# Cloud Backup Implementation Plan (Complete)

## 1. Frontend Implementation (Flutter)
- [x] **ApiService Updates**: Added `uploadBackup` and `downloadBackup` methods to interact with the backend (endpoints `/backups/upload` and `/backups/download`).
- [x] **LocalKeyBackupService Refactor**:
    - [x] Updated `createEncryptedBackup` to accept `includeKeys` and `includeMessages` flags.
    - [x] Added `uploadToCloud` method which **defaults to Messages Only** (no keys) for security.
    - [x] Added `restoreFromCloud` method to fetch and decrypt backups.
- [x] **UI Overhaul (LocalBackupScreen)**:
    - [x] Added "Cloud Mode" vs "Local Mode" toggle.
    - [x] Implemented "Zero Knowledge" warning UI when Cloud Mode is active (keys excluded by default).
    - [x] Added visual cues for "Secure Mode".
    - [x] Integrated `uploadToCloud` and `restoreFromCloud` calls with progress indicators and error handling.

## 2. Backend Implementation (Go)
- [x] **Database Schema**: Created migration `000003_e2ee_backup_recovery.up.sql` for:
    - `cloud_backups` table (stores encrypted blobs).
    - `backup_preferences` table.
    - `user_devices` table.
    - `sync_codes` table.
    - `recovery_guardians` and `recovery_sessions` tables (for future social recovery).
- [x] **API Endpoints**:
    - `POST /backups/upload`: Accepts encrypted blob, metadata, and version.
    - `GET /backups/download`: Retrieves latest backup.
    - `GET /backups/download/:backup_id`: Retrieves specific backup.
- [x] **Data Models**: Defined `CloudBackup`, `UploadBackupRequest`, `DownloadBackupResponse` structs matching frontend expectations.
- [x] **Handler Logic**: Implemented "blind storage" logic - backend stores opaque blobs and does not attempt decryption.

## 3. Deployment Status (Pending)
- [x] **Compilation**: Successfully compiled `sojorn-api-linux` and `migrate-linux` binaries locally.
- [ ] **Upload**: Failed to upload binaries to VPS (`194.238.28.122`) due to SSH authentication failure ("Permission denied") with provided credentials.
- [ ] **Migration**: Database migration failed from local machine due to port 5432 being closed/filtered. Needs to be run from the VPS.
- [ ] **Restart**: Service restart pending successful SSH access.

## 4. Next Steps
Once SSH access is restored (verify password or add public key):
1.  **Upload Binaries**: `scp sojorn-api-linux migrate-linux root@194.238.28.122:/root/`
2.  **Run Migration**: `ssh root@... "./migrate-linux -path ... up"`
3.  **Restart Service**: `ssh root@... "systemctl restart sojorn-api"`