+7 -52

README.md

reviewed

··· 1 1 # Malfestio 2 2 3 3 - Malfestio is a learning OS: flashcards + notes + lectures + articles, designed for daily study. 3 3 + Malfestio is a social learning platform: flashcards + notes + lectures + articles, designed for daily study. 4 4 5 5 Social layer: publish/share/remix learning artifacts; follow curators; discuss. 6 6 7 7 - ## Personas 8 8 - 9 9 - - **Learner**: studies daily; imports content; wants fast "review queue". 10 10 - - **Creator**: makes decks/notes; publishes updates; wants feedback + forks. 11 11 - - **Curator/Teacher**: bundles content into learning paths; annotates lectures/articles. 12 12 - - **Moderator/Community admin**: handles reports, takedowns, spam. 13 13 - 14 14 - ## Principles 15 15 - 16 16 - - Local-first study experience; offline study must not feel "second-class". 17 17 - - Shareable artifacts are portable: Lexicon-defined schemas + stable IDs. 18 18 - - Privacy by design: progress + recall history are private unless explicitly 19 19 - shared. 20 20 - 21 21 - ### Data Model 7 7 + ## Documentation 22 8 23 23 - - Note: markdown + structure + citations + links to sources. 24 24 - - Card: front/back (+ optional cloze, audio, image, code block). 25 25 - - Deck: ordered/clustered cards (+ metadata, tags). 26 26 - - Lecture: external URL + outline + timestamps + linked notes/cards. 27 27 - - Article: URL + extracted text (readability style heuristics) + highlights + 28 28 - linked notes/cards. 29 29 - - Collection/Path: curated bundle of decks + notes + sources. 30 30 - 31 31 - ## System Architecture 32 32 - 33 33 - ### Frontend (SolidJS) 34 34 - 35 35 - - App shell + router-driven workspaces (Library / Study / Create / Social). 36 36 - - Signals as primary state primitive; keep study session state in signals/store. 37 37 - 38 38 - ### Backend (Rust) 39 39 - 40 40 - - Axum API gateway: REST/XRPC-ish endpoints, tower middleware, typed extractors. 41 41 - - Services (logical, not necessarily microservices): 42 42 - - Identity/Auth service (local + optional ATProto OAuth integration) 43 43 - - Content service (notes/cards/decks/sources) 44 44 - - Study service (queue generation + grading + scheduling) 45 45 - - Social service (follows, feeds, comments, notifications) 46 46 - - Search service (indexing + query) 47 47 - - Moderation service (reports, takedowns, rules) 48 48 - 49 49 - ### Storage 50 50 - 51 51 - - Postgres: canonical app DB (users, private study state, cache of published records). 52 52 - - Object storage: images/audio, extracted article snapshots (if you store them). 53 53 - - Search index: separate system (Meilisearch/Typesense/ZincSearch-pick one later). 54 54 - 55 55 - ### Eventing 56 56 - 57 57 - - Internal outbox pattern (DB table) for: 58 58 - - reindex jobs, notification fanout, federation publish steps 9 9 + - [Personas & Principles](./docs/personas.md) – Target users and design philosophy 10 10 + - [Architecture](./docs/architecture.md) – System components and data model 11 11 + - [Information Architecture](./docs/information-architecture.md) – Navigation and URL structure 12 12 + - [Data Model Mapping](./docs/data-model-mapping.md) – Lexicon to database mapping 13 13 + - [Roadmap](./docs/todo.md) – Development milestones

+43

docs/architecture.md

reviewed

··· 1 1 + # System Architecture 2 2 + 3 3 + This document describes the technical architecture of Malfestio. 4 4 + 5 5 + ## Frontend (SolidJS) 6 6 + 7 7 + - App shell + router-driven workspaces (Library / Study / Create / Social). 8 8 + - Signals as primary state primitive; keep study session state in signals/store. 9 9 + 10 10 + ## Backend (Rust) 11 11 + 12 12 + - Axum API gateway: REST/XRPC-ish endpoints, tower middleware, typed extractors. 13 13 + - Services (logical, not necessarily microservices): 14 14 + - Identity/Auth service (local + optional ATProto OAuth integration) 15 15 + - Content service (notes/cards/decks/sources) 16 16 + - Study service (queue generation + grading + scheduling) 17 17 + - Social service (follows, feeds, comments, notifications) 18 18 + - Search service (indexing + query) 19 19 + - Moderation service (reports, takedowns, rules) 20 20 + 21 21 + ## Storage 22 22 + 23 23 + - Postgres: canonical app DB (users, private study state, cache of published records). 24 24 + - Object storage: images/audio, extracted article snapshots (if you store them). 25 25 + - Search index: separate system (Meilisearch/Typesense/ZincSearch-pick one later). 26 26 + 27 27 + ## Eventing 28 28 + 29 29 + - Internal outbox pattern (DB table) for: 30 30 + - reindex jobs, notification fanout, federation publish steps 31 31 + 32 32 + ## Data Model 33 33 + 34 34 + See [Data Model Mapping](./data-model-mapping.md) for the mapping between public Lexicon records and internal database tables. 35 35 + 36 36 + ### Core Entities 37 37 + 38 38 + - **Note**: markdown + structure + citations + links to sources. 39 39 + - **Card**: front/back (+ optional cloze, audio, image, code block). 40 40 + - **Deck**: ordered/clustered cards (+ metadata, tags). 41 41 + - **Lecture**: external URL + outline + timestamps + linked notes/cards. 42 42 + - **Article**: URL + extracted text (readability style heuristics) + highlights + linked notes/cards. 43 43 + - **Collection/Path**: curated bundle of decks + notes + sources.

+55 -11

docs/at-notes.md

reviewed

··· 1 1 # AT Protocol Research Notes 2 2 3 3 + Reference material for AT Protocol integration. For implementation details, see [todo.md](todo.md). 4 4 + 3 5 ## OAuth 2.1 Specification 4 6 5 7 AT Protocol uses a specific profile of OAuth 2.1 for client↔PDS authorization. ··· 44 46 45 47 Example: `at://did:plc:abc123/app.malfestio.deck/3k5abc123` 46 48 47 47 - ## Firehose Consumption 49 49 + ## Firehose / Jetstream 48 50 49 49 - For social features (trending, discovery, feeds): 51 51 + ### Raw Firehose 50 52 51 51 - - **WebSocket Connection**: Subscribe to `com.atproto.sync.subscribeRepos` from a Relay 52 52 - - **CBOR Decoding**: Parse incoming events (or use Jetstream for JSON) 53 53 + - **WebSocket**: Subscribe to `com.atproto.sync.subscribeRepos` from a Relay 54 54 + - **CBOR Decoding**: Parse incoming events 53 55 - **Cursor Management**: Track position for reconnection 54 56 55 55 - ## AppView Pattern 57 57 + ### Jetstream (Recommended) 56 58 57 57 - Index network-wide records to power discovery features: 59 59 + Bluesky's simplified JSON firehose: 58 60 59 59 - - Index `app.malfestio.*` records from firehose 60 60 - - Implement `getFeedSkeleton` for custom algorithmic feeds 61 61 - - Hydration service combines skeletons with full content from PDSes 61 61 + - JSON format (no CBOR decoding) 62 62 + - Reduced bandwidth (zstd compression) 63 63 + - Collection/repo filtering at source 64 64 + - Simpler reconnection with cursors 62 65 63 66 ## Well-Known Endpoints 64 67 ··· 66 69 - `/.well-known/oauth-protected-resource` — PDS OAuth metadata 67 70 - `/.well-known/oauth-authorization-server` — Auth server metadata 68 71 72 72 + ## Labelers 73 73 + 74 74 + **Architecture:** 75 75 + 76 76 + 1. Labels = metadata (source DID + subject AT-URI + value string) 77 77 + 2. User Subscription = users subscribe to labelers; clients include in API requests 78 78 + 3. Label Interpretation = per-user config to hide, warn, or ignore content 79 79 + 80 80 + **Structure:** 81 81 + 82 82 + ```json 83 83 + { 84 84 + "src": "did:plc:labeler", 85 85 + "uri": "at://did:user/app.bsky.feed.post/123", 86 86 + "val": "spam", 87 87 + "cts": "2026-01-01T00:00:00Z" 88 88 + } 89 89 + ``` 90 90 + 91 91 + ## Feeds 92 92 + 93 93 + **Core Flow**: 94 94 + 95 95 + 1. User requests feed via at-uri of declared feed 96 96 + 2. PDS resolves at-uri → Feed Generator's DID doc 97 97 + 3. PDS sends `getFeedSkeleton` to service endpoint (authenticated by user's JWT) 98 98 + 4. Feed Generator returns skeleton (list of post URIs + cursor) 99 99 + 5. PDS hydrates skeleton with full content (via AppView) 100 100 + 6. Hydrated feed returned to user 101 101 + 102 102 + ## AppView 103 103 + 104 104 + **Responsibilities**: 105 105 + 106 106 + 1. Record Processing & Indexing - consume firehose, build indices for likes, threads, follows 107 107 + 2. Moderation Enforcement - apply labels from subscribed labelers 108 108 + 3. Query Interface - expose XRPC API (proxied through PDS) 109 109 + 4. Media CDN - fetch/cache blobs from upstream PDSes, generate thumbnails 110 110 + 5. Search & Discovery - full-text search, type-ahead, content ranking 111 111 + 69 112 ## Patterns from Real AT Protocol Apps 70 113 71 114 ### plyr.fm (Music) ··· 73 116 - OAuth 2.1 via `@atproto/oauth-client` library 74 117 - Records synced to PDS: tracks, likes, playlists 75 118 - Separate moderation service (Rust labeler) 76 76 - - Data ownership: "tracks, likes, playlists synced to your PDS as ATProto records" 77 119 78 120 ### leaflet.pub (Writing) 79 121 80 122 - React/Next.js frontend with Supabase + Replicache for sync 81 123 - Bluesky integration via dedicated `lexicons/` and `appview/` directories 82 82 - - Publications posted to Bluesky 83 124 84 125 ### wisp.place (Static Sites) 85 126 ··· 101 142 - [Repository & XRPC](https://atproto.com/specs/xrpc) 102 143 - [Feed Generator Starter Kit](https://github.com/bluesky-social/feed-generator) 103 144 - [atproto TypeScript SDK](https://github.com/bluesky-social/atproto) 145 145 + - [Ozone Moderation Service](https://github.com/bluesky-social/ozone) 146 146 + - [Jetstream Firehose](https://docs.bsky.app/blog/jetstream) 147 147 + - [Labels and Moderation Guide](https://docs.bsky.app/docs/advanced-guides/moderation)

+14

docs/personas.md

reviewed

··· 1 1 + # Personas & Principles 2 2 + 3 3 + ## Personas 4 4 + 5 5 + - **Learner**: studies daily; imports content; wants fast "review queue". 6 6 + - **Creator**: makes decks/notes; publishes updates; wants feedback + forks. 7 7 + - **Curator/Teacher**: bundles content into learning paths; annotates lectures/articles. 8 8 + - **Moderator/Community admin**: handles reports, takedowns, spam. 9 9 + 10 10 + ## Design Principles 11 11 + 12 12 + - Local-first study experience; offline study must not feel "second-class". 13 13 + - Shareable artifacts are portable: Lexicon-defined schemas + stable IDs. 14 14 + - Privacy by design: progress + recall history are private unless explicitly shared.

+224 -33

docs/todo.md

reviewed

··· 21 21 22 22 - Lexicon defines record types + XRPC endpoints; JSON-schema-like constraints. 23 23 - Use "optional fields" heavily; avoid enums that will calcify the product too early. 24 24 - - Versioning: add fields, don’t rename; never rely on being able to rewrite history. 24 24 + - Versioning: add fields, don't rename; never rely on being able to rewrite history. 25 25 26 26 ### Schema boundaries (important) 27 27 ··· 45 45 - **(Done) Milestone D**: Identity + Permissions + Publishing Model. 46 46 - Auth MVP, Permission model (Private/Public/SharedWith), and basic Publishing flow implemented. 47 47 - Backend API and Frontend Editor updated with tests covering permissions and publishing. 48 48 + - **(Done) Milestone E**: Internal component library/UI Foundation + Animations. 48 49 - **(Done) Milestone F**: OAuth + PDS Record Publishing. 49 50 - OAuth 2.1 client flow (PKCE, DPoP, handle/DID resolution, token refresh). 50 51 - PDS client for `putRecord`, `deleteRecord`, `uploadBlob`. 51 52 - TID generation and AT-URI builder in core crate. 52 52 - - **(Done) Milestone E**: Internal component library/UI Foundation + Animations. 53 53 - - **(Done) Milestone F**: Content Authoring (Notes + Cards + Deck Builder). 54 54 - - **(Done) Milestone G**: Study Engine (SRS) + Daily Review UX. 53 53 + - **(Done) Milestone G**: Content Authoring (Notes + Cards + Deck Builder). 54 54 + - **(Done) Milestone H**: Study Engine (SRS) + Daily Review UX. 55 55 - SM-2 spaced repetition scheduler. 56 56 - - **(Done) Milestone H**: Social Layer v1: Follow graph, Feeds (Follows/Trending), Forking workflow, and Threaded comments. 57 57 - - **(Done) Milestone I**: Search + Discovery + Taxonomy. 56 56 + - **(Done) Milestone I**: Social Layer v1: Follow graph, Feeds (Follows/Trending), Forking workflow, and Threaded comments. 58 57 - Full-text search with pg_trgm/unaccent, visibility filtering, and unified search index. 59 58 - Tag taxonomy and Discovery page with top tags. 60 59 61 61 - ### Milestone J - Moderation + Abuse Resistance 60 60 + ### Milestone J - Static Content & Landing Page 61 61 + 62 62 + #### Deliverables 63 63 + 64 64 + **Marketing/Static Site:** 65 65 + 66 66 + - [ ] Landing page with hero section, feature highlights, social proof 67 67 + - Hero should have a graph paper/grid background 68 68 + - Floating flash cards, notes 69 69 + - [ ] "How it works" section with study flow visualization 70 70 + - [ ] About page with team/mission 71 71 + 72 72 + **App Vision Content:** 73 73 + 74 74 + - [ ] Onboarding flow with persona selection (Learner/Creator/Curator) 75 75 + - [ ] Empty states with helpful prompts for new users 76 76 + - [ ] Tutorial/walkthrough for first deck creation 77 77 + - [ ] Help center or FAQ section -> Should mention that the app is still in development and subject to change. 78 78 + 79 79 + **SEO & Meta:** 80 80 + 81 81 + - [ ] Open Graph / Twitter Card meta tags 82 82 + - [ ] Scripted with HTML2Canvas/PNG generation 83 83 + - Graph paper background 84 84 + - Floating flash cards, notes 85 85 + - [ ] Sitemap.xml generation 86 86 + - [ ] robots.txt configuration 87 87 + 88 88 + #### Acceptance 89 89 + 90 90 + - New visitors understand the value proposition within 10 seconds. 91 91 + - Onboarding flow guides users to create their first deck. 92 92 + 93 93 + ### Milestone K - AppView Indexing 94 94 + 95 95 + #### Deliverables 96 96 + 97 97 + **Firehose Enhancement:** 98 98 + 99 99 + - [ ] Upgrade firehose consumer to store full record content (not just metadata) 100 100 + - [ ] Add `indexed_decks`, `indexed_cards`, `indexed_notes` tables for remote content 101 101 + - [ ] Track latest processed revision per repo; handle deletions 102 102 + 103 103 + **Search & Discovery:** 104 104 + 105 105 + - [ ] Implement search over indexed remote records (extend `search_items` view) 106 106 + - [ ] User profile aggregation: follower counts, deck counts from federated sources 107 107 + 108 108 + **Export & Interop:** 109 109 + 110 110 + - [ ] Export local records as valid Lexicon JSON (`/api/export/:collection`) 111 111 + - [ ] Read-only "federated library" view showing remote decks 112 112 + 113 113 + #### Acceptance 114 114 + 115 115 + - A deck published from Malfestio can be discovered via another AT Protocol client. 116 116 + - Remote decks from followed users appear in search results. 117 117 + 118 118 + ### Milestone L - ATProto Integration Pass 62 119 63 120 #### Deliverables 64 121 65 65 - - Look into [Ozone](https://github.com/bluesky-social/ozone) 66 66 - - Reporting pipeline + review queue 67 67 - - Rate limits + spam heuristics 68 68 - - Takedown/visibility states (shadowed, removed, quarantined) 69 69 - - Audit logging for moderation actions 122 122 + **Identity & Auth:** 123 123 + 124 124 + - [ ] OAuth login directly to user's PDS (vs. local-only auth) 125 125 + - [ ] Handle resolution via DNS TXT or `/.well-known/atproto-did` 126 126 + - [ ] DPoP token binding for secure API calls 127 127 + 128 128 + **Sync & Conflict Resolution:** 129 129 + 130 130 + - [ ] Bi-directional sync: local drafts → PDS records, PDS records → local cache 131 131 + - [ ] Conflict resolution strategy for concurrent edits (last-write-wins or merge UI) 132 132 + - [ ] Offline queue for pending publishes 133 133 + 134 134 + **Deep Linking:** 135 135 + 136 136 + - [ ] AT-URI deep linking from external clients 137 137 + - [ ] Handle `at://` URL scheme in app 70 138 71 139 #### Acceptance 72 140 73 73 - - You can safely operate an open publishing surface. 141 141 + - User can log in with their existing Bluesky/PDS identity. 142 142 + - Local drafts sync correctly after reconnecting. 74 143 75 75 - ### Milestone K - Federation / ATProto Integration Pass 144 144 + #### Implementation Details 145 145 + 146 146 + **Considerations:** 147 147 + 148 148 + - Scalability: substantial compute; caching, DB optimization, distributed processing 149 149 + - Lexicon Validation: validate schemas, ignore invalid records gracefully 150 150 + - Account State: track latest processed revision per repo; handle deletions 151 151 + - Bluesky's AppView uses PostgreSQL or ScyllaDB + image proxy + AppView core 152 152 + 153 153 + **Identity:** 154 154 + 155 155 + - Use `did:web` for simplicity, `did:plc` for long-term stability 156 156 + - ATProto OAuth is the forward path 157 157 + 158 158 + ### Milestone M - Custom Feed Generator 76 159 77 160 #### Deliverables 78 161 79 79 - - Phase 1 (minimum): 80 80 - - export Lexicon records 81 81 - - ingest remote records into a read-only "federated library" 82 82 - - Phase 2: 83 83 - - OAuth login to PDS + publish records directly (client or server mediated) 84 84 - - reconcile local drafts with remote published state 162 162 + **Infrastructure:** 163 163 + 164 164 + - [ ] Feed Generator service with `did:web` identity 165 165 + - [ ] Publish `app.bsky.feed.generator` declaration record to creator's repo 166 166 + - [ ] DID document with service endpoint for feed requests 167 167 + 168 168 + **Endpoints:** 169 169 + 170 170 + - [ ] `app.bsky.feed.getFeedSkeleton` - Return post URIs + cursor for pagination 171 171 + - [ ] `app.bsky.feed.describeFeedGenerator` - Feed metadata (DID, name, description) 172 172 + - [ ] JWT authentication for user-personalized feeds 173 173 + 174 174 + **Algorithms:** 175 175 + 176 176 + - [ ] "Trending Decks" - Top decks by fork/like count in last 7 days 177 177 + - [ ] "New from Following" - Latest decks from followed creators 178 178 + - [ ] "Study Streak Leaders" - Decks with highest completion rates (anonymized) 179 179 + 180 180 + **Indexing:** 181 181 + 182 182 + - [ ] Subscribe to `com.atproto.sync.subscribeRepos` (or Jetstream) for `app.malfestio.*` records 183 183 + - [ ] Index posts with compound cursor (timestamp::CID) for deterministic pagination 184 184 + - [ ] Garbage collect indexed data older than 48 hours (except pinned content) 85 185 86 186 #### Acceptance 87 187 88 88 - - A published artifact is portable beyond your app. 188 188 + - Custom feed appears in Bluesky and other AT Protocol clients. 189 189 + - Feed surfaces relevant learning content based on engagement signals. 190 190 + - Pagination works correctly across feed refreshes. 89 191 90 90 - #### Notes 192 192 + #### Implementation Details 91 193 92 92 - - ATProto OAuth is the forward path; plan on it. 93 93 - - XRPC endpoint patterns and legacy session behavior exist, but treat them as transitional. 194 194 + **Core Flow:** see [AT Notes](./at-notes.md#feeds) 94 195 95 95 - ### Milestone L - Reliability, Observability, Launch 196 196 + **Skeleton Response Format:** 197 197 + 198 198 + ```json 199 199 + { 200 200 + "feed": [ 201 201 + {"post": "at://did:example/app.bsky.feed.post/1"}, 202 202 + {"post": "at://did:example/app.bsky.feed.post/2"} 203 203 + ], 204 204 + "cursor": "1683654690921::bafyrei..." 205 205 + } 206 206 + ``` 207 207 + 208 208 + **Skeleton Metadata Types:** 209 209 + 210 210 + ```typescript 211 211 + type SkeletonItem = { 212 212 + post: string // post URI 213 213 + reason?: Reason // optional context (e.g., repost) 214 214 + } 215 215 + type ReasonRepost = { 216 216 + $type: 'app.bsky.feed.defs#skeletonReasonRepost' 217 217 + repost: string // repost URI 218 218 + } 219 219 + ``` 220 220 + 221 221 + **Considerations:** 222 222 + 223 223 + - Validate user JWTs if feed depends on user state (follows, likes) 224 224 + - Use compound cursor (timestamp::CID) for deterministic pagination 225 225 + - Most feeds can garbage collect data older than 48 hours 226 226 + - Reference: [Feed Generator Starter Kit](https://github.com/bluesky-social/feed-generator) 227 227 + 228 228 + ### Milestone N - Reliability, Observability, Launch 96 229 97 230 #### Deliverables 98 231 99 99 - - Metrics + tracing + structured logs 100 100 - - Backups + restore drills 101 101 - - Load test targets (study session + feed + search) 102 102 - - Beta program + feedback loop + roadmap iteration 232 232 + **Observability:** 103 233 104 104 - ## Open Questions (Parked Decisions) 234 234 + - [ ] Structured logging with correlation IDs 235 235 + - [ ] Metrics collection (Prometheus/OpenTelemetry) 236 236 + - [ ] Distributed tracing for request flows 237 237 + - [ ] Error tracking (Sentry or similar) 105 238 106 106 - - Local-first mechanics: full offline authoring + later publish, or online-only creation? 107 107 - - Federation depth: read-only ingest first, or publish-to-PDS in the first public beta? 108 108 - - Content extraction: store extracted article snapshots (legal/ops implications), or store only metadata + highlights? 239 239 + **Reliability:** 240 240 + 241 241 + - [ ] Database backups + restore drills 242 242 + - [ ] Health check endpoints (`/health`, `/ready`) 243 243 + - [ ] Graceful shutdown handling 244 244 + - [ ] Circuit breakers for external dependencies 245 245 + 246 246 + **Load Testing:** 247 247 + 248 248 + - [ ] Study session throughput targets 249 249 + - [ ] Feed generation latency benchmarks 250 250 + - [ ] Search query performance under load 251 251 + 252 252 + **Launch Prep:** 253 253 + 254 254 + - [ ] Beta program signup flow 255 255 + - [ ] Feedback collection mechanism 256 256 + - [ ] Feature flags for gradual rollout 257 257 + 258 258 + #### Acceptance 259 259 + 260 260 + - System handles 10x expected load without degradation. 261 261 + - Mean time to recovery < 5 minutes for common failures. 262 262 + 263 263 + ### Milestone O - Moderation + Abuse Resistance 264 264 + 265 265 + #### Deliverables 266 266 + 267 267 + **Labeler Infrastructure:** 268 268 + 269 269 + - [ ] Dedicated Bluesky account for labeler service 270 270 + - [ ] Publish `app.bsky.labeler.service` record to make discoverable 271 271 + - [ ] Self-host Ozone backend + UI (Docker setup in `HOSTING.md`) 272 272 + - [ ] Configure report types via `goat` CLI 273 273 + 274 274 + **Endpoints:** 275 275 + 276 276 + - [ ] `com.atproto.label.subscribeLabels` - real-time label stream 277 277 + - [ ] `com.atproto.label.queryLabels` - query published labels 278 278 + - [ ] `com.atproto.report.createReport` - accept user reports 279 279 + 280 280 + **Moderation Features:** 281 281 + 282 282 + - [ ] Reporting pipeline + review queue UI 283 283 + - [ ] Rate limits + spam heuristics 284 284 + - [ ] Takedown/visibility states (shadowed, removed, quarantined) 285 285 + - [ ] Audit logging for moderation actions 286 286 + 287 287 + #### Acceptance 288 288 + 289 289 + - You can safely operate an open publishing surface. 290 290 + - Users can subscribe to your labeler and see moderation applied. 291 291 + 292 292 + **Reference:** [Ozone Moderation Service](https://github.com/bluesky-social/ozone) 293 293 + 294 294 + ## Open Question/Parked Decisions 295 295 + 296 296 + - Full offline authoring + later publish 297 297 + - Federation depth: publish-to-PDS in the first public beta 298 298 + - Content extraction: store extracted article snapshots locally (browser) 299 299 + - Persist only metadata + highlights