Did drive

Author: joepio

DIDS-DRIVES-ROUTING.md

@@ -0,0 +1,52 @@
+# DID-Native Drives and Domain Routing Plan
+
+## Overview
+Atomic Data is moving away from a fixed "main drive" at the root `/` of a server. Instead, every Drive is a first-class decentralized citizen identified by a DID, and human-readable access is handled via a **Domain-to-DID mapping** system.
+
+## Core Concepts
+
+### 1. Identity vs. Alias
+- **Identity (Immutable)**: A Drive is identified by its DID: `did:ad:{genesis}?drive={hash}`.
+- **Alias (Mutable)**: A Domain or Subdomain (e.g., `joep.atomicdata.dev`, `localhost:9883`) is an alias that routes to a specific Drive DID.
+
+### 2. Agent-First Onboarding
+Onboarding no longer starts with a "nameless" drive. It starts with the user:
+1. **Create Agent**: Generate an Ed25519 keypair (`did:ad:agent:...`).
+2. **Create Drive**: The Agent signs the genesis commit for a new Drive.
+3. **Bind Alias**: The Server maps the current `Host` (e.g., `localhost`) to this Drive's DID.
+
+### 3. Multi-Tenancy & Routing
+The server uses the HTTP `Host` header to determine which Drive to serve:
+- `joep.atomicdata.dev` -> Serves Joep's Drive.
+- `jane.atomicdata.dev` -> Serves Jane's Drive.
+- `localhost:9883` -> Serves the developer's default Drive.
+
+---
+
+## Implementation Phases
+
+### Phase 1: Backend Routing & Mapping
+- [ ] **Mapping Store**: Implement a mechanism in `atomic-server` to store and query `Host -> Drive DID` mappings.
+- [ ] **Host-Based Resolution**: Update the HTTP request handler to check the `Host` header.
+- [ ] **Relative Pathing**: Ensure that paths like `/classes` are correctly resolved relative to the Drive DID mapped to the current Host.
+
+### Phase 2: Drive Lifecycle & Population
+- [ ] **Standard Initialization**: Refactor `atomic_lib::populate` so it can be applied to any Drive DID (creating `/classes`, `/tags`, etc. within that drive).
+- [ ] **Drive Resource**: Ensure the Drive resource itself contains the necessary metadata (Drive Public Key, Hash, Owner).
+
+### Phase 3: Server Setup & Onboarding UI
+- [ ] **Node Setup State**: Detect when a server has no mappings and enter "Setup Mode".
+- [ ] **Setup UI**: A dedicated frontend flow for creating an Agent and the first Drive.
+- [ ] **Alias Registration**: A secure way for the first Agent to "claim" the server's primary domain.
+
+### Phase 4: Decentralized Discovery
+- [ ] **JSON-AD Headers**: Include the true `did:ad` identity in HTTP responses so clients can switch to P2P resolution.
+- [ ] **DHT/Reticulum Announces**: Servers announce the Drive hashes they host to the P2P networks.
+
+---
+
+## Success Criteria
+1. Running `atomic-server` for the first time leads to an Agent/Drive creation flow.
+2. Multiple drives can be accessed via subdomains on the same server instance.
+3. Every drive has its own `/classes`, `/templates`, and `/files` collections.
+4. Resources shared via `did:ad` identifiers are resolvable across different servers using the routing hints.

browser/data-browser/src/components/forms/NewForm/CustomCreateActions/CustomForms/NewDriveDialog.tsx

@@ -25,6 +25,7 @@ import { useSettings } from '../../../../../helpers/AppSettings';
 const DRIVE_PUBLIC_KEY = 'https://atomicdata.dev/properties/drive/publicKey';
 const DRIVE_PRIVATE_KEY = 'https://atomicdata.dev/properties/drive/privateKey';
 const DRIVE_HASH = 'https://atomicdata.dev/properties/drive/hash';
+const SUBDOMAIN = 'https://atomicdata.dev/properties/subdomain';
 
 function decodeBase64(base64: string): Uint8Array {
   const binary = atob(base64);
@@ -50,8 +51,17 @@ export const NewDriveDialog: FC<CustomResourceDialogProps> = ({
 }) => {
   const store = useStore();
   const nameFieldId = useId();
+  const subdomainFieldId = useId();
   const { setDrive } = useSettings();
   const [name, setName] = useState('');
+  const [subdomain, setSubdomain] = useState('');
+  const [subdomainEdited, setSubdomainEdited] = useState(false);
+
+  useEffect(() => {
+    if (!subdomainEdited) {
+      setSubdomain(stringToSlug(name));
+    }
+  }, [name, subdomainEdited]);
 
   const createAndNavigate = useCreateAndNavigate();
 
@@ -86,6 +96,7 @@ export const NewDriveDialog: FC<CustomResourceDialogProps> = ({
         [DRIVE_PUBLIC_KEY]: driveKeys.publicKey,
         [DRIVE_PRIVATE_KEY]: driveKeys.privateKey,
         [DRIVE_HASH]: driveHash,
+        [SUBDOMAIN]: subdomain.trim(),
       },
       {
         noParent: true,
@@ -138,6 +149,7 @@ export const NewDriveDialog: FC<CustomResourceDialogProps> = ({
     onClose();
   }, [
     name,
+    subdomain,
     createAndNavigate,
     onClose,
     setDrive,
@@ -175,6 +187,19 @@ export const NewDriveDialog: FC<CustomResourceDialogProps> = ({
               />
             </InputWrapper>
           </Field>
+          <Field label='Subdomain' fieldId={subdomainFieldId}>
+            <InputWrapper>
+              <InputStyled
+                id={subdomainFieldId}
+                placeholder='my-drive'
+                value={subdomain}
+                onChange={e => {
+                  setSubdomain(e.target.value);
+                  setSubdomainEdited(true);
+                }}
+              />
+            </InputWrapper>
+          </Field>
         </form>
       </DialogContent>
       <DialogActions>

browser/data-browser/src/locales/de.po

@@ -3465,3 +3465,7 @@ msgid ""
 "Save it somewhere safe, the secret will not be show again and if\n"
 "you lose it you will not be able to access this user again."
 msgstr ""
+
+#: src/components/forms/NewForm/CustomCreateActions/CustomForms/NewDriveDialog.tsx
+msgid "Subdomain"
+msgstr ""

browser/data-browser/src/locales/en.po

@@ -3487,3 +3487,7 @@ msgstr ""
 "IMPORTANT! Below is your agent secret, you use this to login.\n"
 "Save it somewhere safe, the secret will not be show again and if\n"
 "you lose it you will not be able to access this user again."
+
+#: src/components/forms/NewForm/CustomCreateActions/CustomForms/NewDriveDialog.tsx
+msgid "Subdomain"
+msgstr "Subdomain"

browser/data-browser/src/locales/es.po

@@ -3451,3 +3451,7 @@ msgid ""
 "Save it somewhere safe, the secret will not be show again and if\n"
 "you lose it you will not be able to access this user again."
 msgstr ""
+
+#: src/components/forms/NewForm/CustomCreateActions/CustomForms/NewDriveDialog.tsx
+msgid "Subdomain"
+msgstr ""

browser/data-browser/src/locales/fr.po

@@ -3464,3 +3464,7 @@ msgid ""
 "Save it somewhere safe, the secret will not be show again and if\n"
 "you lose it you will not be able to access this user again."
 msgstr ""
+
+#: src/components/forms/NewForm/CustomCreateActions/CustomForms/NewDriveDialog.tsx
+msgid "Subdomain"
+msgstr ""

home.png

@@ -307,7 +307,7 @@ impl Commit {
         let subject_url = match &subject {
             Subject::Internal(u) => u.clone(),
             Subject::External(u) => u.clone(),
-            Subject::Did(u) => u.clone(),
+            Subject::Did { url, .. } => url.clone(),
         };
 
         if subject_url.query().is_some() {
@@ -360,7 +360,7 @@ impl Commit {
                 // For new DID resources, grant the signer explicit write access so future
                 // commits don't need drive-level rights. Agents are excluded because they
                 // already have self-write via their subject matching the agent check.
-                if matches!(applied.resource_new.get_subject(), Subject::Did(_)) {
+                if matches!(applied.resource_new.get_subject(), Subject::Did { .. }) {
                     let is_agent = applied
                         .resource_new
                         .get(urls::IS_A)