docs: restore project context accidentally reverted in 01b66b8

An easy-to-host PDS on the ATProtocol, MacOS. Grandma-approved.

Commit 01b66b8 bundled CLAUDE.md changes that rolled back the freshness
dates and removed the V012 migration entry added by b0252cd. This
restores the V012 documentation and corrects freshness dates.

malpercio.dev 22 hours ago e93975c1 910eb976

ci.yaml

success 17s

+4 -2

2 changed files

expand all

CLAUDE.md

crates

relay

src

CLAUDE.md

+1 -1

CLAUDE.md

··· 1 1 # ezpds 2 2 3 - Last verified: 2026-03-20 3 + Last verified: 2026-03-22 4 4 5 5 ## Tech Stack 6 6 - Language: Rust (stable channel via rust-toolchain.toml)

+3 -1

crates/relay/src/db/CLAUDE.md

··· 1 1 # Database Module 2 2 3 - Last verified: 2026-03-21 3 + Last verified: 2026-03-22 4 4 5 5 ## Latest Updates 6 + - **V012**: Adds nullable `jkt` TEXT column to `oauth_tokens` (DPoP key thumbprint for DPoP-bound refresh tokens); creates `oauth_signing_key` table (WITHOUT ROWID, single-row, stores the server's persistent ES256 keypair with AES-256-GCM-encrypted private key) 6 7 - **V011**: Adds nullable `pending_share_{1,2,3}` TEXT columns to `pending_accounts` — stores pre-generated Shamir shares alongside `pending_did` so retried DID ceremony requests return the same shares (prevents Share 2 orphaning in accounts.recovery_share) 7 8 - **V010**: Adds nullable `recovery_share` column to `accounts` — stores Share 2 of the Shamir 2-of-3 split for relay-side custody; base32-encoded (52 chars); NULL for pre-Shamir accounts 8 9 - **V009**: Rebuilt sessions with nullable device_id (devices are deleted at DID promotion) and added token_hash UNIQUE column for Bearer token authentication (same SHA-256 hex pattern as pending_sessions) ··· 47 48 - `migrations/V009__sessions_v2.sql` - Rebuilds sessions: makes device_id nullable (devices are transient, deleted at DID promotion) and adds token_hash UNIQUE column for Bearer token auth via require_session 48 49 - `migrations/V010__recovery_shares.sql` - Adds nullable recovery_share TEXT to accounts: stores Share 2 of the Shamir 2-of-3 recovery split (base32, 52 chars); written atomically inside promote_account transaction 49 50 - `migrations/V011__pending_shares.sql` - Adds nullable pending_share_{1,2,3} TEXT columns to pending_accounts: idempotent share storage alongside pending_did; all three deleted when pending_accounts row is deleted at promotion 51 + - `migrations/V012__oauth_token_endpoint.sql` - Adds `jkt` TEXT column to oauth_tokens (DPoP thumbprint); creates `oauth_signing_key` table (WITHOUT ROWID, keyed by UUID id) for persistent ES256 keypair storage (public JWK + AES-256-GCM encrypted private key)