{
  "$type": "site.standard.document",
  "canonicalUrl": "https://devlog.croft.click/2025/12/22/socialsync-v0-4-0-security",
  "description": "Implementing encrypted session storage, rate limiting, and audit logging for atproto-connect.",
  "path": "/2025/12/22/socialsync-v0-4-0-security",
  "publishedAt": "2025-12-22T00:00:00.000Z",
  "site": "at://did:plc:ofrbh253gwicbkc5nktqepol/site.standard.publication/3mlen2qhzrt2s",
  "tags": [
    "socialsync",
    "atproto",
    "minecraft",
    "security"
  ],
  "textContent": "Security First\nAs part of the v0.4.0 release of atproto-connect (now Social Sync), I've focused heavily on the security architecture to ensure player data is protected from the start.\n\n- Encrypted Storage: Implemented AES-256-GCM encryption for all session data stored on the client.\n- Audit Logging: Added a comprehensive security audit log that tracks authentication attempts, rate limit violations, and session lifecycle events.\n- Rate Limiting: Introduced rate limiting for authentication attempts to prevent brute-force attacks.\n- Record Manager: Built a robust RecordManager to handle CRUD operations and batch processing for AT Protocol records.\n- GUI Auth: Added a preliminary GUI for authentication within the Minecraft client.",
  "title": "Social Sync v0.4.0 — Security Hardening"
}