From ed7c15ab7232a507835dd1fa1760f3bee0c1e6dd Mon Sep 17 00:00:00 2001
From: _ <>
Date: Sun, 12 Jan 2025 22:48:06 +0000
Subject: [PATCH] feat: email flow
---
_sidebar.md | 4 +---
emailflow.md | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++
index.html | 7 ++++++-
3 files changed, 57 insertions(+), 4 deletions(-)
create mode 100644 emailflow.md
diff --git a/_sidebar.md b/_sidebar.md
index 69b24bd..aee37e6 100644
--- a/_sidebar.md
+++ b/_sidebar.md
@@ -1,5 +1,3 @@
-* [Create](/create.md)
-* [Sign](/sign.md)
-* [Verify](/verify.md)
+* [Email Flow](/emailflow.md)
* [Offline Flow](/offline.md)
* [Technical Notes](/technical.md)
diff --git a/emailflow.md b/emailflow.md
new file mode 100644
index 0000000..7190e60
--- /dev/null
+++ b/emailflow.md
@@ -0,0 +1,50 @@
+# Email Flow
+
+
+```mermaid
+sequenceDiagram
+ autoNumber
+ actor U as SIGit User
+ participant W as SIGit Website
+ participant D as DVM
+ Participant DB as DataBase
+ Note over W,D: All comms over
Nostr Relay
+ U->>W: Click SIGNUP and enter
email address
+ Note over W: Ephemeral key generated
to communicate with DVM
+ W->>D: Request Account
+ Note right of W: Event uses PoW and
encrypts only EMAIL
to DVM pubkey
+ D -x DB: Verify PoW and check
if email exists
+ Note over D: If email already exists,
send user to LOGIN.
Otherwise#58;
+ D->>DB: Create Account
+ Note over DB: Create entries#58;
#128274;user.id=uid()
user.email=lowcase(email())
user.verified=false
user.activated=false
user.entropy=""
user.pubkey=""
user.created_at=now()
user.bkp=""
#128274;session.pubkey="ephemeral pubkey"
session.user_id=user.id
session.email_code=INT (6 digits)
session.created_at=now()
+ D->>U: Send session.email_code via email
+ D->>W: Account created
+ Note left of D: Payload is an empty string or
an encrypted (and detailed)
error message
+ W->>U: Tell user to check email and
to open it in the
SAME BROWSER SESSION
+ Note over W: Screen to accept the 6 digits
is already displayed
(mobile optimised if relevant)
+ U->>W: User opens link or enters the code
+ W->>D: Verify Account
+ Note right of W: Event uses PoW and
encrypts only CODE
to DVM pubkey
+ D -x DB: Check email_code where
session pk=event pk
+ D->>DB: If code matches,
Update Account
+ Note over DB: user.verified=true
user.entropy=uid()
+ D->>W: Provide user.entropy
+ Note left of D: Payload encrypted to ephemeral
pubkey. Is either a UID or a
detailed error message.
+ W->>U: Ask for secure password
+ Note right of U: This password is what prevents
backend from decrypting the nsec
+ U->>W: Enter password (twice)
+
+ Note over W: Nostr Keypair Generated
& Encrypted inside a
PRIVATE METHOD,
using password + entropy.
Password variable is not
stored, sent or printed
anywhere. Temporary
variables are destroyed.
+
+ W->>D: Request account activation
+ Note right of W: Event uses PoW and
encrypts both PUBKEY
and the already-
encrypted BACKUP
to the DVM pubkey
+ D -x DB: Ensure event pubkey
in SESSION table
+ D->>DB: Update Account
+ Note over DB: user.activated=true
user.pubkey=$pubkey
user.bkp=$backup
+ D->>W: Account activated
+ Note left of D: Payload is an empty string or
an encrypted (and detailed)
error message
+ W->>U: User is automatically logged in
+ Note over W: Ephemeral key is destroyed
Default relay list applied
+```
+
+
diff --git a/index.html b/index.html
index d506fea..049b096 100644
--- a/index.html
+++ b/index.html
@@ -45,7 +45,12 @@
-->
-
+
+