600 - type?: string; 601 601 - length?: number; 602 602 - }; 603 603 - 604 604 - podcast?: { 605 605 - explicit?: boolean; 606 606 - duration?: string; 607 607 - seasonNum?: number; 608 608 - episodeNum?: number; 609 609 - transcriptUrl?: string; 610 610 - }; 611 611 - 612 612 - publishedAt?: number; 613 613 - fetchedAt?: number; 614 614 - } 615 615 - 616 616 - // Device-specific sync tables 617 617 - interface PlayRecord { 618 618 - id: string; 619 619 - entryId: string; 620 620 - deviceId: string; 621 621 - position: number; 622 622 - duration?: number; 623 623 - completed: boolean; 624 624 - speed: number; 625 625 - updatedAt: number; 626 626 - } 627 627 - 628 628 - interface Subscription { 629 629 - id: string; 630 630 - channelId: string; 631 631 - deviceId?: string; 632 632 - parentPath: string; // "/Tech/Programming" 633 633 - autoDownload: boolean; 634 634 - downloadLimit?: number; 635 635 - isActive: boolean; 636 636 - createdAt: number; 637 637 - updatedAt: number; 638 638 - } 639 639 - 640 640 - interface QueueItem { 641 641 - id: string; 642 642 - entryId: string; 643 643 - deviceId: string; 644 644 - position: number; 645 645 - addedAt: number; 646 646 - } 647 647 - 648 648 - interface Device { 649 649 - id: string; 650 650 - name: string; 651 651 - platform: string; 652 652 - lastSeen: number; 653 653 - } 654 654 - 655 655 - // Local cache metadata 656 656 - interface LocalCache { 657 657 - id: string; 658 658 - url: string; 659 659 - contentHash: string; 660 660 - filePath: string; // OPFS path 661 661 - cachedAt: number; 662 662 - expiresAt?: number; 663 663 - size: number; 664 664 - isOfflineOnly: boolean; 665 665 - } 666 666 - 667 667 - // Dexie schema 668 668 - const db = new Dexie('SkypodDB'); 669 669 - db.version(1).stores({ 670 670 - channels: '&id, feedUrl, contentHash', 671 671 - channelEntries: '&id, channelId, publishedAt', 672 672 - playRecords: '&id, [entryId+deviceId], deviceId, updatedAt', 673 673 - subscriptions: '&id, channelId, deviceId, parentPath', 674 674 - queueItems: '&id, entryId, deviceId, position', 675 675 - devices: '&id, lastSeen', 676 676 - localCache: '&id, url, contentHash, expiresAt' 677 677 - }); 678 678 - #+END_SRC 4 4 + * concepts [0/4] 679 5 680 680 - ***** server-side schema 6 6 + the skypod architecture is broken into pieces: 681 7 682 682 - #+BEGIN_SRC typescript 683 683 - // Content-addressed cache 684 684 - interface ContentStore { 685 685 - contentHash: string; // Primary key 686 686 - content: Buffer; // Raw feed content 687 687 - contentType: string; 688 688 - contentLength: number; 689 689 - firstSeenAt: number; 690 690 - referenceCount: number; 691 691 - } 8 8 + ** p2p with realms 692 9 693 693 - interface ContentHistory { 694 694 - id: string; 695 695 - url: string; 696 696 - contentHash: string; 697 697 - fetchedAt: number; 698 698 - isLatest: boolean; 699 699 - } 10 10 + In order to sync device and playback state, we need to have devices communicate with each 11 11 + other, which requires a signaling server, for peer discovery at the very least. 700 12 701 701 - // HTTP cache with health tracking (from your existing design) 702 702 - interface HttpCache { 703 703 - key: string; // URL hash, primary key 704 704 - url: string; 13 13 + *** realm 705 14 706 706 - status: 'alive' | 'dead'; 707 707 - lastFetchedAt: number; 708 708 - lastFetchError?: string; 709 709 - lastFetchErrorStreak: number; 15 15 + A realm is a collection of known identities, verified with signed JWTs, where those 16 16 + identities can communicate outside of the server's purview. 710 17 711 711 - lastHttpStatus: number; 712 712 - lastHttpEtag?: string; 713 713 - lastHttpHeaders: Record<string, string>; 714 714 - expiresAt: number; 715 715 - expirationTtl: number; 18 18 + A realm is not publicly routable; to gain access, one must have the realm id and an 19 19 + invitation to the realm from an already existing member; new realms are created on 20 20 + demand with a random realmid supplied by the client. 716 21 717 717 - contentHash: string; // Points to ContentStore 718 718 - } 22 22 + **** realm server 719 23 720 720 - // Sync/auth tables 721 721 - interface Realm { 722 722 - id: string; // UUID 723 723 - createdAt: number; 724 724 - verifiedKeys: string[]; // Public key list 725 725 - } 24 24 + A realm at the signalling sever is only a collection of known identity public keys, and 25 25 + the currently connected sockets. 726 26 727 727 - interface PeerConnection { 728 728 - id: string; 729 729 - realmId: string; 730 730 - publicKey: string; 731 731 - lastSeen: number; 732 732 - isOnline: boolean; 733 733 - } 27 27 + It acts mostly as a smart router; socket connection, authentication, and directed and 28 28 + realm-wide broadcast. 734 29 735 735 - // Media cache for podcast episodes 736 736 - interface MediaCache { 737 737 - contentHash: string; // Primary key 738 738 - originalUrl: string; 739 739 - mimeType: string; 740 740 - fileSize: number; 741 741 - content: Buffer; 742 742 - cachedAt: number; 743 743 - accessCount: number; 744 744 - } 745 745 - #+END_SRC 30 30 + ***** TODO webrtc requirements 746 31 747 747 - **** episode title parsing for sub-feed groupings :ai:claude: 32 32 + - [ ] what needs to happen for webrtc? I think SDP messages will just flow like normal 33 33 + - checkout whatever simplepeer does 748 34 749 749 - *problem*: some podcast feeds contain multiple shows, need hierarchical organization within a feed 35 35 + **** realm client 750 36 751 751 - *example*: "Apocalypse Players" podcast 752 752 - - episode title: "A Term of Art 6 - Winston's Hollow" 753 753 - - desired grouping: "Apocalypse Players > A Term of Art > 6 - Winston's Hollow" 754 754 - - UI shows sub-shows within the main feed 37 37 + In order to keep private data off of the server, the realm client takes on the additional 38 38 + task of maintaining a shared encyrption key for the realm, which can be used to encrypt 39 39 + data going over broadcasts. 755 40 756 756 - ***** approaches considered 41 41 + ***** TODO key exchange protocol 757 42 758 758 - 1. *manual regex patterns* (short-term solution) 759 759 - - user provides regex with capture groups = tags 760 760 - - reliable, immediate, user-controlled 761 761 - - requires manual setup per feed 43 43 + *** identity 762 44 763 763 - 2. *LLM-generated regex* (automation goal) 764 764 - - analyze last 100 episode titles 765 765 - - generate regex pattern automatically 766 766 - - good balance of automation + reliability 45 45 + Identity in the realm system is just an id and keypair. 767 46 768 768 - 3. *NER model training* (experimental) 769 769 - - train spacy model for episode title parsing 770 770 - - current prototype: 150 labelled examples, limited success 771 771 - - needs more training data to be viable 47 47 + The private key stays local to the installed device, and is used to send signed tokens 48 48 + over the wire, either to the realm server to manage authentication, or over other channels 49 49 + to other members in the realm. 772 50 773 773 - ***** data model implications 51 51 + The /public/ key is stored by all members of the realm, and the server, in order to 52 52 + perform signature validation (which is also authentication). 774 53 775 775 - - add regex pattern field to Channel/Feed 776 776 - - store extracted groupings as hierarchical tags on ~ChannelEntry~ 777 777 - - maybe add grouping/series field to episodes 54 54 + **** browser private key storage 778 55 779 779 - ***** plan 56 56 + There is no good way to store private keys in a browser, but there are less bad ways. 780 57 781 781 - *preference*: start with manual regex, evolve toward LLM automation 58 58 + - private keys are ~CryptoKey~ objects, with ~{ exportable: false }~ 59 59 + - WebCrypto native ~CryptoKey~ are structured clonable, which means they can get saved to indexeddb 782 60 783 783 - *implementation design*: 784 784 - - if no title pattern: episodes are direct children of the feed 785 785 - - title pattern = regex with named capture groups + path template 61 61 + At the end of the day this is a podcast app. 786 62 787 787 - *example configuration*: 788 788 - - regex: ~^(?<series>[^0-9]+)\s*(?<episode>\d+)\s*-\s*(?<title>.+)$~ 789 789 - - path template: ~{series} > Episode {episode} - {title}~ 790 790 - - result: "A Term of Art 6 - Winston's Hollow" → "A Term of Art > Episode 6 - Winston's Hollow" 63 63 + ***** TODO are there other ways to do this? 791 64 792 792 - *schema additions*: 793 793 - #+BEGIN_SRC typescript 794 794 - interface Channel { 795 795 - // ... existing fields 796 796 - titlePatterns?: Array<{ 797 797 - name: string; // "Main Episodes", "Bonus Content", etc. 798 798 - regex: string; // named capture groups 799 799 - pathTemplate: string; // interpolation template 800 800 - priority: number; // order to try patterns (lower = first) 801 801 - isActive: boolean; // can disable without deleting 802 802 - }>; 803 803 - fallbackPath?: string; // template for unmatched episodes 804 804 - } 65 65 + Could we use webauthn, or some way to use a yubikey to sign something? 805 66 806 806 - interface ChannelEntry { 807 807 - // ... existing fields 808 808 - parsedPath?: string; // computed from titlePattern 809 809 - parsedGroups?: Record<string, string>; // captured groups 810 810 - matchedPatternName?: string; // which pattern was used 811 811 - } 812 812 - #+END_SRC 67 67 + *** sync 813 68 814 814 - *pattern matching logic*: 815 815 - 1. try patterns in priority order (lower number = higher priority) 816 816 - 2. first matching pattern wins 817 817 - 3. if no patterns match, use fallbackPath template (e.g., "Misc > {title}") 818 818 - 4. if no fallbackPath, episode stays direct child of feed 69 69 + Once a device has authenticated to the realm server over a websocket connection, it can 70 70 + send and broadcast any message it likes to the other online of the realm, via the websocket 71 71 + announcement channel. 819 72 820 820 - *example multi-pattern setup*: 821 821 - - Pattern 1: "Main Episodes" - ~^(?<series>[^0-9]+)\s*(?<episode>\d+)~ → ~{series} > Episode {episode}~ 822 822 - - Pattern 2: "Bonus Content" - ~^Bonus:\s*(?<title>.+)~ → ~Bonus > {title}~ 823 823 - - Fallback: ~Misc > {title}~ 73 73 + This sets it up to be used as a signaling server for WebRTC, allowing realm devices to 74 74 + communicate p2p without a dependency on the realm server outside of authentication and 75 75 + signaling. 824 76 825 825 - **** scoped tags and filter-based UI evolution :ai:claude: 77 77 + ** feed proxy server 826 78 827 827 - *generalization*: move from rigid hierarchies to tag-based filtering system 79 79 + Due to ~CORS~, we'll need to help clients fetch the contents of feeds by running a caching 80 80 + proxy server for various HTTP requests. 828 81 829 829 - *tag scoping*: 830 830 - - feed-level tags: "Tech", "Gaming", "D&D" 831 831 - - episode-level tags: from regex captures like "series:CriticalRole", "campaign:2", "type:main" 832 832 - - user tags: manual additions like "favorites", "todo" 833 833 - 834 834 - *UI as tag filtering*: 835 835 - - default view: all episodes grouped by feed 836 836 - - filter by ~series:CriticalRole~ → shows only CR episodes across all feeds 837 837 - - filter by ~type:bonus~ → shows bonus content from all podcasts 838 838 - - combine filters: ~series:CriticalRole AND type:main~ → main CR episodes only 839 839 - 840 840 - *benefits*: 841 841 - - no rigid hierarchy - users create their own views 842 842 - - regex patterns become automated episode taggers 843 843 - - same filtering system works for search, organization, queues 844 844 - - tags are syncable metadata, views are client-side 845 845 - 846 846 - *schema evolution*: 847 847 - #+BEGIN_SRC typescript 848 848 - interface Tag { 849 849 - scope: 'feed' | 'episode' | 'user'; 850 850 - key: string; // "series", "type", "campaign" 851 851 - value: string; // "CriticalRole", "bonus", "2" 852 852 - } 853 853 - 854 854 - interface ChannelEntry { 855 855 - // ... existing 856 856 - tags: Tag[]; // includes regex-generated + manual 857 857 - } 858 858 - 859 859 - interface FilterView { 860 860 - id: string; 861 861 - name: string; 862 862 - folderPath: string; // "/Channels/Critical Role" 863 863 - filters: Array<{ 864 864 - key: string; 865 865 - value: string; 866 866 - operator: 'equals' | 'contains' | 'not'; 867 867 - }>; 868 868 - isDefault: boolean; 869 869 - createdAt: number; 870 870 - } 871 871 - #+END_SRC 872 872 - 873 873 - **** default UI construction and feed merging :ai:claude: 874 874 - 875 875 - *auto-generated views on subscribe*: 876 876 - - subscribe to "Critical Role" → creates ~/Channels/Critical Role~ folder 877 877 - - default filter view: ~feed:CriticalRole~ (shows all episodes from that feed) 878 878 - - user can customize, split into sub-views, or delete 879 879 - 880 880 - *smart view suggestions*: 881 881 - - after regex patterns generate tags, suggest splitting views 882 882 - - "I noticed episodes with ~series:Campaign2~ and ~series:Campaign3~ - create separate views?" 883 883 - - "Create view for ~type:bonus~ episodes?" 884 884 - 885 885 - *view management UX*: 886 886 - - right-click feed → "Split by series", "Split by type" 887 887 - - drag episodes between views to create manual filters 888 888 - - views can be nested: ~/Channels/Critical Role/Campaign 2/Main Episodes~ 889 889 - 890 890 - *feed merging for multi-source shows*: 891 891 - problem: patreon feed + main show feed for same podcast 892 892 - 893 893 - #+BEGIN_EXAMPLE 894 894 - /Channels/ 895 895 - Critical Role/ 896 896 - All Episodes # merged view: feed:CriticalRole OR feed:CriticalRolePatreon 897 897 - Main Feed # filter: feed:CriticalRole 898 898 - Patreon Feed # filter: feed:CriticalRolePatreon 899 899 - #+END_EXAMPLE 900 900 - 901 901 - *deduplication strategy*: 902 902 - - episodes matched by ~guid~ or similar content hash 903 903 - - duplicate episodes get ~source:main,patreon~ tags 904 904 - - UI shows single episode with source indicators 905 905 - - user can choose preferred source for playback 906 906 - - play state syncs across all sources of same episode 82 82 + - help bypass ~CORS~ restrictions, so clients can access the content of the response 83 83 + - cache feeds, especially with regards to running transformations 84 84 + - perform transformations on responses: 85 85 + - text feeds: reader mode, detect reading time 86 86 + - podcast feeds: extract episode metadata, audio analysis for silence skips, etc 87 87 + - all feeds: extract title tags, etc. 907 88 908 908 - *feed relationship schema*: 909 909 - #+BEGIN_SRC typescript 910 910 - interface FeedGroup { 911 911 - id: string; 912 912 - name: string; // "Critical Role" 913 913 - feedIds: string[]; // [mainFeedId, patreonFeedId] 914 914 - mergeStrategy: 'guid' | 'title' | 'contentHash'; 915 915 - defaultView: FilterView; 916 916 - } 89 89 + *** TODO open question: is the client able to not use the proxy? 917 90 918 918 - interface ChannelEntry { 919 919 - // ... existing 920 920 - duplicateOf?: string; // points to canonical episode ID 921 921 - sources: string[]; // feed IDs where this episode appears 922 922 - } 923 923 - #+END_SRC 91 91 + I'm not sure yet if we want the PWA to be able to pull feeds directly when the server 92 92 + isn't present. It would be much easier to keep it around, but 924 93 925 925 - **per-view settings and state**: 926 926 - each filter view acts like a virtual feed with its own: 927 927 - - unread counts (episodes matching filter that haven't been played) 928 928 - - notification settings (notify for new episodes in this view) 929 929 - - muted state (hide notifications, mark as read automatically) 930 930 - - auto-download preferences (download episodes that match this filter) 931 931 - - play queue integration (add new episodes to queue) 94 94 + ** feed management 932 95 933 933 - **use cases**: 934 934 - - mute "Bonus Content" view but keep notifications for main episodes 935 935 - - auto-download only "Campaign 2" episodes, skip everything else 936 936 - - separate unread counts: "5 unread in Main Episodes, 2 in Bonus" 937 937 - - queue only certain series automatically 96 96 + With a solid p2p WebRTC connection, we can use something like ~dexie~ or ~rxdb~ to get a 97 97 + synced document database that we use to manage feeds. 938 98 939 939 - **schema additions**: 940 940 - #+BEGIN_SRC typescript 941 941 - interface FilterView { 942 942 - // ... existing fields 943 943 - settings: { 944 944 - notificationsEnabled: boolean; 945 945 - isMuted: boolean; 946 946 - autoDownload: boolean; 947 947 - autoQueue: boolean; 948 948 - downloadLimit?: number; // max episodes to keep 949 949 - }; 950 950 - state: { 951 951 - unreadCount: number; 952 952 - lastViewedAt?: number; 953 953 - isCollapsed: boolean; // in sidebar 954 954 - }; 955 955 - } 956 956 - #+END_SRC 99 99 + * flow 957 100 958 958 - *inheritance behavior*: 959 959 - - new filter views inherit settings from parent feed/group 960 960 - - user can override per-view 961 961 - - "mute all Critical Role" vs "mute only bonus episodes" 101 101 + - user goes to https://skypod.accidental.cc 102 102 + - pwa runs, prompts to do full install for storage and offline 103 103 + - pwa is installed, sets up caches 962 104 963 963 - **** client-side episode caching strategy :ai:claude: 105 105 + - first run 106 106 + - identity is generated (id + keypair per device) 107 107 + - do you want to sync to an existing install? 108 108 + - if yes, go to invitee flow 109 109 + - otherwise, new realm is generated and registered 110 110 + - pubkey and id get stored in the realm, to make future sync easier 964 111 965 965 - *architecture*: service worker-based transparent caching 112 112 + - subsequent runs 113 113 + - identity already exists, so we just go about our day 966 114 967 967 - *flow*: 968 968 - 1. audio player requests ~/audio?url={episodeUrl}~ 969 969 - 2. service worker intercepts request 970 970 - 3. if present in cache (with Range header support): 971 971 - - serve from cache 972 972 - 4. else: 973 973 - - let request continue to server (immediate playback) 974 974 - - simultaneously start background fetch of full audio file 975 975 - - when complete, broadcast "episode-cached" event 976 976 - - audio player catches event and restarts feed → now uses cached version 977 977 - 978 978 - **benefits**: 979 979 - - no playback interruption (streaming starts immediately) 980 980 - - seamless transition to cached version 981 981 - - Range header support for seeking/scrubbing 982 982 - - transparent to audio player implementation 983 983 - 984 984 - *implementation considerations*: 985 985 - - cache storage limits and cleanup policies 986 986 - - partial download resumption if interrupted 987 987 - - cache invalidation when episode URLs change 988 988 - - offline playback support 989 989 - - progress tracking for background downloads 990 990 - 991 991 - **schema additions**: 992 992 - #+BEGIN_SRC typescript 993 993 - interface CachedEpisode { 994 994 - episodeId: string; 995 995 - originalUrl: string; 996 996 - cacheKey: string; // for cache API 997 997 - fileSize: number; 998 998 - cachedAt: number; 999 999 - lastAccessedAt: number; 1000 1000 - downloadProgress?: number; // 0-100 for in-progress downloads 1001 1001 - } 1002 1002 - #+END_SRC 1003 1003 - 1004 1004 - **service worker events**: 1005 1005 - - ~episode-cache-started~ - background download began 1006 1006 - - ~episode-cache-progress~ - download progress update 1007 1007 - - ~episode-cache-complete~ - ready to switch to cached version 1008 1008 - - ~episode-cache-error~ - download failed, stay with streaming 1009 1009 - 1010 1010 - **background sync for proactive downloads**: 1011 1011 - 1012 1012 - **browser support reality**: 1013 1013 - - Background Sync API: good support (Chrome/Edge, limited Safari) 1014 1014 - - Periodic Background Sync: very limited (Chrome only, requires PWA install) 1015 1015 - - Push notifications: good support, but requires user permission 1016 1016 - 1017 1017 - **hybrid approach**: 1018 1018 - 1. **foreground sync** (reliable): when app is open, check for new episodes 1019 1019 - 2. **background sync** (opportunistic): register sync event when app closes 1020 1020 - 3. **push notifications** (fallback): server pushes "new episodes available" 1021 1021 - 4. **manual sync** (always works): pull-to-refresh, settings toggle 1022 1022 - 1023 1023 - **implementation strategy**: 1024 1024 - #+BEGIN_SRC typescript 1025 1025 - // Register background sync when app becomes hidden 1026 1026 - document.addEventListener('visibilitychange', () => { 1027 1027 - if (document.hidden && 'serviceWorker' in navigator) { 1028 1028 - navigator.serviceWorker.ready.then(registration => { 1029 1029 - return registration.sync.register('download-episodes'); 1030 1030 - }); 1031 1031 - } 1032 1032 - }); 1033 1033 - 1034 1034 - // Service worker handles sync event 1035 1035 - self.addEventListener('sync', event => { 1036 1036 - if (event.tag === 'download-episodes') { 1037 1037 - event.waitUntil(syncEpisodes()); 1038 1038 - } 1039 1039 - }); 1040 1040 - #+END_SRC 1041 1041 - 1042 1042 - **realistic expectations**: 1043 1043 - - iOS Safari: very limited background processing 1044 1044 - - Android Chrome: decent background sync support 1045 1045 - - Desktop: mostly works 1046 1046 - - battery/data saver modes: disabled by OS 1047 1047 - 1048 1048 - **fallback strategy**: rely primarily on foreground sync + push notifications, treat background sync as nice-to-have enhancement 1049 1049 - 1050 1050 - **push notification sync workflow**: 1051 1051 - 1052 1052 - **server-side trigger**: 1053 1053 - 1. server detects new episodes during RSS refresh 1054 1054 - 2. check which users are subscribed to that feed 1055 1055 - 3. send push notification with episode metadata payload 1056 1056 - 4. notification wakes up service worker on client 1057 1057 - 1058 1058 - **service worker notification handler**: 1059 1059 - #+BEGIN_SRC typescript 1060 1060 - self.addEventListener('push', event => { 1061 1061 - const data = event.data?.json(); 1062 1062 - 1063 1063 - if (data.type === 'new-episodes') { 1064 1064 - event.waitUntil( 1065 1065 - // Start background download of new episodes 1066 1066 - downloadNewEpisodes(data.episodes) 1067 1067 - .then(() => { 1068 1068 - // Show notification to user 1069 1069 - return self.registration.showNotification('New episodes available', { 1070 1070 - body: ~${data.episodes.length} new episodes downloaded~, 1071 1071 - icon: '/icon-192.png', 1072 1072 - badge: '/badge-72.png', 1073 1073 - tag: 'new-episodes', 1074 1074 - data: { episodeIds: data.episodes.map(e => e.id) } 1075 1075 - }); 1076 1076 - }) 1077 1077 - ); 1078 1078 - } 1079 1079 - }); 1080 1080 - 1081 1081 - // Handle notification click 1082 1082 - self.addEventListener('notificationclick', event => { 1083 1083 - event.notification.close(); 1084 1084 - 1085 1085 - // Open app to specific episode or feed 1086 1086 - event.waitUntil( 1087 1087 - clients.openWindow(~/episodes/${event.notification.data.episodeIds[0]}~) 1088 1088 - ); 1089 1089 - }); 1090 1090 - #+END_SRC 1091 1091 - 1092 1092 - **server push logic**: 1093 1093 - - batch notifications (don't spam for every episode) 1094 1094 - - respect user notification preferences from FilterView settings 1095 1095 - - include episode metadata in payload to avoid round-trip 1096 1096 - - throttle notifications (max 1 per feed per hour?) 1097 1097 - 1098 1098 - **user flow**: 1099 1099 - 1. new episode published → server pushes notification 1100 1100 - 2. service worker downloads episode in background 1101 1101 - 3. user sees "New episodes downloaded" notification 1102 1102 - 4. tap notification → opens app to new episode, ready to play offline 1103 1103 - 1104 1104 - *benefits*: 1105 1105 - - true background downloading without user interaction 1106 1106 - - works even when app is closed 1107 1107 - - respects per-feed notification settings 1108 1108 - 1109 1109 - **push payload size constraints**: 1110 1110 - - **limit**: ~4KB (4,096 bytes) across most services 1111 1111 - - **practical limit**: ~3KB to account for service overhead 1112 1112 - - **implications for episode metadata**: 1113 1113 - 1114 1114 - #+BEGIN_SRC json 1115 1115 - { 1116 1116 - "type": "new-episodes", 1117 1117 - "episodes": [ 1118 1118 - { 1119 1119 - "id": "ep123", 1120 1120 - "channelId": "ch456", 1121 1121 - "title": "Episode Title", 1122 1122 - "url": "https://...", 1123 1123 - "duration": 3600, 1124 1124 - "size": 89432112 1125 1125 - } 1126 1126 - ] 1127 1127 - } 1128 1128 - #+END_SRC 1129 1129 - 1130 1130 - **payload optimization strategies**: 1131 1131 - - minimal episode metadata in push (id, url, basic info) 1132 1132 - - batch multiple episodes in single notification 1133 1133 - - full episode details fetched after service worker wakes up 1134 1134 - - URL shortening for long episode URLs 1135 1135 - - compress JSON payload if needed 1136 1136 - 1137 1137 - **alternative for large payloads**: 1138 1138 - - push notification contains only "new episodes available" signal 1139 1139 - - service worker makes API call to get full episode list 1140 1140 - - trade-off: requires network round-trip but unlimited data 1141 1141 - 1142 1142 - **logical clock sync optimization**: 1143 1143 - 1144 1144 - much simpler approach using sync revisions: 1145 1145 - 1146 1146 - #+BEGIN_SRC json 1147 1147 - { 1148 1148 - "type": "sync-available", 1149 1149 - "fromRevision": 12345, 1150 1150 - "toRevision": 12389, 1151 1151 - "changeCount": 8 1152 1152 - } 1153 1153 - #+END_SRC 1154 1154 - 1155 1155 - **service worker sync flow**: 1156 1156 - 1. push notification wakes service worker with revision range 1157 1157 - 2. service worker fetches ~/sync?from=12345&to=12389~ 1158 1158 - 3. server returns only changes in that range (episodes, feed updates, etc) 1159 1159 - 4. service worker applies changes to local dexie store 1160 1160 - 5. service worker queues background downloads for new episodes 1161 1161 - 6. updates local revision to 12389 1162 1162 - 1163 1163 - **benefits of revision-based approach**: 1164 1164 - - tiny push payload (just revision numbers) 1165 1165 - - server can efficiently return only changes in range 1166 1166 - - automatic deduplication (revision already applied = skip) 1167 1167 - - works for any sync data (episodes, feed metadata, user settings) 1168 1168 - - handles offline gaps gracefully (fetch missing revision ranges) 1169 1169 - 1170 1170 - **sync API response**: 1171 1171 - #+BEGIN_SRC typescript 1172 1172 - interface SyncResponse { 1173 1173 - fromRevision: number; 1174 1174 - toRevision: number; 1175 1175 - changes: Array<{ 1176 1176 - type: 'episode' | 'channel' | 'subscription'; 1177 1177 - operation: 'create' | 'update' | 'delete'; 1178 1178 - data: any; 1179 1179 - revision: number; 1180 1180 - }>; 1181 1181 - } 1182 1182 - #+END_SRC 1183 1183 - 1184 1184 - **integration with episode downloads**: 1185 1185 - - service worker processes sync changes 1186 1186 - - identifies new episodes that match user's auto-download filters 1187 1187 - - queues those for background cache fetching 1188 1188 - - much more efficient than sending episode metadata in push payload 1189 1189 - 1190 1190 - **service worker processing time constraints**: 1191 1191 - 1192 1192 - **hard limits**: 1193 1193 - - **30 seconds idle timeout**: service worker terminates after 30s of inactivity 1194 1194 - - **5 minutes event processing**: single event/request must complete within 5 minutes 1195 1195 - - **30 seconds fetch timeout**: individual network requests timeout after 30s 1196 1196 - - **notification requirement**: push events MUST display notification before promise settles 1197 1197 - 1198 1198 - **practical implications**: 1199 1199 - - sync API call (~/sync?from=X&to=Y~) must complete within 30s 1200 1200 - - large episode downloads must be queued, not started immediately in push handler 1201 1201 - - use ~event.waitUntil()~ to keep service worker alive during processing 1202 1202 - - break large operations into smaller chunks 1203 1203 - 1204 1204 - **recommended push event flow**: 1205 1205 - #+BEGIN_SRC typescript 1206 1206 - self.addEventListener('push', event => { 1207 1207 - const data = event.data?.json(); 1208 1208 - 1209 1209 - event.waitUntil( 1210 1210 - // Must complete within 5 minutes total 1211 1211 - handlePushSync(data) 1212 1212 - .then(() => { 1213 1213 - // Required: show notification before promise settles 1214 1214 - return self.registration.showNotification('Episodes synced'); 1215 1215 - }) 1216 1216 - ); 1217 1217 - }); 1218 1218 - 1219 1219 - async function handlePushSync(data) { 1220 1220 - // 1. Quick sync API call (< 30s) 1221 1221 - const changes = await fetch(~/sync?from=${data.fromRevision}&to=${data.toRevision}~); 1222 1222 - 1223 1223 - // 2. Apply changes to dexie store (fast, local) 1224 1224 - await applyChangesToStore(changes); 1225 1225 - 1226 1226 - // 3. Queue episode downloads for later (don't start here) 1227 1227 - await queueEpisodeDownloads(changes.newEpisodes); 1228 1228 - 1229 1229 - // Total time: < 5 minutes, preferably < 30s 1230 1230 - } 1231 1231 - #+END_SRC 1232 1232 - 1233 1233 - *download strategy*: use push event for sync + queuing, separate background tasks for actual downloads 1234 1234 - 1235 1235 - *background fetch API for large downloads*: 1236 1236 - 1237 1237 - *progressive enhancement approach*: 1238 1238 - #+BEGIN_SRC typescript 1239 1239 - async function queueEpisodeDownloads(episodes) { 1240 1240 - for (const episode of episodes) { 1241 1241 - if ('serviceWorker' in navigator && 'BackgroundFetch' in window) { 1242 1242 - // Chrome/Edge: use Background Fetch API for true background downloading 1243 1243 - await navigator.serviceWorker.ready.then(registration => { 1244 1244 - return registration.backgroundFetch.fetch( 1245 1245 - ~episode-${episode.id}~, 1246 1246 - episode.url, 1247 1247 - { 1248 1248 - icons: [{ src: '/icon-256.png', sizes: '256x256', type: 'image/png' }], 1249 1249 - title: ~Downloading: ${episode.title}~, 1250 1250 - downloadTotal: episode.fileSize 1251 1251 - } 1252 1252 - ); 1253 1253 - }); 1254 1254 - } else { 1255 1255 - // Fallback: queue for reactive download (download while streaming) 1256 1256 - await queueReactiveDownload(episode); 1257 1257 - } 1258 1258 - } 1259 1259 - } 1260 1260 - 1261 1261 - // Handle background fetch completion 1262 1262 - self.addEventListener('backgroundfetch', event => { 1263 1263 - if (event.tag.startsWith('episode-')) { 1264 1264 - event.waitUntil(handleEpisodeDownloadComplete(event)); 1265 1265 - } 1266 1266 - }); 1267 1267 - #+END_SRC 1268 1268 - 1269 1269 - *browser support reality*: 1270 1270 - - *Chrome/Edge*: Background Fetch API supported 1271 1271 - - *Firefox/Safari*: not supported, fallback to reactive caching 1272 1272 - - *mobile*: varies by platform and browser 1273 1273 - 1274 1274 - *benefits when available*: 1275 1275 - - true background downloading (survives app close, browser close) 1276 1276 - - built-in download progress UI 1277 1277 - - automatic retry on network failure 1278 1278 - - no service worker time limits during download 1279 1279 - 1280 1280 - *graceful degradation*: 1281 1281 - - detect support, use when available 1282 1282 - - fallback to reactive caching (download while streaming) 1283 1283 - - user gets best experience possible on their platform 1284 1284 - 1285 1285 - *** research todos :ai:claude: 1286 1286 - 1287 1287 - high-level unanswered questions from architecture brainstorming: 1288 1288 - 1289 1289 - **** sync and data management 1290 1290 - ***** TODO dexie sync capabilities vs rxdb for multi-device sync implementation 1291 1291 - ***** TODO webrtc p2p sync implementation patterns and reliability 1292 1292 - ***** TODO conflict resolution strategies for device-specific data in distributed sync 1293 1293 - ***** TODO content-addressed deduplication algorithms for rss/podcast content 1294 1294 - **** client-side storage and caching 1295 1295 - ***** TODO opfs storage limits and cleanup strategies for client-side caching 1296 1296 - ***** TODO practical background fetch api limits and edge cases for podcast downloads 1297 1297 - **** automation and intelligence 1298 1298 - ***** TODO llm-based regex generation for episode title parsing automation 1299 1299 - ***** TODO push notification subscription management and realm authentication 1300 1300 - **** platform and browser capabilities 1301 1301 - ***** TODO browser audio api capabilities for podcast-specific features (speed, silence skip) 1302 1302 - ***** TODO progressive web app installation and platform-specific behaviors 1303 1303 - 1304 1304 - # Local Variables: 1305 1305 - # org-hierarchical-todo-statistics: nil 1306 1306 - # org-checkbox-hierarchical-statistics: nil 1307 1307 - # End: 115 115 + - invitee flow 116 116 + - already generated identity 117 117 + - qr code pops 118 118 + - scanned by inviter, see inviter flow 119 119 + - done button after 120 120 + - camera pops, scan inviter's QR codes 121 121 + - sends invitation+registration token to server 122 122 + - added to the realm 123 123 + - go to subsequent runs

+5 -5

readme.org

··· 29 29 - Common 30 30 - ES2024 Javascript, running on in modern browsers or [[https://nodejs.org][Node v24]] 31 31 - [[https://github.com/panva/jose][~jose~]] for cross-platform webcrypto and JWT management 32 32 - - [[https://zod.dev/][Zod v4]] describes schema and builds transforamtion pipelines 32 32 + - [[https://zod.dev/][Zod v4]] describes schema and builds transformation pipelines 33 33 - Backend 34 34 - [[https://expressjs.com/][Express]] and Node's ~stdlib~ for HTTP and WebSocket servers 35 35 - Frontend 36 36 - [[https://vite.dev/][Vite]] does FE builds 37 37 - - [[https://react.dev][React]] + [[https://zustand.docs.pmnd.rs][Zustand]] for UI 37 37 + - [[https://preactjs.com/][Preact]] + [[https://zustand.docs.pmnd.rs][Zustand]] for UI 38 38 - Build & DX 39 39 - [[https://github.com/google/wireit][Wireit]] does script dependencies and services 40 40 - [[https://jsdoc.app/][JSDoc]], along with [[https://www.typescriptlang.org/docs/handbook/jsdoc-supported-types.html][Typescript's JSDoc support]] does typechecking ··· 46 46 - per-realm SQLite databases with node's native sqlite support 47 47 - docker compose for deployment with self-hosted realm storage 48 48 49 49 - See [[./devlog.org]] for design and architecture thoughts. 49 49 + See [[./readme-devlog.org]] for design and architecture thoughts. 50 50 51 51 ** Scripts 52 52 53 53 All scripts can have ~--watch~ passed as an argument to have ~wireit~ rerun when inputs change. 54 54 This is not useful for everything. 55 55 56 56 - - ~npm run dev~ :: alias for ~npm run start:dev --watch~ 56 56 + - ~npm run dev~ :: alias for ~npm run start:dev~ 57 57 - ~npm run lint~ :: runs ~eslint~ 58 58 - ~npm run types~ :: runs ~tsc~ (no emitting, just typechecking) 59 59 - ~npm run docs~ :: runs ~jsdoc~ to generate docs in ~./docs~ ··· 73 73 This program is free software: you can redistribute it and/or modify it under the terms of 74 74 the **Affero General Public License verson 3 or later** (AGPLv3+). 75 75 76 76 - Please see [[./license.txt]] for a copy of the full license. 76 76 + Please see [[./readme-license.txt]] for a copy of the full license.

+2 -2

src/client/page-app.spec.jsx

··· 17 17 18 18 // Check the JSX structure without full rendering 19 19 expect(component.type).toBe(Fragment) 20 20 - expect(component.props.children).toHaveProperty('type', 'h1') 21 21 - expect(component.props.children.props.children).toBe('whatever') 20 20 + expect(component.props.children[0]).toHaveProperty('type', 'h1') 21 21 + expect(component.props.children[0].props.children).toBe('whatever') 22 22 }) 23 23 }) 24 24