Just got some access control stuff working and upgraded peerchan.net to where a list of keys is stored in the database to control which nodes can directly write to it. This paves the way for p2p posting via the peerchan-peer client, which is the next thing to work on.
The mechanism I'm currently thinking of is that there will be a separate database of "proposed posts" that any user can write to, and only the mediator server (for now) can delete from. The mediator server keeps track of new proposed posts in this pool, and when it finds a new one, it validates it and then does things like adding the timestamp, default name if the user didn't enter a name, checking the character limit, and things like that. Then if everything is valid it writes the validated/timestamped/etc post to to the posts database that frontends like peerchan-peer render from.
In the future I'd like to expand things so that people creating their own boards can also have root access and validate posts that are added to their own board without using the mediator server (eg. peerchan.net) as a validator server.
Let me know if you have any ideas or alternatives around this as I'm curious.