{"id":13726807,"url":"https://github.com/parksb/darim","last_synced_at":"2026-03-02T06:13:12.744Z","repository":{"id":44733230,"uuid":"255767520","full_name":"parksb/darim","owner":"parksb","description":"A private journal application that supports client-side encryption","archived":false,"fork":false,"pushed_at":"2024-05-07T06:37:18.000Z","size":3553,"stargazers_count":50,"open_issues_count":0,"forks_count":7,"subscribers_count":4,"default_branch":"master","last_synced_at":"2024-11-14T17:47:29.704Z","etag":null,"topics":["calendar","client-side-encryption","diary","markdown","note","personal-journal","security"],"latest_commit_sha":null,"homepage":"https://darim.harooo.com","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/parksb.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-04-15T01:06:37.000Z","updated_at":"2024-05-07T06:37:22.000Z","dependencies_parsed_at":"2024-08-03T01:29:22.203Z","dependency_job_id":"372c4753-3e30-4260-baec-0b0b0905fe95","html_url":"https://github.com/parksb/darim","commit_stats":null,"previous_names":[],"tags_count":57,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/parksb%2Fdarim","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/parksb%2Fdarim/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/parksb%2Fdarim/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/parksb%2Fdarim/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/parksb","download_url":"https://codeload.github.com/parksb/darim/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252965082,"owners_count":21832819,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["calendar","client-side-encryption","diary","markdown","note","personal-journal","security"],"created_at":"2024-08-03T01:03:23.797Z","updated_at":"2025-05-07T22:30:34.189Z","avatar_url":"https://github.com/parksb.png","language":"Rust","funding_links":[],"categories":["Rust"],"sub_categories":[],"readme":"# 🏕 Darim\n\n[![Client CI](https://github.com/ParkSB/darim/workflows/Client%20CI/badge.svg)](https://github.com/ParkSB/darim/actions?query=workflow%3A%22Client+CI%22)\n[![API Gateway CI](https://github.com/parksb/darim/workflows/API%20Gateway%20CI/badge.svg)](https://github.com/parksb/darim/actions?query=workflow%3A%22API+Gateway+CI%22)\n[![Server CI](https://github.com/ParkSB/darim/workflows/Server%20CI/badge.svg)](https://github.com/ParkSB/darim/actions?query=workflow%3A%22Server+CI%22)\n\n* Darim: Diary Improved\n* Darim is a personal diary service that supports encryption, calendar view, and markdown syntax.\n* You can keep your diary a secret even from the developer through client-side encryption.\n\n![Preview](./client/src/pages/landing/images/thumb-without-text.svg)\n\n## Architecture\n\n* Darim is following the layered architecture.\n* Each layer cannot be cross-referenced. All references between layers can flow in a higher direction. In other words, only the upper layer can invoke the lower layer members.\n\n![main transaction flow](https://user-images.githubusercontent.com/6410412/107845706-f5655600-6e20-11eb-84c6-e1be521c9fb4.png)\n\n### [Client](client)\n\n* `index.html` - An entry point of the application. It is built by parcel.\n* Pages - Pages represented by URL. Each page can use general components, API fetchers, and models.\n* Components - Reusable components used on multiple pages.\n\n### [API Gateway](api-gateway) \u0026 [Server](server)\n\n* `main.rs` - An entry point of the application. It runs a http server.\n* Routes - A presentation layer that makes API public and passes request/response data to other layers.\n* Services - A business layer that processes the transaction.\n* Models - A data layer that can access the database and define data structures.\n\n## Client-side Encryption\n\nDarim supports client-side encryption to protect the user's secrect from others including server.\n\n### Key generation\n\n```mermaid\n%%{init: {'theme': 'neutral'}}%%\nsequenceDiagram\n    Note over client: generates\u003cbr\u003esecret and public\n    Note over client: encrypts secret\u003cbr\u003eusing public\n    client -\u003e\u003e local storage: set(encrypted_secret)\n    client -\u003e\u003e server: POST /public_key { public }\n    server -\u003e\u003e rdb: INSERT public\n    rdb --\u003e\u003e server: [OK 200]\n    server --\u003e\u003e client: [OK 200]\n```\n\n1. When a user finishes the sign-up process, a secret key and public key are generated on the client-side.\n1. The client encrypts the secret key using the public key and saves the encrypted secret key to local storage.\n1. The public key is sent to the server, and the server stores it.\n\n### Read \u0026 Write\n\n```mermaid\n%%{init: {'theme': 'neutral'}}%%\nsequenceDiagram\n    Note over client: creates a new post\n    client -\u003e\u003e local storage: get(encrypted_secret)\n    local storage --\u003e\u003e client: encrypted_secret\n    client -\u003e\u003e server: GET /public_key\n    server -\u003e\u003e rdb: SELECT public\n    rdb --\u003e\u003e server: [OK 200] { public }\n    server --\u003e\u003e client: [OK 200] { public }\n    Note over client: decrypts\u003cbr\u003eencrypted_secret\u003cbr\u003eusing public\n    Note over client: encrypts the post\u003cbr\u003eusing secret\n    client -\u003e\u003e server: POST /post { encrypted_post }\n    server -\u003e\u003e rdb: INSERT encrypted_post\n    rdb --\u003e\u003e server: [OK 200]\n    server --\u003e\u003e client: [OK 200]\n```\n\n1. After a user creates a new plaintext post, the client requests the public key to the server.\n1. The client decrypts the encrypted secret key in the local storage using the public key from the server.\n1. The plaintext post is encrypted by the secret key decrypted by the public key.\n1. The encrypted post is sent to the server, and the server stores it.\n\n\u003e * At this point, the server can only know encrypted post.\n\u003e * If the client reads a post, the flow is the same until the client requests to create a post to the server.\n\n## License\n\nThis project is distributed under the AGPL-3.0 License - see the [LICENSE](LICENSE) file for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fparksb%2Fdarim","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fparksb%2Fdarim","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fparksb%2Fdarim/lists"}