fritter icon indicating copy to clipboard operation
fritter copied to clipboard

Published 20 hours ago verified publisher icon beakerbrowser

Encrypted data storage

Open fsteff opened this issue 7 years ago • 2 comments

For some future features that require entries that are not supposed do be read by others (eg settings, private messages,... ) an encrypted storage would be useful. I've read about the privacy problem in multiple threads, so i write a new one.

The encryption key itself could be encrypted with the public key of the page/account, so the key can be shared with others if needed (eg for private messages) .

fsteff avatar Jan 15 '18 11:01 fsteff

Should not do this on the phone, damn ui😅

Also, probably this is not fritter specific, but WebDB...

fsteff avatar Jan 15 '18 11:01 fsteff

Yeah this has been on my mind. If you wanted to experiment, you could use https://github.com/sodium-friends/sodium-universal or something like it within an app. You'd write the public keys to the profile somewhere, and then save the private keys to localStorage. It's not a great longterm solution -- eventually the browser is going to need to manage private keys securely, and ideally keep the private keys out of the app's memory space entirely. We also need to give apps better tools to lock down their execution space (ie CSP controls). But it'd be a good PoC.

pfrazee avatar Jan 15 '18 17:01 pfrazee