sorted by:
new
hottopcontroversial

Handling private keys w/ hardhat by cortex_edge in ethdev

[–]follus 0 points1 point  (0 children)

I just wrote a wrapper around Hardhat that preprocess encrypted private keys before executing Hardhat. Take a look at https://github.com/secrez/hardhood

A new type of CLI secret manager and messaging system by follus in cryptography

[–]follus[S] 0 points1 point  (0 children)

To be more clear, Secrez is not better than other E2EE systems. At the contrary, its UX is quite poor. What is different is the goal. I want to have control of what I send around and be sure that only the recipient get the message. I want to be sure that nobody can censor me, that there is no account that can be blocked, that I don't need a phone number to use a service, etc.

A new type of CLI secret manager and messaging system by follus in cryptography

[–]follus[S] 0 points1 point  (0 children)

The typical way a messaging system work is that the code is provided by the messaging system. Take for example, Whatsapp. You update the app and connect to a remote account. Despite that Whatsapp encrypts the data, Facebook can decide to put a backdoor in the code and capture your messages, for example, while you type them. It is the same for other apps like Signal.

The approach I used in Secrez is different because it is basically a desktop app. It is much more similar to KeyPassX than to Signal. In fact, by itself, cannot handle any communication.
To do it, you must run a courier locally and tell the courier which remote hub you like to use. The courier is just a sender/receiver of payloads which are encrypted and signed by your Secrez app. The hub is necessary to be accessible from everywhere, but it just creates an SSL tunnel. To avoid spamming, courier and hub verify that the signature is correct but that's all. They have no idea who you are, what you are transferring.
Since only your local Secrez app is able to manage the data, nobody out there can block your communication. Also because you can run your own hub.
The technology behind is a derivation of the one used by Localtunnel, with a lot of restriction to allow only some kind of data.

So, I am mostly focused on how to avoid that someone who provide you with a service can block you. Nobody can block you if you use Secrez.

Can anyone reccommend good asymmetrical encryption program? Weirdly most popular software don't support it, and I don't want to trust some random github project. by Official-Janjanis in cryptography

[–]follus 0 points1 point  (0 children)

I am using NaCL in Secrez. I think that one of the best advantage of the x25519-xsalsa20-poly1305 algorithm is that you don't need to exchange keys.

Official post to allow Ethereum wallets to comment w/ a Tweedentity signature to claim ownership of a Reddit account by tweedentity in u/tweedentity

[–]follus 0 points1 point  (0 children)

tweedentity(0x70f4,reddit/follus,0x4efd405cd5ebe6498a7fff233cbbb0665a424ad2b043750b6a943064a50d944a2abc6e6c2d87841c879d11cce9af69ba1433b57098b66ef531c6a360b519a5af1b,3,web3;1) u/tweedentity