f8794791f3
Part 1 — DID Persistence: - Deploy script creates /var/lib/archipelago/identity/ directory - First-boot script creates identity dir with proper ownership - Identity load now logs pubkey to confirm persistence across restarts Part 2 — Node Names: - NodeStateSnapshot includes node_name field - build_local_state() passes server name to sync responses - update_node_state() stores peer's announced name on the FederatedNode - Names propagate automatically during federation.sync-state Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
9.6 KiB
MASTER PLAN
Archipelago project task tracking and roadmap.
BETA FREEZE ACTIVE (2026-03-18) — No new features. Fix bugs, harden security, test everything. Pipeline: Feature Testing → User Testing → Beta Live Progress:
docs/BETA-PROGRESS.md| Acceptance:docs/BETA-RELEASE-CHECKLIST.md
Roadmap
Phase 1: Feature Testing (internal) — CURRENT
| ID | Title | Priority | Status | Dependencies |
|---|---|---|---|---|
| FEATURE-4 | Onboarding loading screen with progress | P1 | IN PROGRESS | - |
| TASK-9 | Full feature testing sweep | P1 | PLANNED | - |
| TASK-10 | ISO build verification + multi-hardware test | P1 | PLANNED | - |
| TASK-12 | Beta telemetry — reporter + toggle + collector POST | P1 | IN PROGRESS | - |
| TASK-39 | Finish .198 rootless container migration | P1 | PLANNED | TASK-11 |
| TASK-42 | LUKS2 full-partition encryption for /var/lib/archipelago/ | P1 | PLANNED | TASK-10 |
Phase 2: User Testing (controlled, real hardware)
| ID | Title | Priority | Status | Dependencies |
|---|---|---|---|---|
| TASK-13 | Recruit 3-5 test users, distribute ISOs | P1 | NOT STARTED | Phase 1 complete |
| TASK-14 | Monitor telemetry, triage + fix user-reported issues | P1 | NOT STARTED | TASK-12, TASK-13 |
| TASK-15 | Rebuild ISO with fixes, re-verify | P1 | NOT STARTED | TASK-14 |
Phase 3: Beta Live (public)
| ID | Title | Priority | Status | Dependencies |
|---|---|---|---|---|
| TASK-16 | Final ISO build + release notes + distribution | P1 | NOT STARTED | Phase 2 complete |
Post-Beta (FROZEN — do not start)
| ID | Title | Priority | Status | Dependencies |
|---|---|---|---|---|
| TASK-2 | Roll incoming-tx into deploy & ISO | P2 | DEFERRED | - |
| INQUIRY-5 | Offline balance check via mesh relay | P2 | DEFERRED | - |
| FEATURE-6 | Watch-only wallet architecture | P1 | DEFERRED | - |
| TASK-7 | Mesh Bitcoin security hardening | P1 | DEFERRED | FEATURE-6 |
Active Work
FEATURE-4: Onboarding loading screen with progress (IN PROGRESS)
Priority: P1 — High Status: IN PROGRESS (2026-03-17)
Users hit the onboarding screen before the backend is ready, resulting in "Server is still starting up" errors that block identity creation. The onboarding flow should not begin until the server is fully operational.
Solution: Show the existing screensaver as a loading/boot screen with server startup progress. Swap the inner logo for animated pixel art icons (smiley face, Bitcoin logo, etc.) that cycle while services come online. Show progress indicators for each backend service (identity store, container runtime, LND, etc.). Only transition to onboarding once /health returns ready.
Key considerations:
- Reuse the existing screensaver component as the boot screen
- Animated pixel art icons rotate in the center (smiley, BTC, lightning bolt, etc.)
- Progress bar or status checklist showing which services are ready
- Poll
/healthendpoint for service readiness - Smooth transition from boot screen → onboarding once all critical services are up
- First-boot vs normal boot: first boot shows onboarding after, normal boot goes to dashboard
Key files:
neode-ui/src/views/Onboarding.vue— current onboarding flowneode-ui/src/components/Screensaver.vue— existing screensaver to repurposecore/archipelago/src/api/rpc/mod.rs— health endpointcore/archipelago/src/server.rs— startup sequence and service initialization
Tasks:
- Investigate current health endpoint — what services does it check, what's missing
- Design boot screen component: screensaver background + animated pixel icons + progress
- Create pixel art icon set (smiley, BTC, lightning, shield, etc.) as SVG/CSS animations
- Implement service readiness polling (health check with granular service status)
- Add backend support for granular startup progress (which services are ready)
- Build boot screen component with smooth transition to onboarding/dashboard
- Handle edge cases: very slow starts, partial service failures, timeout fallback
- Test on fresh ISO install (first-boot scenario)
TASK-9: Full app testing matrix on fresh install (PLANNED)
Priority: P1 — High Status: PLANNED (2026-03-18)
Run through the complete docs/BETA-RELEASE-CHECKLIST.md app matrix on a fresh ISO install. Every app: install, launch, UI loads, uninstall. Every dependency chain: correct errors when deps missing.
TASK-10: ISO build verification + multi-hardware test (PLANNED)
Priority: P1 — High Status: PLANNED (2026-03-18)
Build a fresh ISO, install on at least 2 different hardware configurations, verify full onboarding flow, app installs, and multi-day uptime.
TASK-17: Alpha version tags + rollback strategy (PLANNED)
Priority: P2 — Medium Status: PLANNED (2026-03-18)
Tag every significant alpha version with git tags for easy rollback. Each tag should correspond to a deployable state. Maintain a version log so any alpha can be rebuilt and deployed.
Tasks:
- Tag current state as
v1.2.0-alpha.1(pre-rootless-podman) - Establish naming convention:
v{major}.{minor}.{patch}-alpha.{build} - Tag after rootless podman migration:
v1.2.0-alpha.2 - Document rollback procedure (git checkout tag + deploy)
- Add version tag step to deploy script (auto-tag on successful deploy)
- Update CHANGELOG.md with each alpha milestone
TASK-42: LUKS2 full-partition encryption for /var/lib/archipelago/ (PLANNED)
Priority: P1 — High Status: PLANNED (2026-03-19)
Encrypt all Archipelago app data at rest using LUKS2 full-partition encryption. Protects Bitcoin wallet data, LND macaroons, FileBrowser files, Vaultwarden vault, secrets, and everything else from physical disk seizure. Seamless UX — user never interacts with encryption directly.
Design:
- LUKS2 partition for
/var/lib/archipelago/created during ISO install - Cipher: AES-256-XTS (hardware AES-NI on x86_64, ChaCha20 fallback on ARM without AES-NI)
- Key derived from setup password via Argon2id + hardware salt (
/sys/class/dmi/id/product_uuid) - Key file stored at
/root/.luks-archipelago.key(root:600, on boot partition) - Auto-unlock via
/etc/crypttabon every boot — no passphrase prompt - Password change in Settings re-derives key and rotates LUKS keyslot
Threat model:
- Disk removed from machine = fully encrypted, unreadable
- Running machine with login = transparent (same as today)
- Forgot password = cannot decrypt (correct sovereign behavior)
Tasks:
- ISO installer: create LUKS2 partition, format + mount at
/var/lib/archipelago/ - First-boot: derive LUKS key from setup password via Argon2id + hardware salt
- Store key file at
/root/.luks-archipelago.keywith 600 perms - Configure
/etc/crypttabfor auto-unlock at boot - Settings password change: re-derive LUKS key, add new keyslot, remove old
- Detect AES-NI availability, fall back to ChaCha20 on ARM without it
- Test: fresh install, reboot survives, power-cycle survives, password change works
- Test: disk removed from machine is unreadable
- Update
BUILD-GUIDE.mdandimage-recipe/build-auto-installer-iso.sh
Key files:
image-recipe/build-auto-installer-iso.sh— partition creationscripts/first-boot-containers.sh— runs after LUKS mountcore/archipelago/src/api/rpc/system.rs— password change handlercore/archipelago/src/server.rs— startup checks
Post-Beta (FROZEN)
These tasks are deferred until after beta ships. Do not start.
- INQUIRY-5: Offline balance check via mesh relay
- FEATURE-6: Watch-only wallet architecture
- TASK-7: Mesh Bitcoin security hardening
- TASK-2: Roll incoming-tx into deploy & ISO
Completed
| ID | Title | Completed |
|---|---|---|
| TASK-11 | Rootless podman migration (.228 — 30 containers) | 2026-03-18 |
| TASK-32 | Integrate boot loader into deploy + build + production | 2026-03-17 |
| TASK-34 | Pentest findings remediation plan | 2026-03-18 |
| TASK-26 | Rename fedimintd to "Fedimint Guardian" + icon | 2026-03-18 |
| TASK-27 | Add tab-launch icon to apps that open in tabs | 2026-03-18 |
| TASK-28 | Sort installed apps to end of marketplace | 2026-03-18 |
| TASK-29 | Fix mesh mobile: remove title/flash/peers header, fix gutters | 2026-03-18 |
| TASK-30 | On-Chain as first tab in receive Bitcoin modals | 2026-03-18 |
| TASK-35 | Federation node names (show name not DID, hover for key) | 2026-03-18 |
| TASK-36 | Cleaner iframe error screen with remediation | 2026-03-18 |
| BUG-1 | Random logout / CSRF mismatch — HMAC-derived tokens | 2026-03-18 |
| TASK-8 | Security hardening — 12/12 pentest findings fixed | 2026-03-18 |
| BUG-20 | ElectrumX index estimate string ~55→~130 GB | 2026-03-18 |
| BUG-37 | App card Start/Launch flicker during container scan | 2026-03-18 |
| BUG-40 | Uninstall dialog not full-screen modal | 2026-03-18 |
| BUG-41 | Uninstall loader ends but app card persists | 2026-03-18 |
| BUG-33 | CPU load alert threshold too low (8 = 2x cores) | 2026-03-18 |
| TASK-31 | Sticky nav header (Apps page) | 2026-03-18 |
| TASK-38 | Blockchain sync info on homepage System card | 2026-03-18 |
| TASK-17 | Alpha version tags + deploy auto-tag | 2026-03-18 |
| BUG-3 | IndeedHub WebSocket spam — removed dead nostrConfig | 2026-03-18 |