herocode/self
13
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add SelfFreezoneClient wrapper for Self components

Browse Source 
- Created SelfFreezoneClient in Self components
- Wraps SDK FreezoneScriptClient for Self-specific operations
- Implements send_verification_email method
- Uses Rhai script template for email verification
- Includes template variable substitution
- Added serde-wasm-bindgen dependency

Usage:
  let client = SelfFreezoneClient::builder()
      .supervisor_url("http://localhost:8080")
      .secret("my-secret")
      .build()?;

  client.send_verification_email(
      "user@example.com",
      "123456",
      "https://verify.com/abc"
  ).await?;
This commit is contained in:
Timur Gordon
2025-11-03 16:16:18 +01:00
parent be061409af
commit f970f3fb58
33 changed files with 8947 additions and 449 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
docs/README.md Normal file
View File

@@ -0,0 +1,37 @@
# Self Documentation
This directory contains comprehensive documentation for the Self digital identity tool.
## Documentation Structure
- [`architecture.md`](architecture.md) - System architecture and design principles
- [`authentication-flows.md`](authentication-flows.md) - Detailed authentication and registration flows
- [`server-api.md`](server-api.md) - Server API documentation and endpoints
- [`cryptography.md`](cryptography.md) - Cryptographic implementation details
- [`vault-system.md`](vault-system.md) - Vault functionality and key management
- [`openid-compliance.md`](openid-compliance.md) - OpenID Connect compliance documentation
- [`security-model.md`](security-model.md) - Security considerations and threat model
- [`deployment.md`](deployment.md) - Production deployment guidelines
- [`development.md`](development.md) - Development setup and contribution guide
## Quick Reference
### Key Concepts
- **Self-Sovereign Identity**: Users control their own identity without relying on centralized authorities
- **Client-Side Encryption**: All private keys are encrypted locally before storage
- **Decentralized Authentication**: Public key-based authentication without password dependencies
- **Vault System**: Secure storage for multiple encrypted keys with password-based access
### Core Components
- **Registration Component**: Email verification and key pair generation
- **Login Component**: Cryptographic challenge-response authentication
- **Identity Component**: Identity management and key access
- **Vault Manager**: Multi-key storage and management
- **Server**: Identity verification and OAuth-compatible endpoints
### Security Features
- AES-256-GCM encryption for private keys
- PBKDF2-based key derivation (10,000 iterations)
- Secp256k1 cryptographic signatures
- JWT-based session management
- Local storage with encrypted data only