Skip to content

docs: milestone v1.1 IPFS Infrastructure planning#280

Merged
FSM1 merged 13 commits into
mainfrom
docs/milestone-v1.1-ipfs-infrastructure
Mar 7, 2026
Merged

docs: milestone v1.1 IPFS Infrastructure planning#280
FSM1 merged 13 commits into
mainfrom
docs/milestone-v1.1-ipfs-infrastructure

Conversation

@FSM1

@FSM1 FSM1 commented Mar 7, 2026

Copy link
Copy Markdown
Owner

Summary

  • Defines milestone v1.1 (IPFS Infrastructure) requirements and 5-phase roadmap
  • Completes project research (architecture, stack, features, pitfalls) for the IPFS migration
  • Archives M1 (MVP) requirements/roadmap into milestones/m1/ and renames M3 → M4
  • Restores M1 requirements and roadmap from git history for completeness

Changes

  • New: .planning/REQUIREMENTS.md, .planning/ROADMAP.md for v1.1
  • New: .planning/milestones/m1/ with archived M1 docs
  • Updated: Research docs (ARCHITECTURE.md, STACK.md, FEATURES.md, PITFALLS.md, SUMMARY.md) rewritten for IPFS infrastructure focus
  • Renamed: milestones/m3milestones/m4 (Encrypted Productivity Suite)
  • Updated: PROJECT.md, STATE.md, MILESTONES.md to reflect current milestone

Test plan

  • Verify .planning/ structure is consistent (/gsd:health shows no errors)
  • Confirm roadmap phases align with requirements
  • Review research docs for accuracy against IPFS/Helia/libp2p ecosystem

🤖 Generated with Claude Code

Summary by CodeRabbit

  • Chores

    • Roadmap restructured: Active Milestone v1.1 (IPFS Infrastructure) promoted, timestamps updated, many items deferred/reassigned to later milestones and phases renumbered.
  • New Features

    • Added planning for IPNS reliability, BYO‑IPFS node support and server‑relay, vault migration to a new blob format, performance instrumentation/baselines, and recovery/runbook updates.
  • Documentation

    • Large set of new and revised planning materials: roadmap, requirements, architecture, research, pitfalls, scoping rationale, traceability and phase mappings.

FSM1 and others added 6 commits March 7, 2026 04:16
IPFS Infrastructure v1.1 is being inserted as Milestone 3,
pushing the Encrypted Productivity Suite to Milestone 4.

- Rename .planning/milestones/m3/ → m4/
- Rename .planning/research/m3/ → m4/
- Update all M3 references to M4 in planning docs
- Update M2 docs that deferred items to M3 → M4
- Phase numbers for M4 will be renumbered when M4 is planned

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: d0a06f30f2d7
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 9be2c4035475
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: e5c8cd3051fd
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 48a526e9879f
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 5f774368cca0
- Extracted M1 REQUIREMENTS.md from commit before M2 planning
- Moved M1 ROADMAP.md from .planning/archive/ to milestones/m1/
- Updated MILESTONES.md archive references

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 677f719f839e
@coderabbitai

coderabbitai Bot commented Mar 7, 2026

Copy link
Copy Markdown

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

  • @coderabbitai resume to resume automatic reviews.
  • @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

  • ▶️ Resume reviews
  • ✅ Review completed - (🔄 Check again to review again)

Walkthrough

Activated "IPFS Infrastructure v1.1" as the active milestone (Phases 18–22), replacing prior roadmap items with an IPFS‑native architecture: DB‑first IPNS resolution, Vault Blob v2 migration, BYO‑IPFS ProviderFactory/DualPinProvider, and performance instrumentation; multiple planning, roadmap, milestones, research, and requirements docs updated; some items deferred M3→M4.

Changes

Cohort / File(s) Summary
Milestone & Project Planning
.planning/MILESTONES.md, .planning/PROJECT.md, .planning/STATE.md
Promoted IPFS Infrastructure v1.1 to active milestone (M3), updated goals/scope/phases/timestamps, added archived subsections and adjusted references.
Roadmap & Requirements (v1.1)
.planning/ROADMAP.md, .planning/REQUIREMENTS.md
Added v1.1 roadmap and detailed requirements (IPNS-, VAULT-, BYO-, PERF- checklists), defined Phases 18–22, success criteria, progress tables and traceability.
Milestone 1 Planning
.planning/milestones/m1/m1-mvp-ROADMAP.md, .planning/milestones/m1/m1-mvp-REQUIREMENTS.md
Inserted Phase 10.1 tech‑debt cleanup, added plan docs and updated M1 requirements/traceability and progress rows.
Milestone 2 Deferrals & Phases
.planning/milestones/m2/...
.../m2-v1.0-REQUIREMENTS.md, .../m2-v1.0-ROADMAP.md, .../m2-v1.0-production-MILESTONE-AUDIT.md, .../phases/16-advanced-sync/...
Shifted deferral targets for SYNC-05, SYNC-06, and TEE-06 from M3 → M4 and aligned context, verification, and audit artifacts.
Milestone 4 Planning
.planning/milestones/m4/REQUIREMENTS.md, .planning/milestones/m4/ROADMAP.md
Relabeled Milestone references M3→M4 across headers, phase mappings, and narrative; reworked phase numbering/sequence for M4.
Research & Architecture (Core)
.planning/research/ARCHITECTURE.md
Large rewrite introducing DB‑first IPNS resolution (CID cache + Kubo verification), BYO‑IPFS ProviderFactory & DualPinProvider, Vault Blob v2, new DTOs/controllers, recovery flow changes, and many new public interfaces/classes.
API / Backend & Vault Design (docs + code mapping)
apps/api/src/..., packages/crypto/src/vault/..., apps/web/src/...
Documented new/changed components: KuboIpnsClient, ProviderFactoryService, UserCustom/DualPin providers, IpnsService DB‑first flow, Vault Blob v2 types/serialization, IPFS config endpoints and frontend wiring, plus metrics instrumentation.
Research Documents (v1.1 focus)
.planning/research/FEATURES.md, .planning/research/PITFALLS.md, .planning/research/STACK.md, .planning/research/SUMMARY.md
Refocused research on IPNS reliability, BYO‑IPFS, performance baselining, migration & recovery playbooks, and phased risks/mitigations.
Milestone 4 Research headers
.planning/research/m4/*
Minor header changes switching Milestone 3 → Milestone 4 text across multiple research files.
Planning todos metadata
.planning/todos/pending/*.md
Added milestone and phase front‑matter to pending BYO‑IPFS / IPNS / migration todos.
Scoping & Rationale
.planning/SCOPING_RATIONALE.md
New scoping rationale for v1.1 capturing decisions, tradeoffs, migration exclusions, and mitigation notes.

Sequence Diagram(s)

sequenceDiagram
    autonumber
    actor Client
    participant API as "CipherBox API"
    participant DB as "Server DB (CID cache)"
    participant ProviderFactory as "ProviderFactory"
    participant Kubo as "Kubo DHT / Local Kubo"
    participant UserProvider as "User IPFS Provider"

    Client->>API: Resolve IPNS name
    API->>DB: Lookup cached IPNS → CID
    DB-->>API: Cached CID (hit/miss)
    alt Cache hit
        API->>Client: Return CID/path
    else Cache miss
        API->>ProviderFactory: Resolve provider for user (or default)
        ProviderFactory->>UserProvider: Attempt provider resolve (optional)
        ProviderFactory->>Kubo: Start background DHT verification
        UserProvider-->>API: Resolution result (CID/path) or null
        Kubo-->>API: Verification result
        API->>DB: Upsert CID cache entry if resolved/verified
        API->>Client: Return CID/path or fallback instructions
    end
Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The pull request title accurately and specifically summarizes the primary change: comprehensive milestone v1.1 IPFS Infrastructure planning documentation.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch docs/milestone-v1.1-ipfs-infrastructure

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 7dfef737a1e2

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 10

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
.planning/MILESTONES.md (1)

33-37: ⚠️ Potential issue | 🟡 Minor

The archived M2 links still point at the pre-restructure paths.

These entries still reference .planning/milestones/v1.0-*, while the current archive layout elsewhere in this PR uses .planning/milestones/m2/m2-v1.0-*. That leaves the milestone index pointing at stale locations. As per coding guidelines, .planning/MILESTONES.md should “keep cross-links consistent with v1.1 scope.”

🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.planning/MILESTONES.md around lines 33 - 37, Update the archived M2 links
in .planning/MILESTONES.md so they point to the restructured archive paths:
replace `.planning/milestones/v1.0-ROADMAP.md`,
`.planning/milestones/v1.0-REQUIREMENTS.md`, and
`.planning/milestones/v1.0-production-MILESTONE-AUDIT.md` with
`.planning/milestones/m2/m2-v1.0-ROADMAP.md`,
`.planning/milestones/m2/m2-v1.0-REQUIREMENTS.md`, and
`.planning/milestones/m2/m2-v1.0-production-MILESTONE-AUDIT.md` respectively to
keep cross-links consistent with the v1.1 scope and the rest of the PR.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.planning/research/ARCHITECTURE.md:
- Around line 339-352: The docs disagree about whether encryptedRootFolderKey is
retained: choose a single target state (either remove encryptedRootFolderKey
from the vaults table and treat any DB-stored user crypto as removed, or keep
encryptedRootFolderKey as a permanent fallback) and update ARCHITECTURE.md and
.planning/STATE.md to match; then adjust migration scope and schema/migration
scripts accordingly (update references to vaults, encryptedRootFolderKey, and
any migration names or checks that apply) so the codebase, migration plans, and
docs consistently reflect the chosen end-state.
- Around line 181-195: Do not implement returning raw Ed25519 private key bytes
from the TEE to the API/Kubo; instead preserve the current TEE-signed-record +
delegated routing flow or move the Kubo-native publish operation inside the TEE
boundary so the private key never leaves the TEE. In practice, remove/avoid any
code paths that call `/api/v0/key/import`, `/api/v0/name/publish`, or
`/api/v0/key/rm` with raw key bytes returned from the TEE, and either (a) keep
using the existing "TEE signs record -> API relays signed record to delegated
routing" path, or (b) implement the publish logic inside the TEE process (so
Kubo-native publish can be invoked from inside the trusted boundary) to ensure
the IPNS private key is never exported.

In @.planning/research/m4/PITFALLS.md:
- Line 1: Update all remaining "M3" milestone references to "M4" throughout the
.planning/research/m4/PITFALLS.md document; specifically replace instances such
as the section header "Why M3 Is Uniquely Dangerous", the phrase "Scope M3 to
documents ONLY", and any other residual "M3" mentions with "M4" so the title and
body are consistent with the Milestone 4 renaming, ensuring
pluralization/capitalization matches existing "Milestone 4" usage and run a
project-wide search for the exact token "M3" to catch all occurrences.

In @.planning/research/m4/STACK.md:
- Line 1: Update all internal references of "M3" to "M4" in the STACK.md content
to match the header "Milestone 4"; specifically replace occurrences such as the
phrases "M3 transforms CipherBox", "Scope M3 to documents ONLY", and "Ship
spreadsheets as single-user-editable in M3" with "M4 transforms CipherBox",
"Scope M4 to documents ONLY", and "Ship spreadsheets as single-user-editable in
M4" respectively, and scan the rest of the document for any other "M3" tokens to
change to "M4".

In @.planning/research/m4/SUMMARY.md:
- Line 1: The SUMMARY.md header was updated to "Milestone 4" but the body still
references M3/M4+, so update the inconsistent milestone labels: locate the
sentence containing "M3 should implement single-user editing" (near the line
with "Milestone 4 transforms...") and change "M3" to "M4" and "M4+" to "M5+" so
the document consistently refers to Milestone 4 and the subsequent milestone as
M5+.

In @.planning/research/STACK.md:
- Around line 485-491: The "stack" milestone ordering in the listed bullets is
reversed relative to the roadmap: swap the order so Performance baselines comes
before IPNS reliability (i.e., list "Performance baselines second" as Phase 18
and "IPNS reliability first" moved to Phase 19), and update the four-item
sequence (the bullet titles "IPNS reliability first", "Performance baselines
second", "Database minimization third", "BYO-IPFS fourth") to match the Phase
18→22 roadmap ordering and wording used in .planning/ROADMAP.md so milestone
references are consistent across planning docs.
- Around line 101-109: Update the planning doc to not treat folder/file IPNS
tracking as removable state: change the "Folder/file IPNS tracking" row so
Target Location remains DB-backed (or "DB-backed IPNS records") and update
Migration Approach to note that sequence coordination and republish syncing must
be preserved (referencing ipns.service.ts resolve logic and republish.service.ts
sync logic). Ensure the entry explicitly calls out keeping sequence/sequence
numbers in the DB and coordinating with the republish workflow rather than
relying solely on client-side derivation.
- Around line 202-220: The section mixes two incompatible models for handling
the remote pinning access token; pick one and make the text consistent: either
(A) client-side-only model — state that VaultSettings.remotePinning stores
metadata only, the access token is never sent to the API, and describe storing
the token encrypted in IndexedDB or per-session and that pinning is done
client-direct (note CORS/desktop parity caveats), or (B) server-relay model —
state that users encrypt the token for the server, the NestJS backend
stores/uses the token to relay pin requests (and update VaultSettings to note
token is server-held), and remove any claims that the token is never sent to the
API; update references to VaultSettings, remotePinning, and the access token
storage description to match the chosen trust model throughout the paragraph.

In @.planning/research/SUMMARY.md:
- Around line 42-43: The summary text contradicts the agreed state: remove the
absolute claim "server stores zero crypto material" and instead state the
decided target that the rootFolderKey will be moved to an IPFS vault record
while the server retains a DB copy of encryptedRootFolderKey as a permanent
fallback (per the recorded decision in STATE.md); update the two bullet lines so
they reference moving rootFolderKey to IPFS vault record and supporting BYO-IPFS
via Pinning Service API while explicitly noting the server keeps an
encryptedRootFolderKey fallback rather than claiming zero stored crypto
material.
- Line 12: Update the SUMMARY.md paragraph that currently states a "four-phase
execution" to reflect the correct five-phase roadmap: restore the split of
performance instrumentation into two separate phases (Phase 18 and Phase 22),
explicitly list phases 18→22 ordering, and ensure Phase 2/3/4/5 mapping aligns
with the active plan referenced in .planning/ROADMAP.md and
.planning/MILESTONES.md so the milestone-to-phase mapping is unambiguous; edit
the sentence that mentions "Phase 1... Phase 2... Phase 3... Phase 4..." to
instead enumerate five phases and call out that performance instrumentation
spans Phase 18 and Phase 22.

---

Outside diff comments:
In @.planning/MILESTONES.md:
- Around line 33-37: Update the archived M2 links in .planning/MILESTONES.md so
they point to the restructured archive paths: replace
`.planning/milestones/v1.0-ROADMAP.md`,
`.planning/milestones/v1.0-REQUIREMENTS.md`, and
`.planning/milestones/v1.0-production-MILESTONE-AUDIT.md` with
`.planning/milestones/m2/m2-v1.0-ROADMAP.md`,
`.planning/milestones/m2/m2-v1.0-REQUIREMENTS.md`, and
`.planning/milestones/m2/m2-v1.0-production-MILESTONE-AUDIT.md` respectively to
keep cross-links consistent with the v1.1 scope and the rest of the PR.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: b849d9b1-8c9f-4ae3-bacf-3ddaa54083d5

📥 Commits

Reviewing files that changed from the base of the PR and between 897e571 and 5c11cd8.

📒 Files selected for processing (24)
  • .planning/MILESTONES.md
  • .planning/PROJECT.md
  • .planning/REQUIREMENTS.md
  • .planning/ROADMAP.md
  • .planning/STATE.md
  • .planning/milestones/m1/m1-mvp-REQUIREMENTS.md
  • .planning/milestones/m1/m1-mvp-ROADMAP.md
  • .planning/milestones/m2/m2-v1.0-REQUIREMENTS.md
  • .planning/milestones/m2/m2-v1.0-ROADMAP.md
  • .planning/milestones/m2/m2-v1.0-production-MILESTONE-AUDIT.md
  • .planning/milestones/m2/phases/16-advanced-sync/16-CONTEXT.md
  • .planning/milestones/m2/phases/16-advanced-sync/16-VERIFICATION.md
  • .planning/milestones/m4/REQUIREMENTS.md
  • .planning/milestones/m4/ROADMAP.md
  • .planning/research/ARCHITECTURE.md
  • .planning/research/FEATURES.md
  • .planning/research/PITFALLS.md
  • .planning/research/STACK.md
  • .planning/research/SUMMARY.md
  • .planning/research/m4/ARCHITECTURE.md
  • .planning/research/m4/FEATURES.md
  • .planning/research/m4/PITFALLS.md
  • .planning/research/m4/STACK.md
  • .planning/research/m4/SUMMARY.md

Comment thread .planning/research/ARCHITECTURE.md Outdated
Comment thread .planning/research/ARCHITECTURE.md Outdated
Comment thread .planning/research/m4/PITFALLS.md
Comment thread .planning/research/m4/STACK.md
Comment thread .planning/research/m4/SUMMARY.md
Comment thread .planning/research/STACK.md Outdated
Comment thread .planning/research/STACK.md Outdated
Comment thread .planning/research/STACK.md Outdated
Comment thread .planning/research/SUMMARY.md Outdated
Comment thread .planning/research/SUMMARY.md Outdated
FSM1 and others added 2 commits March 7, 2026 04:41
Documents key decisions from the IPFS infrastructure scoping
discussion: folder_ipns stays authoritative (not advisory),
rootFolderKey migration accepted with permanent DB fallback,
BYO-IPFS uses server-relay, and why shares/device_approvals
remain in PostgreSQL.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 5a8f58ed5814
Documents why v1.1 keeps DB as primary resolution source with async
DHT verification, rather than making Someguy/Kubo DHT the primary
path. Key factors: <5ms DB latency vs 300-400ms DHT median, DB is
already correct for self-published records, and graceful degradation
comes for free.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 34d80f31c143

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR establishes the planning and research documentation for CipherBox v1.1, an IPFS Infrastructure hardening milestone. It defines a 5-phase roadmap (Phases 18–22) focused on IPNS reliability, database minimization, BYO-IPFS node support, and performance baselines. It simultaneously archives the v1.1 roadmap for what was formerly called "Milestone 3 (Encrypted Productivity Suite)" into milestones/m4/, renaming it to Milestone 4, and restores the M1 MVP requirements and roadmap for archival completeness.

Changes:

  • New .planning/ROADMAP.md and .planning/REQUIREMENTS.md defining the v1.1 IPFS Infrastructure milestone (Phases 18–22)
  • Research docs under .planning/research/ fully rewritten for the v1.1 IPFS Infrastructure focus; former M3 research relocated to .planning/research/m4/ with M3→M4 renaming
  • PROJECT.md, STATE.md, MILESTONES.md updated to reflect the active milestone; M1 requirements archived to milestones/m1/; M2 deferred items updated from "M3" to "M4"; pending todos tagged with milestone/phase

Reviewed changes

Copilot reviewed 27 out of 28 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
.planning/ROADMAP.md New v1.1 roadmap with 5 phases (18–22)
.planning/REQUIREMENTS.md New v1.1 requirements (25 total, 4 IPNS + 6 VAULT + 7 BYO + 8 PERF)
.planning/SCOPING_RATIONALE.md New doc capturing key architectural decisions and rejected alternatives
.planning/PROJECT.md Current milestone updated; contains scope items not in final requirements
.planning/STATE.md Updated to reflect active Phase 18 status
.planning/MILESTONES.md Restructured; M4 phases listed as "23+" but m4/ROADMAP.md uses 18–22
.planning/research/SUMMARY.md Fully rewritten for v1.1 IPFS focus
.planning/research/STACK.md Fully rewritten for v1.1 IPFS focus
.planning/research/FEATURES.md Fully rewritten for v1.1 IPFS focus
.planning/research/m4/ARCHITECTURE.md New M4 research file with stale "M3 Architecture" heading
.planning/research/m4/SUMMARY.md M3→M4 renamed; retains stale "M3 should" self-references
.planning/research/m4/STACK.md M3→M4 heading updated
.planning/research/m4/PITFALLS.md M3→M4 references updated
.planning/research/m4/FEATURES.md M3→M4 references updated
.planning/milestones/m1/m1-mvp-REQUIREMENTS.md New file, restored from git history
.planning/milestones/m1/m1-mvp-ROADMAP.md Phase 10.1 tech debt cleanup phase added
.planning/milestones/m4/ROADMAP.md M3→M4 renamed; phases still 18–22 (conflicts with v1.1 phases)
.planning/milestones/m4/REQUIREMENTS.md M3→M4 renamed correctly
.planning/milestones/m2/... M3→M4 deferred items updated in ROADMAP, REQUIREMENTS, audit, verification, context
.planning/todos/pending/*.md Three todos tagged with v1.1 milestone and phase assignments
Comments suppressed due to low confidence (2)

.planning/milestones/m4/ROADMAP.md:5

  • In the ROADMAP.md overview, the sentence "Real-time collaboration is explicitly deferred to M4; M4 delivers single-user editing with advisory locking for team documents." is self-referential and confusing — this document describes M4 itself. The first "M4" should instead say "M5+" (or whatever the subsequent milestone is), indicating that real-time collaboration is deferred beyond M4. This is a copy of the original M3 text that was partially updated but retains an incorrect self-reference.
    .planning/research/m4/SUMMARY.md:12
  • In the M4 SUMMARY.md Executive Summary, the sentence still reads "Real-time collaboration for documents should also be deferred to M4+; M3 should implement single-user editing with advisory locking for team documents." Both references are incorrect: since this document has been renamed to describe Milestone 4, "M4+" should read "M5+" and "M3 should" should read "M4 should".

You can also share your feedback on Copilot code review. Take the survey.

Comment thread .planning/MILESTONES.md
Comment thread .planning/PROJECT.md Outdated

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 27 out of 28 changed files in this pull request and generated no new comments.

Comments suppressed due to low confidence (2)

.planning/milestones/m4/ROADMAP.md:5

  • The sentence in line 5 of .planning/milestones/m4/ROADMAP.md reads: "Real-time collaboration is explicitly deferred to M4; M4 delivers single-user editing with advisory locking for team documents." This is self-contradictory — it says collaboration is deferred to M4, but then says M4 delivers single-user editing. The original text before the rename said "deferred to M4; M3 delivers single-user editing," which is now inconsistent. After renaming M3→M4, the intended meaning is that real-time collaboration is deferred to a future milestone beyond M4, and M4 itself delivers single-user editing. The sentence should read: "Real-time collaboration is explicitly deferred beyond M4; M4 delivers single-user editing with advisory locking for team documents."
    .planning/milestones/m4/ROADMAP.md:11
  • There is a phase numbering conflict: .planning/MILESTONES.md at line 99 defines Milestone 4 (Encrypted Productivity Suite) as using phases 23+, but .planning/milestones/m4/ROADMAP.md still defines the same milestone as using phases 18–22 (both at line 11 in the Phase Numbering section and in the progress table at lines 110–114). Since this PR assigns phases 18–22 to the new v1.1 IPFS Infrastructure milestone, the m4 roadmap's phase numbers (18–22) are now stale and conflict with MILESTONES.md's statement of 23+. The m4/ROADMAP.md phase numbers need to be updated to reflect that the Encrypted Productivity Suite will start at Phase 23.

You can also share your feedback on Copilot code review. Take the survey.

- ARCHITECTURE.md: Fix TEE key export — keep signed-record flow, reject
  Kubo key import that would export private key from TEE boundary
- ARCHITECTURE.md: Fix encryptedRootFolderKey end-state — DB copy is a
  permanent fallback, not eliminated
- STACK.md: Fix folder_ipns as "stays in DB (authoritative)" not removable
- STACK.md: Fix BYO token model contradiction — server-relay with
  server-side encrypted token, not client-only
- STACK.md: Fix phase ordering to match finalized 5-phase roadmap (18→22)
- SUMMARY.md: Fix 4-phase to 5-phase structure, fix zero crypto material
  claim to reflect permanent DB fallback
- PROJECT.md: Remove share/device/folder migration from active scope
  (deferred per SCOPING_RATIONALE.md)
- m4/: Replace all M3→M4 references, M4+→M5+ references
- m4/ROADMAP.md: Renumber phases 18-22 → 23-27 to avoid conflict with
  v1.1 IPFS Infrastructure phases

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: d86dcdbbc7b7

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

♻️ Duplicate comments (1)
.planning/research/m4/SUMMARY.md (1)

20-20: ⚠️ Potential issue | 🟡 Minor

Inconsistent milestone reference.

Line 20 states "M3 is additive" in a document describing Milestone 4's stack. This should reference M4 to maintain consistency with the document's scope.

🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.planning/research/m4/SUMMARY.md at line 20, Update the inconsistent
milestone reference in the sentence that currently reads "M3 is additive" to "M4
is additive" so the Milestone 4 summary correctly references M4; locate the
sentence in the SUMMARY.md content that says "The stack extends CipherBox's
existing NestJS + React + TypeORM + IPFS architecture. No foundational
technology changes are needed -- M3 is additive." and replace "M3" with "M4".
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.planning/milestones/m4/ROADMAP.md:
- Around line 1-11: The ROADMAP.md for "Milestone 4 -- Encrypted Productivity
Suite" is out-of-scope for this v1.1 IPFS Infrastructure PR (Phases 18-22);
either remove this file from the current commit or move it to the correct
milestone branch, or clearly mark it as non-blocking draft in the PR
description. Specifically, remove or relocate the
`.planning/milestones/m4/ROADMAP.md` file (or rename to `.draft`/add a header
indicating "For future milestone only") so the PR only contains artifacts for
Phases 18-22, and update the PR description to state that M4 roadmap is
intentionally included as reference if you choose to keep it.

In @.planning/PROJECT.md:
- Around line 13-20: The v1.1 scope in .planning/PROJECT.md conflicts with the
accepted scoping in .planning/SCOPING_RATIONALE.md; update the v1.1 section to
match the rationale by explicitly keeping folder_ipns, shares, device approvals,
quota tracking, and the permanent encryptedRootFolderKey fallback in PostgreSQL,
and mark BYO-IPFS as server-relay only (defer client-direct BYO-IPFS). Locate
and edit the v1.1 “auth-only DB” description and any bullet points mentioning
BYO-IPFS to reflect these exact terms (folder_ipns, encryptedRootFolderKey,
BYO-IPFS server-relay) so downstream planning aligns with the accepted scoping
decisions.

---

Duplicate comments:
In @.planning/research/m4/SUMMARY.md:
- Line 20: Update the inconsistent milestone reference in the sentence that
currently reads "M3 is additive" to "M4 is additive" so the Milestone 4 summary
correctly references M4; locate the sentence in the SUMMARY.md content that says
"The stack extends CipherBox's existing NestJS + React + TypeORM + IPFS
architecture. No foundational technology changes are needed -- M3 is additive."
and replace "M3" with "M4".

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: d0e45ece-f4a4-4abf-8085-2c3078d9cf9c

📥 Commits

Reviewing files that changed from the base of the PR and between a16b796 and 39269fe.

📒 Files selected for processing (9)
  • .planning/PROJECT.md
  • .planning/SCOPING_RATIONALE.md
  • .planning/milestones/m4/ROADMAP.md
  • .planning/research/ARCHITECTURE.md
  • .planning/research/STACK.md
  • .planning/research/SUMMARY.md
  • .planning/research/m4/PITFALLS.md
  • .planning/research/m4/STACK.md
  • .planning/research/m4/SUMMARY.md

Comment thread .planning/milestones/m4/ROADMAP.md
Comment thread .planning/PROJECT.md Outdated
FSM1 and others added 3 commits March 7, 2026 05:08
- Update goal to "more IPFS-native" instead of fully IPFS-native
- Replace "auth-only DB" language with specific items retained in DB
- Clarify BYO-IPFS is server-relay only for v1.1, client-direct deferred
- Update BYO-IPFS checklist item to match Decision 4

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 001cc9055b05
Update archived M2 links to point to the restructured paths under
.planning/milestones/m2/ instead of the old .planning/milestones/v1.0-* paths.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 6f40c1c30918
@FSM1 FSM1 merged commit 0d927e8 into main Mar 7, 2026
14 checks passed
@FSM1 FSM1 deleted the docs/milestone-v1.1-ipfs-infrastructure branch March 7, 2026 04:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants