diff --git a/AGENTS.md b/AGENTS.md index 3c32b0e..f3e7396 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -4,7 +4,7 @@ This file provides guidance to Claude Code (claude.ai/code) when working with co ## Project Overview -Metacrypt is a cryptographic service for the Metacircular platform, written in Go. It provides cryptographic resources via an "engines" architecture (CA, SSH CA, transit encryption, user-to-user encryption). Authentication is handled by MCIAS (Metacircular Identity and Access Service) using the client library at `git.wntrmute.dev/kyle/mcias/clients/go`. MCIAS API docs: https://mcias.metacircular.net:8443/docs +Metacrypt is a cryptographic service for the Metacircular platform, written in Go. It provides cryptographic resources via an "engines" architecture (CA, SSH CA, transit encryption, user-to-user encryption). Authentication is handled by MCIAS (Metacircular Identity and Access Service) using the client library at `git.wntrmute.dev/mc/mcias/clients/go`. MCIAS API docs: https://mcias.metacircular.net:8443/docs ## Build & Test Commands diff --git a/ARCHITECTURE.md b/ARCHITECTURE.md index 096ad89..51366ad 100644 --- a/ARCHITECTURE.md +++ b/ARCHITECTURE.md @@ -425,7 +425,7 @@ issues scoped intermediate CAs ("issuers"), which in turn issue leaf certificates. Certificate generation uses the `certgen` package from -`git.wntrmute.dev/kyle/goutils/certlib/certgen`. +`git.wntrmute.dev/mc/goutils/certlib/certgen`. #### Lifecycle diff --git a/CLAUDE.md b/CLAUDE.md index 3c32b0e..f3e7396 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -4,7 +4,7 @@ This file provides guidance to Claude Code (claude.ai/code) when working with co ## Project Overview -Metacrypt is a cryptographic service for the Metacircular platform, written in Go. It provides cryptographic resources via an "engines" architecture (CA, SSH CA, transit encryption, user-to-user encryption). Authentication is handled by MCIAS (Metacircular Identity and Access Service) using the client library at `git.wntrmute.dev/kyle/mcias/clients/go`. MCIAS API docs: https://mcias.metacircular.net:8443/docs +Metacrypt is a cryptographic service for the Metacircular platform, written in Go. It provides cryptographic resources via an "engines" architecture (CA, SSH CA, transit encryption, user-to-user encryption). Authentication is handled by MCIAS (Metacircular Identity and Access Service) using the client library at `git.wntrmute.dev/mc/mcias/clients/go`. MCIAS API docs: https://mcias.metacircular.net:8443/docs ## Build & Test Commands diff --git a/Makefile b/Makefile index d1f1bd6..a653aeb 100644 --- a/Makefile +++ b/Makefile @@ -5,11 +5,11 @@ LDFLAGS := -trimpath -ldflags="-s -w -X main.version=$(shell git describe --tags binaries: metacrypt metacrypt-web proto: - protoc --go_out=. --go_opt=module=git.wntrmute.dev/kyle/metacrypt \ - --go-grpc_out=. --go-grpc_opt=module=git.wntrmute.dev/kyle/metacrypt \ + protoc --go_out=. --go_opt=module=git.wntrmute.dev/mc/metacrypt \ + --go-grpc_out=. --go-grpc_opt=module=git.wntrmute.dev/mc/metacrypt \ proto/metacrypt/v1/*.proto - protoc --go_out=. --go_opt=module=git.wntrmute.dev/kyle/metacrypt \ - --go-grpc_out=. --go-grpc_opt=module=git.wntrmute.dev/kyle/metacrypt \ + protoc --go_out=. --go_opt=module=git.wntrmute.dev/mc/metacrypt \ + --go-grpc_out=. --go-grpc_opt=module=git.wntrmute.dev/mc/metacrypt \ proto/metacrypt/v2/*.proto metacrypt: diff --git a/PKI-ENGINE-PLAN.md b/PKI-ENGINE-PLAN.md index 0dcabfa..ac51a4f 100644 --- a/PKI-ENGINE-PLAN.md +++ b/PKI-ENGINE-PLAN.md @@ -4,14 +4,14 @@ Metacrypt needs its first concrete engine implementation: the CA (PKI) engine. This provides X.509 certificate issuance for Metacircular infrastructure. A single root CA issues scoped intermediate CAs ("issuers"), which in turn issue leaf certificates. An unauthenticated public API serves CA/issuer certificates to allow systems to bootstrap TLS trust. -Certificate generation uses the `certgen` package from `git.wntrmute.dev/kyle/goutils/certlib/certgen`. +Certificate generation uses the `certgen` package from `git.wntrmute.dev/mc/goutils/certlib/certgen`. ## Implementation Order ### Step 1: Add goutils dependency **File: `go.mod`** -- Add `git.wntrmute.dev/kyle/goutils` with local replace directive (same pattern as mcias) +- Add `git.wntrmute.dev/mc/goutils` with local replace directive (same pattern as mcias) - Run `go mod tidy` ### Step 2: Update engine framework @@ -150,7 +150,7 @@ engine/ca/{mount}/certs/{serial_hex}.json ### Step 7: Register CA factory **File: `cmd/metacrypt/server.go`** -- Import `git.wntrmute.dev/kyle/metacrypt/internal/engine/ca` +- Import `git.wntrmute.dev/mc/metacrypt/internal/engine/ca` - After creating `engineRegistry`, call `engineRegistry.RegisterFactory(engine.EngineTypeCA, ca.NewCAEngine)` ### Step 8: Tests diff --git a/PROJECT.md b/PROJECT.md index fb52a5d..25e1bfa 100644 --- a/PROJECT.md +++ b/PROJECT.md @@ -8,7 +8,7 @@ It should have a data model similar to what hashicorp vault does, in that it wil The first step is to build out the basic framework for the application, to include login, unsealing, and the encrypted barrier. -We will be using Go as the main language. The MCIAS client library (git.wntrmute.dev/kyle/mcias/clients/go) is used for authentication. Use 256-bit symmetric keys and Ed25519/Curve25519 or NIST P-521 where appropriate for public key algorithms. Use Argon2 for password hashing. +We will be using Go as the main language. The MCIAS client library (git.wntrmute.dev/mc/mcias/clients/go) is used for authentication. Use 256-bit symmetric keys and Ed25519/Curve25519 or NIST P-521 where appropriate for public key algorithms. Use Argon2 for password hashing. It will need a gRPC and JSON REST API, as well as a web frontend. diff --git a/clients/go/go.mod b/clients/go/go.mod index 33608be..ff3fccf 100644 --- a/clients/go/go.mod +++ b/clients/go/go.mod @@ -1,4 +1,4 @@ -module git.wntrmute.dev/kyle/metacrypt/clients/go +module git.wntrmute.dev/mc/metacrypt/clients/go go 1.25.0 diff --git a/clients/go/go.sum b/clients/go/go.sum deleted file mode 100644 index 9fd6146..0000000 --- a/clients/go/go.sum +++ /dev/null @@ -1,2 +0,0 @@ -golang.org/x/crypto v0.49.0 h1:+Ng2ULVvLHnJ/ZFEq4KdcDd/cfjrrjjNSXNzxg0Y4U4= -golang.org/x/crypto v0.49.0/go.mod h1:ErX4dUh2UM+CFYiXZRTcMpEcN8b/1gxEuv3nODoYtCA= diff --git a/cmd/metacrypt-web/main.go b/cmd/metacrypt-web/main.go index b054822..e80e094 100644 --- a/cmd/metacrypt-web/main.go +++ b/cmd/metacrypt-web/main.go @@ -13,8 +13,8 @@ import ( "github.com/spf13/cobra" - "git.wntrmute.dev/kyle/metacrypt/internal/config" - "git.wntrmute.dev/kyle/metacrypt/internal/webserver" + "git.wntrmute.dev/mc/metacrypt/internal/config" + "git.wntrmute.dev/mc/metacrypt/internal/webserver" ) var cfgFile string diff --git a/cmd/metacrypt/init.go b/cmd/metacrypt/init.go index 454b081..cadaf0a 100644 --- a/cmd/metacrypt/init.go +++ b/cmd/metacrypt/init.go @@ -10,11 +10,11 @@ import ( "github.com/spf13/cobra" "golang.org/x/term" - "git.wntrmute.dev/kyle/metacrypt/internal/barrier" - "git.wntrmute.dev/kyle/metacrypt/internal/config" - "git.wntrmute.dev/kyle/metacrypt/internal/crypto" - "git.wntrmute.dev/kyle/metacrypt/internal/db" - "git.wntrmute.dev/kyle/metacrypt/internal/seal" + "git.wntrmute.dev/mc/metacrypt/internal/barrier" + "git.wntrmute.dev/mc/metacrypt/internal/config" + "git.wntrmute.dev/mc/metacrypt/internal/crypto" + "git.wntrmute.dev/mc/metacrypt/internal/db" + "git.wntrmute.dev/mc/metacrypt/internal/seal" ) var initCmd = &cobra.Command{ diff --git a/cmd/metacrypt/migrate_aad.go b/cmd/metacrypt/migrate_aad.go index 1f1f257..0c37b26 100644 --- a/cmd/metacrypt/migrate_aad.go +++ b/cmd/metacrypt/migrate_aad.go @@ -10,9 +10,9 @@ import ( "github.com/spf13/cobra" "golang.org/x/term" - "git.wntrmute.dev/kyle/metacrypt/internal/config" - "git.wntrmute.dev/kyle/metacrypt/internal/crypto" - "git.wntrmute.dev/kyle/metacrypt/internal/db" + "git.wntrmute.dev/mc/metacrypt/internal/config" + "git.wntrmute.dev/mc/metacrypt/internal/crypto" + "git.wntrmute.dev/mc/metacrypt/internal/db" ) var migrateAADCmd = &cobra.Command{ diff --git a/cmd/metacrypt/migrate_barrier.go b/cmd/metacrypt/migrate_barrier.go index e6d2a4f..4065fba 100644 --- a/cmd/metacrypt/migrate_barrier.go +++ b/cmd/metacrypt/migrate_barrier.go @@ -10,10 +10,10 @@ import ( "github.com/spf13/cobra" "golang.org/x/term" - "git.wntrmute.dev/kyle/metacrypt/internal/barrier" - "git.wntrmute.dev/kyle/metacrypt/internal/config" - "git.wntrmute.dev/kyle/metacrypt/internal/crypto" - "git.wntrmute.dev/kyle/metacrypt/internal/db" + "git.wntrmute.dev/mc/metacrypt/internal/barrier" + "git.wntrmute.dev/mc/metacrypt/internal/config" + "git.wntrmute.dev/mc/metacrypt/internal/crypto" + "git.wntrmute.dev/mc/metacrypt/internal/db" ) var migrateBarrierCmd = &cobra.Command{ diff --git a/cmd/metacrypt/server.go b/cmd/metacrypt/server.go index 9112dd5..a26a35a 100644 --- a/cmd/metacrypt/server.go +++ b/cmd/metacrypt/server.go @@ -10,20 +10,20 @@ import ( "github.com/spf13/cobra" - "git.wntrmute.dev/kyle/metacrypt/internal/audit" - "git.wntrmute.dev/kyle/metacrypt/internal/auth" - "git.wntrmute.dev/kyle/metacrypt/internal/barrier" - "git.wntrmute.dev/kyle/metacrypt/internal/config" - "git.wntrmute.dev/kyle/metacrypt/internal/db" - "git.wntrmute.dev/kyle/metacrypt/internal/engine" - "git.wntrmute.dev/kyle/metacrypt/internal/engine/ca" - "git.wntrmute.dev/kyle/metacrypt/internal/engine/sshca" - "git.wntrmute.dev/kyle/metacrypt/internal/engine/transit" - "git.wntrmute.dev/kyle/metacrypt/internal/engine/user" - "git.wntrmute.dev/kyle/metacrypt/internal/grpcserver" - "git.wntrmute.dev/kyle/metacrypt/internal/policy" - "git.wntrmute.dev/kyle/metacrypt/internal/seal" - "git.wntrmute.dev/kyle/metacrypt/internal/server" + "git.wntrmute.dev/mc/metacrypt/internal/audit" + "git.wntrmute.dev/mc/metacrypt/internal/auth" + "git.wntrmute.dev/mc/metacrypt/internal/barrier" + "git.wntrmute.dev/mc/metacrypt/internal/config" + "git.wntrmute.dev/mc/metacrypt/internal/db" + "git.wntrmute.dev/mc/metacrypt/internal/engine" + "git.wntrmute.dev/mc/metacrypt/internal/engine/ca" + "git.wntrmute.dev/mc/metacrypt/internal/engine/sshca" + "git.wntrmute.dev/mc/metacrypt/internal/engine/transit" + "git.wntrmute.dev/mc/metacrypt/internal/engine/user" + "git.wntrmute.dev/mc/metacrypt/internal/grpcserver" + "git.wntrmute.dev/mc/metacrypt/internal/policy" + "git.wntrmute.dev/mc/metacrypt/internal/seal" + "git.wntrmute.dev/mc/metacrypt/internal/server" ) var serverCmd = &cobra.Command{ diff --git a/cmd/metacrypt/snapshot.go b/cmd/metacrypt/snapshot.go index 22fee7d..133bfe5 100644 --- a/cmd/metacrypt/snapshot.go +++ b/cmd/metacrypt/snapshot.go @@ -5,9 +5,9 @@ import ( "github.com/spf13/cobra" - mcdsldb "git.wntrmute.dev/kyle/mcdsl/db" - "git.wntrmute.dev/kyle/metacrypt/internal/config" - "git.wntrmute.dev/kyle/metacrypt/internal/db" + mcdsldb "git.wntrmute.dev/mc/mcdsl/db" + "git.wntrmute.dev/mc/metacrypt/internal/config" + "git.wntrmute.dev/mc/metacrypt/internal/db" ) var snapshotCmd = &cobra.Command{ diff --git a/cmd/metacrypt/unseal.go b/cmd/metacrypt/unseal.go index 38ad233..9fe1c78 100644 --- a/cmd/metacrypt/unseal.go +++ b/cmd/metacrypt/unseal.go @@ -15,7 +15,7 @@ import ( "google.golang.org/grpc" "google.golang.org/grpc/credentials" - metacryptv1 "git.wntrmute.dev/kyle/metacrypt/gen/metacrypt/v1" + metacryptv1 "git.wntrmute.dev/mc/metacrypt/gen/metacrypt/v1" ) var unsealCmd = &cobra.Command{ diff --git a/docs/engineering-standards.md b/docs/engineering-standards.md index 99d19c8..9f4844c 100644 --- a/docs/engineering-standards.md +++ b/docs/engineering-standards.md @@ -138,7 +138,7 @@ but the top-level skeleton is fixed. Services hosted on `git.wntrmute.dev` use: ``` -git.wntrmute.dev/kyle/ +git.wntrmute.dev/mc/ ``` --- @@ -251,7 +251,7 @@ Access Service). No service maintains its own user database. - Client sends credentials to the service's `/v1/auth/login` endpoint. - The service forwards them to MCIAS via the client library - (`git.wntrmute.dev/kyle/mcias/clients/go`). + (`git.wntrmute.dev/mc/mcias/clients/go`). - On success, MCIAS returns a bearer token. The service returns it to the client and optionally sets it as a cookie for the web UI. - Subsequent requests include the token via `Authorization: Bearer ` diff --git a/gen/metacrypt/v1/acme.pb.go b/gen/metacrypt/v1/acme.pb.go index 2cc94c9..184083d 100644 --- a/gen/metacrypt/v1/acme.pb.go +++ b/gen/metacrypt/v1/acme.pb.go @@ -600,7 +600,7 @@ const file_proto_metacrypt_v1_acme_proto_rawDesc = "" + "\tSetConfig\x12\x1e.metacrypt.v1.SetConfigRequest\x1a\x1f.metacrypt.v1.SetConfigResponse\x12U\n" + "\fListAccounts\x12!.metacrypt.v1.ListAccountsRequest\x1a\".metacrypt.v1.ListAccountsResponse\x12O\n" + "\n" + - "ListOrders\x12\x1f.metacrypt.v1.ListOrdersRequest\x1a .metacrypt.v1.ListOrdersResponseB>ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ