{"id":21531939,"url":"https://github.com/matrixai/polykey-desktop","last_synced_at":"2025-04-10T00:30:23.813Z","repository":{"id":37184567,"uuid":"91441157","full_name":"MatrixAI/Polykey-Desktop","owner":"MatrixAI","description":"Polykey Desktop - Open Source Decentralized Secret Sharing System for Zero Trust Workflows","archived":false,"fork":false,"pushed_at":"2023-05-05T05:44:25.000Z","size":7117,"stargazers_count":12,"open_issues_count":20,"forks_count":7,"subscribers_count":8,"default_branch":"staging","last_synced_at":"2025-03-24T02:12:31.976Z","etag":null,"topics":["gpg","key-management","keybase","keyserver","password-generator","password-manager","pubkey","secret-keys"],"latest_commit_sha":null,"homepage":"https://polykey.com","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/MatrixAI.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-05-16T09:35:18.000Z","updated_at":"2025-01-25T16:48:35.000Z","dependencies_parsed_at":"2023-01-24T11:45:48.080Z","dependency_job_id":null,"html_url":"https://github.com/MatrixAI/Polykey-Desktop","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MatrixAI%2FPolykey-Desktop","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MatrixAI%2FPolykey-Desktop/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MatrixAI%2FPolykey-Desktop/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MatrixAI%2FPolykey-Desktop/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/MatrixAI","download_url":"https://codeload.github.com/MatrixAI/Polykey-Desktop/tar.gz/refs/heads/staging","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248134725,"owners_count":21053517,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["gpg","key-management","keybase","keyserver","password-generator","password-manager","pubkey","secret-keys"],"created_at":"2024-11-24T02:18:13.049Z","updated_at":"2025-04-10T00:30:23.787Z","avatar_url":"https://github.com/MatrixAI.png","language":"TypeScript","readme":"# Polykey\n\n[![pipeline status](https://gitlab.com/MatrixAI/open-source/Polykey-Desktop/badges/master/pipeline.svg)](https://gitlab.com/MatrixAI/open-source/Polykey-Desktop/commits/master)\n\nPolykey is a distributed secret sharing system. It helps you manage your\nsecrets, passwords, API keys and more. It is designed for both managing\npersonal secrets and infrastructural secrets. This means it can be used\ninteractively, or in automated fashion. Unlike hosted password managers,\nit is \"self-hosted\", you keep your own secrets. However it is not an\n\"online\" service, so it needs very little maintenance.\n\nIt is distributed and decentralised, and secrets are shared between\nPolykey nodes. As a user, you can create multiple nodes for each of your\ncomputing platforms, and backups are simply another Polykey node.\n\nPolykey integrates Git, GnuPG, and Keybase.\n\nIt is written in JavaScript and intended to work cross-platform: Linux,\nMac, Windows, Android, iOS. It does not necessarily run in the browser.\n\nThe design of Polykey is still under flux. Below is currently the\nproposal.\n\nA Polykey node is just an encrypted tar archive. It is just state, not\ncode. One can launch a Polykey application targetting a specific node.\nThis node needs to be accessible, it can just be a local file path.\n\nThe encrypted tar archive represents a sort of virtual directory of\nsecrets. It is an indexed tar archive to allow random access.\n\nSecrets are organised in flat repositories instead of a hierarchy. In order\nto organise secrets, secrets are grouped into tags. This means it is\na sort of tag based filesystem. This is achieved through the use of\nhardlinks.\n\nA Polykey node is never decrypted on-disk, it always remains encrypted\non disk. It is only decrypted in-memory. This means we unpack the\narchive into an in-memory filesystem. This enables us to maintain\nportability between different platform behaviours with regards to\nfilesystem features such as support for hardlinks.\n\nAn important feature of Polykey is the ability to share secrets in a\ndistributed peer-to-peer style. Our foundation is to start with\na Git based synchronisation system. Secrets are managed as git\ndirectories, which maintains version history of secrets as they\nare updated. It is possible to then push to nodes that you control.\nBut for nodes that you don't control, you can allow other nodes to\npull your secret repositories\n\nSharing secrets is done through public \u0026 private key cryptography.\nIn order to share keys with another node, you need to know their\npublic key. For initial key discovery we rely on on keybase for\nsocial proof and as an alternative to public key servers.\n\nEach secret repository has its own version history. This means a\nsecret repository may contain multiple secrets. Each secret repository\nis shared as a unit. It is probably recommended to keep a secret\nrepository for each secret.\n\nWhy would you share secrets? Beyond the basic issue of having a shared\nAPI keys among several agents, or a shared password between users.\nThis also allows a basic form of capability based security. Where you\ncan create hierarchal networks of Polykey nodes, and subdivide secrets\ninto smaller Polykey nodes.\n\nThe result is that secrets are encrypted at rest, secrets are encrypted\nat transmission, and they can be shared between users and infrastructure.\nThere's no need for a network unless you are sharing secrets. And you can\nrun a Polykey node out of a USB stick.\n\nAll of other bells and whistles of modern password managers can then be\nbuilt on top of this secure platform.\n\n---\n\nCurrent status:\n\n* js-resource-counter - https://github.com/MatrixAI/js-resource-counter\n* js-permaproxy - https://github.com/MatrixAI/js-permaproxy\n* js-virtualfs - https://github.com/MatrixAI/js-virtualfs\n* js-reference-pointer - https://github.com/MatrixAI/js-reference-pointer\n* js-object-tagger - https://github.com/MatrixAI/js-object-tagger\n* js-array-fixed - https://github.com/MatrixAI/js-array-fixed\n* js-tree-order-index - https://github.com/MatrixAI/js-tree-order-index\n* js-virtualgit - https://github.com/MatrixAI/js-virtualgit\n\nThe last 2 are still being developed.\n\n\n### Development\n1. `npm install`\n2. `npm run dev:build`\n3. `npm run electron`\n\nYou can do `npm run watch`, but because of the issue to do with oauth2orize, you will have to run `npm run mock_for_oauth2orize` which just creates the required directory in the dist, before you can run `electron .`.\n\n**Other Instructions**:\n```\n# install (or reinstall packages from package.json)\nnpm install\n# build the development dist and watch for file changes\nnpm run watch\n# build the production dist\nnpm run build\n# run the tests\nnpm run test\n# lint the source code\nnpm run lint\n# automatically fix the source\nnpm run lintfix\n```\n\n#### Linking local code for testing.\nFor temporary scaffolding of working with client-refactoring branch of js-polykey use this technique:\nnpm install --save-dev ../js-polykey\nThis will create a symlink inside the node_modules pointing to js-polykey project.\nThis allows us to do things like:\n```ts\nimport GRPCClient from '@matrixai/polykey/src/grpc/GRPCClient';\n\nasync function main () {\n  console.log(GRPCClient);\n}\n\nmain();\n```\n\nNotice that I'm importing from the @matrixai/polykey/src/ and not from dist nor are we just doing @matrixai/polykey directly.\nThis is because the dist build might not be working inside js-polykey branch, and we just want to test out source code quickly.\nThen afterwards just use:\n`npm run ts-node -- ./test.ts`\nAssuming that was put into ./test.ts.\n\n#### Other development notes.\n##### Level down conflict.\nThe module `level` used in js-polykey conflicts with how webpack builds things.\nYou need to make sure the webpack config contains\n```js\n  node: { // When in devmode, webpack needs to get it from node_modules\n    __dirname: true,\n    __filename: true,\n  }\n```\n\n##### Source map warnings on node_modules\nSome modules may be missing source mappings and this will clutter the compile output with warnings.\nWe can filter out the warnings by adding the following options to the `webpack.config.js`\n```js\ntest: /\\.js$/,\nloader: \"source-map-loader\",\noptions: { //Added to filter out source map warnings for node modules.\n  filterSourceMappingUrl: (url, resourcePath) =\u003e {\n    return !/.*\\/node_modules\\/.*/.test(resourcePath);\n  }\n}\n```\n\n### Building the releases:\n```\nnix-build ./release.nix --attr application\nnix-build ./release.nix --attr docker # untested\n# packages for distribution\nnix-build ./release.nix --attr package.linux.x64.deb\nnix-build ./release.nix --attr package.linux.x64.rpm\nnix-build ./release.nix --attr package.windows.x64.exe\nnix-build ./release.nix --attr package.darwin.x64.zip\n```\n\n**Install into Nix user profile**:\n```\nnix-env -f ./release.nix --install --attr application\n```\n\n\n\n### Building - old\n1. npm run mock_for_oauth2orize\n2. Then create temp files under copy grant and lib.\n3. npm run dev:webpack:watch\n4. npx tsc -p tsconfig-electron.json\n5. npm run make:mac\n6. electron-packager ./dist Polykey --out=out/win --platform=win32 --arch=x64 --icon=icons/icons/win/icon.ico\n\n\n### Tests\nWe are using Jest for the testing.\nThere were a few changes that were made to get jest working with Polukey.\n\n#### Testing vue.\nFor general Vue testing we need the `@vue/test-utils` package.\n```js\n//package.json\n\"devDependencies\": {\n  \"@vue/test-utils\": \"^2.0.0-beta.14\",\n}\n```\nIn testing we can use this to mount components and test them via.\n```ts\nimport { mount } from '@vue/test-utils';\nimport Antd from 'ant-design-vue';\nimport DefaultButton from '@/renderer/atoms/button/DefaultButton.vue'\n\ndescribe('DefaultButton component', () =\u003e {\n  const wrapper = mount(DefaultButton, {  //Mounts the component\n    global: {\n      plugins: [Antd],\n    },\n    props: {},\n  });\n  test('Exists.', async () =\u003e {\n    expect(wrapper.exists()).toBe(true); //We can use the wrapper to interact with the component.\n    // clicking elements\n    await wrapper.trigger('click') //Clicking\n    // we can get elements to trigger with\n    const button = wrapper.get('data-test=button-to-test');\n    await button.trigger('click');\n    // but for this the button needs the attribute data-test=\"button-to-test\"\n    //I will provide a better example. soon.\n  });\n});\n```\n\n#### Issues\nIssues and their fixes as follows.\n\n##### importing Ant-design-vue\nTo avoid warnings when using ant-design-vue the following changes were made to the jest.config.js\n```js\n//The lines were added.\nconst transformIgnorePatterns = [\n  '/dist/',\n  // Ignore modules without es dir.\n  // Update: @babel/runtime should also be transformed\n  // 'node_modules/(?!.*(@babel|lodash-es))',\n  'node_modules/(?!@ant-design/icons-vue|@ant-design/icons-svg|lodash-es)/',\n];\nmodule.exports = {\n  //...\n  transformIgnorePatterns,\n}\n```\n\n##### Tansforms for babel and SVG\nWe needed to add a transform for .js files, so `babel-jest` was added.\nIn the package.json file\n```js\n//package.json\n\"devDependencies\": {\n    //...\n    //for babel\n    \"@babel/preset-env\": \"^7.13.10\",\n    \"babel-jest\": \"^26.6.3\",\n    //...\n    //For SVG and other imports\n    \"jest-transform-stub\": \"^2.0.0\",\n}\n```\nAdded a babel.config.js file\n```js\n//babel.config.js\nmodule.exports = {\n  presets: ['@babel/preset-env'],\n};\n```\nAdded a line to jest.config.js\n```js\n//jest.config.js\nmodule.exports = {\n  transform: {\n    '^.+\\\\.jsx?$': 'babel-jest',        //For babel.\n    \"^.+\\\\.svg$\": \"jest-transform-stub\" //For stubbing svg\n  }\n}\n```\n\n\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmatrixai%2Fpolykey-desktop","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmatrixai%2Fpolykey-desktop","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmatrixai%2Fpolykey-desktop/lists"}