2 Commits

Author SHA1 Message Date
explewd
22619ebd11 Implement wisp: async encrypted single-retrieval file drop
All checks were successful
Docker / build-and-push (push) Successful in 3m33s
Client-side libsodium encryption with the key in the URL fragment, an
Express/SQLite server holding ciphertext until a confirm-token round trip
proves successful decrypt (avoiding the delete-on-first-byte race), TTL
sweep for unclaimed drops, and a password-gated upload UI styled to match
flit. Dockerized to match the project family's conventions, with a named
volume so the DB/blobs survive redeploys, and a Gitea Actions workflow to
build and push the image.
2026-07-09 19:14:54 +02:00
Fredrik Johansson
8fd73155bd Initial design: async single-retrieval encrypted file drop
README covers the pitch and how this differs from flit (synchronous,
zero server storage) and zipline (persistent hosting). IMPLEMENTATION
covers the crypto scheme (key-in-fragment, same primitives as
flit/waste-go), storage shape, and the deletion-race problem —
delete-on-first-byte-served is the wrong default (see Firefox Send's
history with this exact bug); confirm-then-delete with a TTL backstop
is the fix.

No code yet — design stage.

Co-Authored-By: Claude Sonnet 5 <noreply@anthropic.com>
2026-07-09 17:58:17 +02:00