Problem
The shipped PocketBase rules are wide-open: listRule, viewRule, createRule, updateRule are all empty (public). Anyone with the URL can read or modify any link record. This is fine for a demo but unacceptable for production.
Proposal
Wire up SEP-10 (Stellar Web Authentication) so a wallet can sign a server-issued challenge, exchange it for a JWT, and use that JWT to call PocketBase under the wallet's identity. PocketBase rules then enforce that only the link's creator field can update its row.
Acceptance criteria
Files involved
frontend/src/lib/sep10.ts — new.
frontend/src/lib/linkStore.ts — thread the token through to the PocketBase client.
scripts/pocketbase-schema.json — tighten the rules.
CONTRIBUTING.md — document the web-auth dependency.
Notes
If we ever want to host the web-auth ourselves, Stellar's reference impl is a good starting point. For v0.2 we keep it BYO.
Problem
The shipped PocketBase rules are wide-open:
listRule,viewRule,createRule,updateRuleare all empty (public). Anyone with the URL can read or modify any link record. This is fine for a demo but unacceptable for production.Proposal
Wire up SEP-10 (Stellar Web Authentication) so a wallet can sign a server-issued challenge, exchange it for a JWT, and use that JWT to call PocketBase under the wallet's identity. PocketBase rules then enforce that only the link's
creatorfield can update its row.Acceptance criteria
linkStoreas the auth credential for PocketBase requests.listRule:@request.auth.id != ""viewRule: empty (public — pay pages must work for anyone with the URL)createRule:@request.auth.id != "" && @request.data.creator = @request.auth.publicKeyupdateRule:creator = @request.auth.publicKeydeleteRule:null(still no deletes from clients)scripts/pocketbase-schema.jsonto ship the hardened rules.Files involved
frontend/src/lib/sep10.ts— new.frontend/src/lib/linkStore.ts— thread the token through to the PocketBase client.scripts/pocketbase-schema.json— tighten the rules.CONTRIBUTING.md— document the web-auth dependency.Notes
If we ever want to host the web-auth ourselves, Stellar's reference impl is a good starting point. For v0.2 we keep it BYO.