Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/httpjamesm/horizon-send

End-to-end encrypted file sharing.
https://github.com/httpjamesm/horizon-send

anonymous encryption file-sharing privacy xchacha20 xchacha20-poly1305

Last synced: 3 months ago
JSON representation

End-to-end encrypted file sharing.

Host: GitHub
URL: https://github.com/httpjamesm/horizon-send
Owner: httpjamesm
License: mpl-2.0
Created: 2022-12-19T22:10:00.000Z (about 2 years ago)
Default Branch: main
Last Pushed: 2023-10-30T00:15:16.000Z (over 1 year ago)
Last Synced: 2023-10-31T00:33:25.633Z (over 1 year ago)
Topics: anonymous, encryption, file-sharing, privacy, xchacha20, xchacha20-poly1305
Language: Svelte
Homepage: https://send.hrzn.cool
Size: 1.86 MB
Stars: 14
Watchers: 2
Forks: 2
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# horizon-send

Horizon Send is a secure file sharing service that uses zero-knowledge end-to-end encryption to protect your files.

## Encryption

Horizon Send uses `libsodium-wrappers` to encrypt files and associated metadata with AEAD XChaCha20-Poly1305 secret stream.

### Flow

1. Bob selects a file in the menu.
2. Client grabs all the data about the file, such as contents, file name and mime-type.
3. Client generates a random XChaCha20 secret stream key.
4. Client hashes key with Argon2id13 with a cryptographically random salt.
5. Client encrypts file data and metadata with the key.
6. Client uploads the encrypted file and metadata to the server with the Argon2id13 hashed key for server-side validation.
7. Client converts the key and salt to base64 and appends it to the download endpoint via URL fragment (which the browser does not send to the server).
8. Bob copies the URL and sends it to Alice.
9. Alice visits the URL and clicks "Download".
10. Client grabs the key and salt from the URL fragment.
11. Client hashes the key with Argon2id13 with the salt.
12. Client requests the encrypted file and metadata from the server by passing along the hashed key.
13. Client decrypts the file and metadata with the key.
14. Client saves the file to disk.

## Development

Once you've created a project and installed dependencies with `npm install` (or `pnpm install` or `yarn`), start a development server:

```bash
npm run dev

# or start the server and open the app in a new browser tab
npm run dev -- --open
```

### Building

To create a production version of your app:

```bash
npm run build
```

You can preview the production build with `npm run preview`.

> To deploy your app, you may need to install an [adapter](https://kit.svelte.dev/docs/adapters) for your target environment.