README.md at main · freyja-lynx.dev/geocache-world

freyja-lynx.dev / geocache-world
fork atom
geocaches for the atmosphere
fork atom
geocache-world / README.md
at main 41 lines 2.5 kB view raw view rendered
wrap content
freyja-lynx.dev README rewrite 2mo ago
5ba0b961
 1# geocache.world
 2### let's go outside together
 3
 4### roadmap
 51. Finish up fleshing out the baseline lexicon
 62. Fix this repo and/or move to a new one as I'm ditching the original Rust + HTMX plan
 73. Build a frontend in Gleam that leverages Quickslice for rapid prototyping
 84. Build the attestation/token tooling
 9
10### tl;dr manifesto
11Going outside is fun. Geocaches are a fun reason to go outside. Wouldn't it be cool if your cache's guestbook was both physical and digital?
12
13geocache.world should be fun. You should own the online representation of your geocache. geocache.world should not lock you in -- you should be able to run the frontend, clone
14the backend, and run it all on your own while having the same features as anyone who's using the "official" website.
15
16### token attestation?
17The basic format I'm creating right now is:
18- Create a public/private keypair for your geocache
19- Associate the geocache with it's public key
20- Use the private key to create signed "tokens" that are stored with the geocache (or other ways)
21- Visitors take a "token" and include it with their online visit record
22- Decrypt the token, that visit actually happened.
23
24The token format is not well defined yet, but will basically just be something like a JSON string that at minimum contains a UUID representing the token. I'm thinking of
25making a custom UUID format which is deterministic on the location of the geocache + provide some ordering to tokens so that:
26- The geocache can publish a range of tokens that are currently available
27- The owner can disown/reject tokens if they ever choose to by publishing disallow ranges
28
29You can encode literally anything else you want. A message for everyone? Parts of a story? A link to your portfolio? It's your geocache. Do whatever you want (as long as it fits
30on a QR code, which is the intended token format _now_).
31
32What about bad actors? Well, for one: if you're being a bad actor over something this silly, you're silly. For two: that's where the cryptography comes in.
33Signing each token with the private key won't keep the token data secure (you can just create the token data), but the token means nothing on its own. The meaning
34comes from the decryption using the cache's public key. Is it entirely fool proof? Probably not, I'm not a cryptographer. But it should provide just enough "safety" through scarcity.
35Hopefully.
36
37There's a lot of open questions. I'm building haphazard. We'll see where it goes.
38
39
40### want to help?
41reach out to [@freyja-lynx.dev!](https://bsky.app/profile/freyja-lynx.dev)