Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/trpkit/trpkit
Building zero-knowledge end-to-end encrypted web tooling
https://github.com/trpkit/trpkit
cryptography end-to-end-encryption nextjs nodejs open-source react security typescript
Last synced: 29 days ago
JSON representation
Building zero-knowledge end-to-end encrypted web tooling
- Host: GitHub
- URL: https://github.com/trpkit/trpkit
- Owner: trpkit
- License: agpl-3.0
- Created: 2023-08-12T02:20:06.000Z (about 1 year ago)
- Default Branch: main
- Last Pushed: 2024-09-22T03:17:46.000Z (about 2 months ago)
- Last Synced: 2024-09-27T14:02:01.710Z (about 1 month ago)
- Topics: cryptography, end-to-end-encryption, nextjs, nodejs, open-source, react, security, typescript
- Language: TypeScript
- Homepage: https://trpkit.com
- Size: 2.69 MB
- Stars: 37
- Watchers: 1
- Forks: 2
- Open Issues: 6
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- Contributing: .github/CONTRIBUTING.md
- License: LICENSE
- Code of conduct: .github/CODE_OF_CONDUCT.md
- Codeowners: .github/CODEOWNERS
- Security: .github/SECURITY.md
Awesome Lists containing this project
README
The open-source web insights platform.## Table of Contents
- [Introduction](#introduction)
- [Analytics Script](#analytics-script)
- [End-to-End Encryption](#end-to-end-encryption)
- [Contributing](#contributing)
- [Prerequisites](#prerequisites)
- [Getting Started](#getting-started)
- [Community](#community)
- [License](#license)## Introduction
Trpkit provides comprehensive web analytics while prioritizing user privacy. It enables website owners to understand their traffic, user behavior, and other critical metrics without compromising the privacy of their users.
### Analytics Script
Trpkit's analytics script is cookie-free and completely anonymous. It respects DNT (Do Not Track) and [GPC (Global Privacy Control)](https://globalprivacycontrol.org/) signals by not sending any data besides acknowledging the visit. Users with Javascript disabled are treated the same as those with DNT and GPC signals, ensuring consistent privacy.
### End-to-End Encryption
End-to-end encryption (E2EE) in Trpkit ensures that data transmitted from the user's browser to our servers is encrypted and can only be decrypted by the website owner. Here's how it works:
1. **Account Registration:** When a website owner registers for an account, a master encryption key is derived from their password and other factors. This key is never stored on our servers.
2. **Keychain Creation:** A keychain is created and encrypted with the master key, which is then stored securely. Within this keychain, additional keys are generated.
3. **Site-Specific Key:** One of the keys from the keychain is a public/private key pair associated with the website.
4. **User Data Encryption:** When a user visits a website, the browser data we collect is encrypted on their end using the site-specific public key before being sent to our servers.
5. **Secure Storage:** The encrypted data is stored securely on our servers, associated with the website owner's account.
6. **Decryption by Website Owner:** Only the website owner, with access to their master key, can decrypt this data using the corresponding private key.## Contributing
For detailed contributing guidelines, refer to our [contributing guide](.github/CONTRIBUTING.md).
### Prerequisites
Before you begin, ensure you have the following installed:
- [MongoDB](https://www.mongodb.com)
- [Node.js](https://nodejs.org) (version 20.x or higher)
- [pnpm](https://pnpm.io)### Getting Started
1. Clone the repository: `git clone https://github.com/trpkit/trpkit.git`
2. Copy the example environment file and configure it: `cp .env.example .env`
3. Install the dependencies `pnpm i`
4. Start the applications `pnpm run dev`## Community
Join our community to stay updated and get involved:
* [Discord](https://discord.gg/trpkit)
* [GitHub Discussions](https://github.com/trpkit/trpkit/discussions)
* [X](https://x.com/trpkit)## License
Trpkit is an open source software licensed under the [AGPL 3.0 license](LICENSE).