So I'm in a phase where I'd like to start hooking up my #tightbeam app with a GraphQL backend (thinking patchql as many of you pointed out).

The basic idea (for now) is to start Patchwork with a small plugin (needs to be incredibly easy to set up for the end-user), then open the mobile app and hook that up to the patchwork machine to start receiving gossip.

There are however 2 problems that I'd like to tackle at some point:

1. I can't bother my users with ip-addresses nonsense.

To take myself as an example: I keep patchwork installed on a laptop that is moving from network to network so I would need to update the phone side all the time to find my laptop. second issue with that is that most WIFI networks I connect to don't allow me to just login to the router to open up ports.
The dat protocol is pretty sick, you can basically take a hash-address and connect to it... I'm going to need something like that to start a connection with PatchQL. how, no idea.

2. safety

I will need to create some kind of rate-limited auth/oath system on top of PatchQL or the connection above to make sure others can't just get in on my session and read/post on my behalf (especially when I start interfacing my PatchQL instances to public ports. For this I probably need to start a chitchat with @Piet.

One of the solutions would be to make my own graphQL server (that also allows the creation of new gossip), but that's potentially going to be a big extra stone in the maintenance-backpack.

I'd love to have a chat with you @Piet and @Matt McKegg if you have some time this week to go over some questions and more importantly, hear you out on the thoughts you have on that fancy PatchQL system you built.

hey @Hendrik Peter there's local discovery via UDP already happening with ssb-server - here's the plugin : https://github.com/ssbc/ssb-local/blob/master/index.js

Seems to use the module : http://npmjs.com/broadcast-stream

So Patchwork is already announcing it's feedId, ipaddress, port - you could get it also to announce its graphql port, or just have the phone take a stab at some default graphql port...

I wonder if you could just do something with the phone like take a picture of a QR code in your Patchwork which can be used to authenticate graphql requests.

This idea of bootstrapping of Patchwork (or Patchbay) is nice, but it's also a bit different to what you were doing before. i.e. in this case the secret is going to be on the laptop being managed by Patchwork. ... unless you have a different private key for your phone. hmm

That is awesome @mixmix, That lib seems to be mostly for local networks, but it is perfectly good pointer! The easiest way would be to broadcast something html-alike that has the QR code on the server-side (hub, patchwork, etc) of things like you said. from there it should broadcast up, start a good TLS, followed by auth, then ping details back and forth from there.

I'm a bit torn on the hub-side of things. I really like the idea and would love to get it to work, but signing things on the phone will mean that I need to be able to access a more comprehensive database, I'm trying to figure that out. In the spirit of getting the interface to show fancy stuff and having data to work with, I was looking in different directions. Patchwork -> phone seemed to be straight forward. But, yeah it's far from perfect and even further away from what I want to solve.

I'm reading through the code you guys wrote in my free time. Just to figure out some kind of good way to get things working - without compromising security. it's a tough pickle, even when doing the 0 hops stuff you suggested earlier. graphQL is a nice tool and i would love to use it. It is however a feature, not a solution by definition.

As soon as I get two main views running on the phone (index & detailed view) to a degree where I can show basic (dummy-) data, I will have to start diving into the server-side and sketch out some kind of architecture where private keys can stay client-side (without ever leaking them over the wire) while public-keys and/or the gossip-store are server-side (kinda funny, as it's often the other way around in "normal" computer systems).

Anyway... Huge thanks for the info/nudges in right directions you keep providing! I have been making architectures, apps and sites for news-systems & consulting clients for years, but all of this is a vast new ocean.

here's another idea @Hendrik Peter - make a read-only thing on your phone first. I think you'll have plenty of work on your plate just getting that going. If it's a good experience then you can figure out some sort of writing?

TBH, I think typing lengthy thoughtful responses on ones phone is a just a bit hard, so maybe it's fine to let people read and digest a bit.