graham.systems / cistern
Encrypted, ephemeral, private memos on atproto
fork atom

simplify item schema to only handle text

graham.systems 1cc767e5 1df8c7ef

verified
options
unified split
Changed files
+19 -57
packages
lexicon
schemas
item.json
+19 -57
packages/lexicon/schemas/item.json
··· 1 1 { 2 2 "version": 1, 3 3 "id": "app.cistern.lexicon.item", 4 - "description": "An encrypted value meant to be accessed and deleted later.", 4 + "description": "An encrypted memo intended to be accessed and deleted later.", 5 5 "defs": { 6 - "encryptedField": { 7 - "type": "object", 8 - "description": "An inline-encrypted property", 9 - "required": ["value", "nonce"], 10 - "properties": { 11 - "value": { 12 - "type": "string", 13 - "description": "Encrypted field value" 14 - }, 15 - "nonce": { 16 - "type": "string", 17 - "description": "Nonce used to encrypt field value" 18 - } 19 - } 20 - }, 21 6 "main": { 22 7 "type": "record", 23 - "description": "A manifest representing an encrypted note or binary file", 8 + "description": "An encrypted memo", 24 9 "record": { 25 10 "type": "object", 26 11 "required": [ ··· 29 14 "nonce", 30 15 "algorithm", 31 16 "pubkey", 32 - "chunks", 33 - "metadata" 17 + "payload", 18 + "contentLength", 19 + "contentHash" 34 20 ], 35 21 "properties": { 36 22 "tid": { ··· 40 26 } 41 27 "ciphertext": { 42 28 "type": "string", 43 - "description": "Encapsulated shared ciphertext" 29 + "description": "Encapsulated shared ciphertext", 30 + "maxLength": 2000 44 31 }, 45 32 "nonce": { 46 33 "type": "string", 47 - "description": "Nonce used for content encryption", 48 - "maxLength": 64, 34 + "description": "Base64-encoded nonce used for content encryption", 35 + "maxLength": 32, 49 36 }, 50 37 "algorithm": { 51 38 "type": "string", ··· 57 44 "description": "URI to the public key used to encrypt this item", 58 45 "format": "at-uri" 59 46 }, 60 - "chunks": { 61 - "type": "array", 62 - "description": "Encrypted blobs that compose the encrypted contents of the item" 63 - "items": { 64 - "type": "blob", 65 - "accept": "application/octet-stream", 66 - "maxSize": 50000000 67 - }, 68 - "minLength": 1 47 + "payload": { 48 + "type": "string", 49 + "description": "Base64-encoded encrypted item contents" 69 50 }, 70 - "metadata": { 71 - "type": "object", 72 - "description": "Information about the encrypted content.", 73 - "required": ["format", "length", "hash"], 74 - "properties": { 75 - "format": { 76 - "type": "string", 77 - "description": "Original contents format", 78 - "knownValues": ["text", "file"] 79 - }, 80 - "length": { 81 - "type": "ref", 82 - "description": "Original content length in bytes", 83 - "ref": "app.cistern.lexicon.item#encryptedField" 84 - }, 85 - "hash": { 86 - "type": "string", 87 - "description": "SHA-256 hash of the original file", 88 - "maxLength": 64, 89 - }, 90 - "mimetype": { 91 - "type": "ref", 92 - "description": "Mimetype of original contents, if a file", 93 - "ref": "app.cistern.lexicon.item#encryptedField" 94 - } 95 - } 51 + "contentLength": { 52 + "type": "integer", 53 + "description": "Original content length in bytes", 54 + }, 55 + "contentHash": { 56 + "type": "string", 57 + "description": "Base64-encoded hash of the decrypted contents. Verify this before accepting the decrypted message. The algorithm is identified under `algorithm`" 96 58 } 97 59 } 98 60 }