You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Add a persistent trusted-device authorization model that records whether an already trusted client may automatically join sessions created by the current client or profile.
This creates a revocable product concept on top of ByteSync's existing trusted public keys.
Context
The current trusted clients list proves that a public key was manually approved. It does not express whether that client is allowed to join future sessions automatically, how long that permission lasts, or how it can be centrally surfaced to users.
The security study recommends a TrustedDeviceGrant style model with explicit scope, expiration, and revocation.
Proposed scope
Define a TrustedDeviceGrant domain model.
Bind a grant to the trusted client identity and public key fingerprint.
Support an initial scope suitable for the MVP, for example current machine or profile.
Add expiration and revocation metadata.
Ensure key rotation invalidates or suspends affected grants.
Define local and server-side persistence responsibilities.
Expose read/write services for UI, CLI, and session orchestration.
Out of scope
Enterprise PKI or MDM-backed enrollment.
Grant synchronization across unrelated users without an explicit trust model.
Fine-grained scheduling policies unless needed for the first MVP.
Acceptance criteria
A TrustedDeviceGrant model or equivalent is defined with owner, trusted client, public key fingerprint, scope, creation date, optional expiration, and revocation state.
Grants cannot authorize a client whose public key no longer matches the trusted public key.
Revoked or expired grants are rejected by automatic session flows.
Services exist to list, create, update, and revoke grants.
The model is usable from both UI and command-line workflows.
Summary
Add a persistent trusted-device authorization model that records whether an already trusted client may automatically join sessions created by the current client or profile.
This creates a revocable product concept on top of ByteSync's existing trusted public keys.
Context
The current trusted clients list proves that a public key was manually approved. It does not express whether that client is allowed to join future sessions automatically, how long that permission lasts, or how it can be centrally surfaced to users.
The security study recommends a
TrustedDeviceGrantstyle model with explicit scope, expiration, and revocation.Proposed scope
TrustedDeviceGrantdomain model.Out of scope
Acceptance criteria
TrustedDeviceGrantmodel or equivalent is defined with owner, trusted client, public key fingerprint, scope, creation date, optional expiration, and revocation state.Dependency
This epic supports the automatic trusted-session flow and should be designed before implementing the UI and CLI surfaces.