feat(#26): Nostr identity + trust engine

- New nostr_identities DB table (pubkey, trust_score, tier, interaction_count, sats_absorbed_today, last_seen)
- nullable nostr_pubkey FK on sessions + jobs tables; schema pushed
- TrustService: getTier, getOrCreate, recordSuccess/Failure, HMAC token (issue/verify)
- Soft score decay (lazy, on read) when identity absent > N days
- POST /api/identity/challenge + POST /api/identity/verify (NIP-01 sig verification)
- GET /api/identity/me — look up trust profile by X-Nostr-Token
- POST /api/sessions + POST /api/jobs accept optional nostr_token; bind pubkey to row
- GET /sessions/:id + GET /jobs/:id include trust_tier in response
- recordSuccess/Failure called after session request + job work completes
- X-Nostr-Token added to CORS allowedHeaders + exposedHeaders
- TIMMY_TOKEN_SECRET set as persistent shared env var

This commit is contained in:

Replit Agent

2026-03-19 15:59:14 +00:00

parent fa0ebc6b5c

commit 9b778351e4

12 changed files with 581 additions and 6 deletions

									
										1

artifacts/api-server/package.json
									
												View File
												
				@@ -18,6 +18,7 @@

				    "drizzle-orm": "catalog:",

				    "express": "^5",

				    "express-rate-limit": "^8.3.1",

				    "nostr-tools": "^2.23.3",

				    "ws": "^8.19.0"

				  },

				  "devDependencies": {

feat(#26): Nostr identity + trust engine

1 artifacts/api-server/package.json Unescape Escape View File

1

artifacts/api-server/package.json

View File