Post Token
This token represents a post created by a user.
The post token must contain a content (c) field. For other constraints see the Action Tokens.
Subtypes indicate the kind of content (encoded in t as POST:SUBTYPE):
| Subtype | Description |
|---|---|
| POST or POST:TEXT | Text-only post. Content is markdown. |
| POST:IMG | Image post. Content is markdown; attachments (a) hold the image file(s). |
| POST:VID | Video post. Content is markdown; attachments (a) hold the video file(s). |
| POST:DEL | Delete a previous post. |
Content-Addressing
This token is content-addressed using SHA-256:
- The entire JWT token (header + payload + signature) is hashed
- Action ID format:
a1~{base64_hash} - Changing any field invalidates the action_id
- See Content-Addressing & Merkle Trees for details
Immutability: Once created, a POST token cannot be modified without changing its action ID.
Attachments
The a (attachments) field can contain file references:
- Each entry is a file_id (
f1~...) - File IDs are content-addressed (SHA256 of file descriptor)
- Files contain multiple variants (different resolutions)
- See File Storage for details
Properties:
- Attachments are cryptographically bound to the post
- Cannot swap images without breaking the action signature
- Deduplication: same image in multiple posts = same file_id
- Federation: remote instances can verify attachment integrity
Database Key
POST has no key_pattern defined, so every post is unique and identified solely by its action ID. Posts are never overridden by subsequent posts (unlike REACT or REPOST, which use a key to dedup/override).
Example
User @someuser.cloudillo.net writes a post on the wall of @somegroup.cloudillo.net, attaching an image:
| Field | Value |
|---|---|
| iss | someuser.cloudillo.net |
| aud | somegroup.cloudillo.net |
| iat | 2024-04-13T00:00:00.000Z |
| k | 20240109 |
| t | POST:IMG |
| c | “Love U All <3” |
| a | [“f1~Qo2E3G8TJZ2HTGhVlrtTDBpvBGOp6gfGhq4QmD6Z46w”] |