kyle/mcias
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sync docs: ARCHITECTURE, PROJECT, PROJECT_PLAN

Browse Source 
- ARCHITECTURE.md §12: add mciasdb, mciasgrpcctl, internal/grpcserver,
  proto/, and gen/ to the directory structure diagram
- ARCHITECTURE.md §17: replace buf generate references with protoc;
  the implementation uses protoc + protoc-gen-go + protoc-gen-go-grpc
  invoked via go generate ./... (proto/generate.go)
- PROJECT_PLAN.md §7.1: replace buf.yaml/buf.gen.yaml acceptance
  criteria with the protoc-based go:generate approach actually used
- PROJECT_PLAN.md §7.6: clarify that gen/ is committed to the repo
  (not gitignored); only the binary /mciasgrpcctl is excluded
- PROJECT.md: replace scrypt with Argon2id (the actual algorithm);
  remove the redundant Argon2 suggestion line
This commit is contained in:
Kyle Isom
2026-03-11 14:44:08 -07:00
parent 59d51a1d38
commit 7c79d00514
3 changed files with 26 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
PROJECT.md
View File

@@ -38,7 +38,8 @@ Performance is secondary, and can be tuned later.
## Technical details
+ User passwords will be stored using scrypt.
+ User passwords will be stored using Argon2id (PHC format), meeting
OWASP 2023 recommended parameters (time=3, memory=64 MiB, threads=4).
+ The service account tokens and user/password authentication can be
used to obtain a JWT, if that is appropriate.
+ All authentication events should be logged.
@@ -46,8 +47,7 @@ Performance is secondary, and can be tuned later.
git.wntrmute.dev/kyle/goutils for logging etc.
+ The database should be sqlite.
+ Modern cryptography should be used. Preference should be given to
Ed25519 as the public algorithm for signatures, for example. Consider
the use of Argon2 for password hashes.
Ed25519 as the public algorithm for signatures, for example.
## Interfaces