summaryrefslogtreecommitdiffstats
path: root/cmd/nymdrop-reader
Commit message (Collapse)AuthorAgeFilesLines
* Add Fyne GUI and portable --data-dir mode to nymdrop-readerGab Virebent8 hours3-494/+181
| | | | | | | | | | | | | Extract reader logic (key management, embedded nym-client lifecycle, receive loop, decrypt, save) into internal/reader as a Hooks-driven package, shared by both the existing headless CLI and a new --gui mode built with Fyne. Add --data-dir to make a reader instance fully self-contained: privkey, inbox, and the embedded nym-client's own state (normally fixed to $HOME/.nym) all live under the given directory via a HOME override on the subprocess, enabling zero-trace USB operation. CLI default behavior is unchanged (same paths, same protocol) so the pietro deployment is unaffected.
* Switch Nym WS transport to nym-client's binary protocol, drop second base64 ↵Gab Virebent38 hours2-61/+52
| | | | | | | | | | | | | | | | | | | | | | layer Client.Send now speaks nym-client's native binary websocket protocol (tag || recipient || conn_id || data_len || data) instead of wrapping the ciphertext in a JSON text message, which required base64-encoding it a second time on top of the browser's own base64 layer. The reader's self-address query also switched to the binary protocol: nym-client picks text-vs-binary for every later "received" push based on the format of the last request seen on a connection, so leaving the reader in JSON/text mode would have made nym-client run a lossy UTF-8 conversion over the now-unencoded binary payload, corrupting it. Fixed the binary Received-frame parsing along the way (previous code assumed a fixed 16-byte tag with no length prefix, which never matched the real protocol and was never exercised while the connection stayed text-mode). Verified end-to-end against the real embedded nym-client 1.1.76 binary, with the exact wire format cross-checked against upstream nym source at the pinned build commit.
* Guard key material in RAM with memguard, add Markdown preview for message fieldGab Virebent6 days2-15/+93
| | | | | | | | | | | | Reader now keeps the private key bytes and the per-submission ECDH/HKDF secrets in memguard.LockedBuffer (mlock + guaranteed wipe) instead of a manual zero loop. Added a regression test for the decrypt path. Message field gets a self-hosted Markdown toggle preview (no external library): headers, bold/italic, inline code, code blocks, blockquotes, lists, links. Output is HTML-escaped and link schemes are whitelisted before rendering. Submitted content is still the raw Markdown source, unchanged on the wire.
* Initial public release: Nym-native anonymous submission systemGab Virebent2026-06-201-0/+460
End-to-end verified pipeline (browser -> HTTP relay -> Nym mixnet -> reader). Client-side X25519+HKDF+AES-GCM-256, no-log blind relay, AGPL-3.0.