Mossy

Currently I’m implementing some communication with vault.
It’s half-way there, however there are some flaws.
Stay tuned!

Finished majority of frontend - currently it’s mostly placeholder (auth works however)
Right now I’m working at implementing mossy-vault <––> mossy-passwords communication, and implementing statistics microservice. Hopefully I will finish everything before flavortown ends
Cross your fingers!

Finally, there is auth logic on frontend (login/register), now I’ll focus on adding dashboard view to complete MVP version of frontend, and I’ll focus on implementing vault/password management related logic.
See ya!

Just implemented sign up tab, so rest of auth flow will be implemented pretty soon.
Btw reacts makes working with fronend super fun, it’s so so cool.
See ya!

Hi there!
Currently I’m writting mossy’s frontend, it’s looking pretty good for now, but it is not functional (no backend integrations for now).
Also I’ve improve unit test coverage in some microservices.
Frontend will be there in few days.
See ya

Hi there!
Just finished logic for synchronizing keys for vaults, using websockets,
It works like that:

1. During device registration, device provides DH_p and ID_p keys (X25519 and Ed25519).
2. If there are already other devices registered, then sync room is created.
3. Both peers join room
4. Sender sends encrypted master key (MK)
   Also I’ve made protection against anti-replay attack (used sends a signature from random nonce and dh public key (DH_p) so request cannot be replayed)
   That’s it for now!
   See ya

Hi there!
Finally, after looong time I’ve finished authentication logic (over 4k lines of code!), I’ve added option to logout from account, and many many tests for super-fast testing. Now I can focus on domain logic, and making some frontend.
Bye!

Hello.
After 5h I’ve figured out some things about starters in Spring Boot. Turns out, that you can’t declare @ControllerAdvice and SecurityFilterChain inside of an starter. Best part? Framework throws some random runtime exception, that leaves you confused. Anyway, authentication flow is ready, currently I will write some tests, and I’m looking forward to merging it.
See ya

Hi there!
From last devlog I’ve improved majority of auth logic: right now architecture is perfectly scallable, so replicing microservices is not a issue no more. JWKS flow was redesigned: there is now a dedicated microservice for just receiving and displating well-know JWKS. Also logging in via credentials works flawless. I’ve also improved many other things (such as JWKS fallback to http if RabbitMQ fails).
See ya soon,
hopefully I’ll return with working auth logic, cross your fingers!

Hi there!
For the last 7 hours I have been working on the authentication system (JWKS, OAuth, etc.). I have also learned React, so I can write Mossy’s web extension all by myself. The prototype of the web extension is halfway there. However, to develop it further, I need to finish the auth system.

See you soon!

Hi there!
I’ve successfully managed to design, and code majority of domain logic microservices, vault now, communicates with backend with STOMP + SockJS, it’s stable, and real-time. I am looking forward to writing authentication related microservices.
See ya!

Hi!
Mossy is kinda complicated project, so for most of the time I was figuring out a way to make everything secure. Mossy vaults (place where Mossy will store passwords at your self-hosted environment) will communicate with core (global backend microservice) via WebSockets. I’ve also figured many many other things. In terms of actual coding I’ve created “vault” and “core” microservices with basic logic. I’m really excited to work on this project overall!
See ya soon