This project is in development and has not been audited. Don't use for anything important yet.
Or the command line only.
Key management is hard.
keys.pub is a go library, desktop app, command line utility and REST API that manages cryptographic keys, sigchains and user identities. It integrates with other frameworks to provide signing and encryption, such as Saltpack or Noise Protocol.
> keys pull gabriel@github kex1mnseg28xu6g3j4wur7hqwk8ag3fu3pmr2t5lync26xmgff0dtryqupf80c > echo "hi 🤓" | keys encrypt -recipient gabriel@github -armor -stdin -stdout BEGIN SALTPACK ENCRYPTED MESSAGE. kcJn5brvybfNjz6 D5ll2Nk0Z2co0as ...
The above example pulls the public key for the Github user gabriel, verifies it and creates an encrypted message.
The default key is a Ed25519/X25519 key capable of signing and encryption. This key can also be used to create a sigchain (an ordered sequence of signed statements). You can link a key to an identity (on Github, Twitter, Reddit, etc), by publishing a signed statement to this sigchain.
The Saltpack format is used for signing and encryption, providing authenticity, repudability and anonymity.
Your keys are protected by a keyring which is secured by both the OS and a user supplied password (similar to a password manager).
keysd daemon runs as a gRPC service on your computer.
Using the desktop app to encrypt a message for the Github user gabriel.
- Keybase: This project borrows many ideas from Keybase, including sigchains and user (proofs), and uses Saltpack and keybase/go-keychain and other packages. However, this project only links a single key to a user.
- Age: We also use Bech32 as a key identifiers, and convert Ed25519 keys to X25519.
# Coming soon
- Other key types like age?
- Better documentation
- More services (Facebook, Website)
- Import SSH ed25519 keys
- Wormhole through relays (syncthing)
- Syncthing integration