Features (high level)

  • Save browser url
  • All urls have an a ttl, configurable from presets in the user account. Infinite is not allowed and a hard cap e.g. 1 month will be set app wide. This is incentivizes using LS as a way of consuming content, not storing or archiving it.
    • Once an account has no urls, the user will be deleted. If you add another link, using your uuid the “account” will be recreated. The account is just a map of urls and some configurations.
  • There will also be a max capacity of links as well to force people to keep their reading list small and actually read the shit in there instead of finding hundreds of “will never read this” bookmarks.
  • Syncing is done via sharing a url (possibly stored in chrome and firefox accounts) ${uuid}#${secret}.
  • Auth will work as follows: client sends server uuid and encrypted version of uuid using the secret as “password”. If both the uuid object exists and uuid.password is correct then the request is authenticated. (might give out a token, might not, unsure. For mvp, just re-auth each request and send the data over along with the uuid and encrypted-uuid)

Possible implementations

Browser extension:

  • Click the icon will save the page in the stash
  • In chrome, save group or save tab selection into stash
  • Right click to open menu w/ link to dashboard

Webapp:

  • List and links to read and then delete them.
  • Add them from here too.
  • API:
    • Same api used by webapp and extension, so that others may integrate it as they please.

Privacy

Both will use E2EE akin to excalidraw, using a randomly generated string for “account-name” and a encryption key stored in the hash of the url when sharing / on the webapp and in localstorage for usage in js. This key NEVER leaves the browser. The user is only aware of the “account-name” and metadata about the urls but the urls are encrypted.

This will allow the app to have the features I want while being able to both not care and not know what users are storing.