%3/5CP5b3fZ/0WV+T0Ye7WTeSMzfI3Tk5az6ufGY656w=.sha256What if ssb-patchql could be provided these in a header of a HTTPS request from the client, store them in the request’s context, and use that to return the appropriate results when resolving the query?
That introduces 2 small problems:
The wire: It's much safer to send temporary tokens through the air. If tokens leak, they are going to be valid for a limited time anyway so damage is containable. They are used to authorize you agasinst something, If you send the private key over the network and it leaks you're in an entirely different can of worms, the private key is in some sense "you".
The database problem. The location of the private key defines the place where all posts are signed and hashed to the database (correct me if I'm wrong), so if the key is on the phone, the phone needs to gather new posts.
I'm going to research ssb-gossip and the inner-workings of ssb-server a bit better to understand it more and see if I can divide tasks between devices. Alternatively I just go to the approach of doing everything client side and using the server-side as a blobs-dump.
@Piet , thanks I'll read through that, once again you present me with really tangible stuff!
as a foot-note: I'm flexible enough really to go into many directions from here and there's no clock ticking either I wanna do this "right". Right doesn't mean that everyone is happy all the time though, silver bullets don't exist.