Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/matrixai/polykey
Polykey Core Library
https://github.com/matrixai/polykey
authentication authorization decentralized end-to-end-encryption keymanager local-first p2p pgp secrets share-secrets tls vaults zero-trust
Last synced: 6 days ago
JSON representation
Polykey Core Library
- Host: GitHub
- URL: https://github.com/matrixai/polykey
- Owner: MatrixAI
- License: gpl-3.0
- Created: 2018-06-05T10:40:30.000Z (over 6 years ago)
- Default Branch: staging
- Last Pushed: 2024-10-15T02:11:39.000Z (2 months ago)
- Last Synced: 2024-10-15T05:03:42.410Z (2 months ago)
- Topics: authentication, authorization, decentralized, end-to-end-encryption, keymanager, local-first, p2p, pgp, secrets, share-secrets, tls, vaults, zero-trust
- Language: TypeScript
- Homepage: https://polykey.com
- Size: 19.2 MB
- Stars: 30
- Watchers: 8
- Forks: 4
- Open Issues: 85
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
## What is Polykey?
**Polykey is an open-source, peer-to-peer system** that addresses the critical challenge in cybersecurity: **the secure sharing and delegation of authority**, in the form of secrets like keys, tokens, certificates, and passwords.
It allows users including developers, organizations, and machines—to **store these secrets in encrypted vaults on their own devices, and share them directly with trusted parties.**
* **All data is end-to-end encrypted**, both in transit and at rest, eliminating the risk associated with third-party storage.
* **Polykey provides a command line interface**, desktop and mobile GUI, and a web-based control plane for organizational management.
* By treating secrets as tokenized authority, it offers a fresh approach to **managing and delegating authority in zero-trust architectures** without adding burdensome policy complexity - a pervasive issue in existing zero-trust systems.
* Unlike complex self-hosted secrets management systems that require specialized skills and infrastructure, Polykey is **installed and running directly from the end-user device**.
* It is built to **automatically navigate network complexities** like NAT traversal, connecting securely to other nodes without manual configuration.**Key features:**
* **Decentralized Encrypted Storage** - No storage of secrets on third parties, secrets are stored on your device and synchronised point-to-point between Polykey nodes.
* **Secure Peer-to-Peer Communication** - Polykey bootstraps TLS keys by federating trusted social identities (e.g. GitHub).
* **Secure Computational Workflows** - Share static secrets (passwords, keys, tokens and certificates) with people, between teams, and across machine infrastructure. Create dynamic (short-lived) smart-tokens with embedded policy for more sophisticated zero-trust authority verification.
* With Polykey Enterprise, you can create private networks of Polykey nodes and apply mandatory policy governing node behaviour.## Table of Contents
* [Installation](#installation)
* [Development](#development)
* [Docs Generation](#docs-generation)
* [Publishing](#publishing)
* [License](#license)## Installation
### NPM
```sh
npm install --save polykey
```## Development
Run `nix develop`, and once you're inside, you can use:
```sh
# install (or reinstall packages from package.json)
npm install
# build the dist
npm run build
# run the repl (this allows you to import from ./src)
npm run ts-node
# run the tests
npm run test
# lint the source code
npm run lint
# automatically fix the source
npm run lintfix
```### Docs Generation
```sh
npm run docs
```See the docs at: https://matrixai.github.io/Polykey/
### Publishing
```sh
# npm login
npm version patch # major/minor/patch
npm run build
npm publish --access public
git push
git push --tags
```## License
Polykey is licensed under the GPLv3, you may read the terms of the license [here](LICENSE).