Bump version to 0.1.2, update tesseras-dht to 0.1.3

Document -v flag in tp(1) and tpd(1) man pages

Bump version to 0.1.1, update tesseras-dht to 0.1.2

Add automatic re-join and -v flag for verbose logging When the routing table drops to zero peers, the daemon now re-joins bootstrap nodes every 60s, unbanning their addresses first so replies are not silently discarded. Both tp and tpd accept -v for debug-level output without needing RUST_LOG environment variable.

Add CHANGELOG.md for 0.1.0

Update README, bump tesseras-dht to 0.1.1, add project docs - Rewrite README with features, usage, and links - Bump tesseras-dht dependency from 0.1.0 to 0.1.1 - Add CODE_OF_CONDUCT.md and SECURITY.md

Limit stdin read in tp, bound protocol drain, document Arc leak - tp: limit stdin to 64 KiB + 1 byte to reject oversized pastes early without unbounded memory allocation - daemon: bound the oversized-line drain to MAX_LINE_SIZE so a client without newlines cannot block beyond the read timeout - tpd: document intentional Arc::into_raw leak in signal handler

Harden identity key permissions, atomic writes, and HTTP method - Write identity.key with mode 0600 to prevent other users from reading the Ed25519 private seed - Use destination filename in atomic_write temp path to avoid collisions between concurrent writes to different files - Reject HTTP methods other than GET/HEAD with 405 - Return "Hello Tesseras World" on GET /

Add missing pledge promises (drm, prot_exec) and source reference Add reference to pledgereq[] in /usr/src/sys/kern/kern_pledge.c and include drm and prot_exec that were missing from the list.

Fix clippy warnings: needless borrow and collapsible if

Log socket setup errors in Unix client handler Warn when set_nonblocking or set_read_timeout fails instead of silently disconnecting the client.

Handle HTTP connections in separate threads with cap of 8 A slow connection or DHT lookup (up to 30s) no longer blocks the entire HTTP accept loop. Connections beyond the limit get a 503 response.

Exit early if data directory cannot be created Report the actual error instead of silently ignoring it and failing later with a confusing message in PasteStore::open.

Fix critical data integrity and security issues - Atomic writes in store (write-to-temp + rename) to prevent corruption on crash - Validate DHT results against requested content hash to reject forged data from malicious nodes - Limit protocol line size to 128 KiB on Unix socket to prevent memory exhaustion - Use saturating_add for TTL expiry to prevent u64 overflow

Add pledge(2) and unveil(2) sandboxing for tp and tpd tpd: unveil data dir (rwc), resolv.conf (r) when DNS needed, then pledge stdio rpath wpath cpath fattr inet unix dns. tp: unveil socket path (rw), then pledge stdio unix rpath.

Add DNS SRV bootstrap discovery for automatic peer finding tpd now queries _tesseras._udp.tesseras.net SRV records to discover bootstrap peers when no -b flag is given. Add -n flag to disable this automatic discovery for seed/isolated nodes.

Initial commit: tesseras-paste decentralized pastebin DHT-backed encrypted pastebin with two binaries (tp/tpd), XChaCha20-Poly1305 encryption, content-addressed storage, and Unix socket + HTTP interfaces.