https://github.com/authress-engineering/vanishing-keys

Vanishing Keys is the public implementation of how Authress provides One Time Secrets
https://github.com/authress-engineering/vanishing-keys

credentials one-time one-time-password one-time-secret secrets secrets-management secrets-manager

Last synced: about 1 month ago
JSON representation

Vanishing Keys is the public implementation of how Authress provides One Time Secrets

• Host: GitHub
• URL: https://github.com/authress-engineering/vanishing-keys
• Owner: Authress-Engineering
• License: apache-2.0
• Created: 2023-05-19T18:43:15.000Z (over 2 years ago)
• Default Branch: main
• Last Pushed: 2024-04-05T12:47:28.000Z (over 1 year ago)
• Last Synced: 2025-03-01T00:12:35.706Z (7 months ago)
• Topics: credentials, one-time, one-time-password, one-time-secret, secrets, secrets-management, secrets-manager
• Language: JavaScript
• Homepage: https://authress.io/app/#/ots
• Size: 148 KB
• Stars: 2
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          


  



# Authress Vanishing Keys

This is the public completely **open source** implementation of how Authress provides the Vanishing Keys service.

Authress Vanishing Keys is deployed to the [Authress Management Portal](https://authress.io) and is available for everyone to use for free.

To send a secret to someone, just click below.

Everything is open source, and **please validate that the passphrase and decrypted secret never leave your browser**.

## [Create a Secret](https://authress.io/app/#/vanish)

Click `Create a Secret` to immediately share a secret using the free community version of the Authress Vanishing Keys service.

[![Authress Vanish picture](./vanish.png)](https://authress.io/app/#/vanish)

## How it works

* Enter your secret at [Authress Vanishing Keys](https://authress.io/app/#/vanish)

* Vanish encrypts your secret on the UI side using a passphrase.

* The encrypted data is sent to Vanish service

* Share the generated link with the intended party

* They use the shared passphrase to decrypt the secret

## One time use

* Once the encrypted data is fetched it is immediately deleted from Authress Vanish. This prevent future Quantum attacks against your credentials.

* Since only the encrypted data is sent to Authress Vanish, no one running the service can decrypt the data even if they wanted to. At no point is the data available

![image](https://github.com/Authress/vanishing-keys/assets/5056218/eabe5a13-3e40-4741-9c4a-52cd548abf95)

## Components

Vanish is broken down into two parts:

* [UI](https://github.com/Authress/component-library.js) - from the Authress [UI Component Library](https://github.com/Authress/component-library.js). Authress hosts this Ui web component at [Authress Vanishing Keys](https://authress.io/app/#/vanish).

* [Vanish microservice](https://github.com/Authress/vanishing-keys) - The secure microservice which runs Vanish.