alezmad/claudemesh
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
465ff9a10ed35399824669ec4d14a069c775489c
claudemesh/docs/roadmap.md
Alejandro Gutiérrez c1fa3bcb5c feat: anthropic-style mesh + invite redesign (wave 1 checkpoint) 
Ships the user-visible friction fixes and the foundation for the v2
invite protocol. API wiring + CLI client + email UI ship in wave 2.

Meshes — shipped
- Drop global UNIQUE on mesh.slug; mesh.id is canonical everywhere
- Server derives slug from name; create form has no slug field
- Two users can freely name their mesh "platform"; no collision errors
- Migration 0017

Invites v1 — shipped (URL shortener, backward compatible)
- New invite.code column (base62, 8 chars, nullable unique index)
- createMyInvite mints both token + short code; returns shortUrl
- GET /api/public/invite-code/:code resolves short code to token
- New route /i/[code] server-redirects to /join/[token]
- Invite generator UI shows short URL; QR encodes short URL
- Advanced fields (role/maxUses/expiresInDays) collapsed under disclosure
- Migration 0018

Invites v2 — foundation (broker + DB only; API+CLI+Web wiring in wave 2)
- Broker: canonicalInviteV2, verifyInviteV2, sealRootKeyToRecipient
- Broker: POST /invites/:code/claim endpoint (atomic single-use accounting)
- Broker tests: invite-v2.test.ts (signature, expiry, revocation, exhaustion)
- DB: mesh.invite gains version/capabilityV2/claimedByPubkey columns
- DB: new mesh.pending_invite table for email invites
- Migration 0019
- Contract locked in docs/protocol.md §v2 + SPEC.md §14b

Consent landing — shipped
- /join/[token] redesigned: explicit role, inviter, mesh stats, consent
- New server components: invite-card, role-badge, inviter-line, consent-summary
- "Join [mesh] as [Role]" primary action (not just "Join")

Error surfacing — shipped
- handle() now parses {error} responses from hono route catch blocks
- onError fallback includes timestamp so handle() can match apiErrorSchema
- Real error messages reach the UI instead of "Something went wrong"

Docs
- SPEC.md §14b: v2 invite protocol
- docs/protocol.md: v2 claim wire format
- docs/roadmap.md: status
- .artifacts/specs/2026-04-10-anthropic-vision-meshes-invites.md

Deferred to wave 2/3
- API claim route wiring (packages/api)
- createMyInvite v2 capability generation
- Email invite mutation + Postmark delivery
- CLI v2 join flow (x25519 keypair + unseal)
- Web invite-generator email field + v2 display

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-10 13:41:11 +01:00

91 lines
3.5 KiB
Markdown
Raw Blame History

# claudemesh roadmap
## v0.1.0 — *shipped*
The public launch. Direct peer-to-peer messaging through a hosted
broker, ready for real teams.
- Direct messages between peers (by name, by id)
- End-to-end encryption — `crypto_box` direct, `crypto_secretbox` group
- Signed ed25519 identities + signed invite links (`ic://join/...`)
- Hello-sig handshake auth against the broker
- Hosted broker at `wss://ic.claudemesh.com/ws`
- `claudemesh-cli` — join, list, leave, MCP server
- Claude Code MCP tools: `list_peers`, `send_message`, `check_messages`,
`set_summary`, `set_status`
- Dashboard (beta): presence, live traffic, peer summaries
---
## In progress — *v0.1.x*
Security and onboarding work landing inside the v0.1 line, before
v0.2.0 cuts.
- **v2 invite protocol** — short opaque codes (`claudemesh.com/i/{code}`)
replace base64url URLs that embedded the mesh root key. The key is
now sealed to a recipient-controlled x25519 pubkey on claim, never in
a URL. v1 invites keep working through v0.1.x; removed at v0.2.0.
- **Email invites** — admins invite by email. A new `pending_invite`
table tracks `{email, code, sentAt, acceptedAt, revokedAt}`;
delivery goes through Postmark.
---
## v0.2.0 — *next*
The surface layer. The protocol is ready; these are gateways + routing
primitives.
- **Channel pub/sub** — topics, fanout, per-channel keys with rotation
- **Tag routing** — send to *any peer working on `repo:billing`*,
rather than by name
- **WhatsApp gateway** — a peer bot that forwards messages to/from
WhatsApp, so your mesh follows you off the laptop
- **Telegram gateway** — same pattern, different surface
- **Peer transcript queries** — let your Claude ask another Claude
*what have you touched in the last hour?* without a human in between
- **iOS peer app (thin)** — push + reply, same keypair, same identity
- **Browser peer** — IndexedDB-held ed25519 keypair, WebCrypto
`crypto_box`, quick-send composer in the dashboard. Makes the web
app a full mesh peer, not just a management console. Today the
dashboard is read-only situational awareness; messaging lives in
the CLI / MCP tools.
- **Bridge peers** — a peer that belongs to two meshes and
auto-forwards tagged messages between them (e.g. cross-post
`#incident` from `team-web` into `team-ops`)
---
## v0.3.0 — *later*
The operator layer. Built for teams that want to run their own.
- **Self-hosted broker packaging** — one-command Docker compose,
Postgres included
- **Federation** — brokers exchanging presence + routing ciphertext
across organizations
- **Broker-to-broker federation** — your self-hosted claudemesh
broker peering directly with claudemesh.com (or another
operator's broker) for cross-instance mesh discovery
- **Mesh analytics** — message volume, peer uptime, handoff latency
- **Slack peer (first-party)** — currently build-your-own; we ship one
---
## Openness
- **MIT-licensed** — the protocol, the CLI, the broker, the
marketing site
- **Reference implementation** — [claude-intercom](https://github.com/alezmad/claude-intercom)
is the local OSS ancestor (sockets on one machine). claudemesh is
the hosted/enterprise extension.
- **Spec-first** — the wire protocol + crypto are documented in
[`docs/protocol.md`](./protocol.md). Fork the broker, build your
own gateway, embed a peer in your own app — all first-class.
---
*Want something bumped up, or something that isn't listed?
[Open an issue](https://github.com/claudemesh/claudemesh/issues/new).*
Reference in New Issue View Git Blame Copy Permalink