Skip to content
/ rayven Public
forked from benjreinhart/rayven

Private and secure data sharing application

1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

whatrocks/rayven

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
assets
assets
 
 
config
config
 
 
lib
lib
 
 
priv
priv
 
 
test
test
 
 
.formatter.exs
.formatter.exs
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
mix.exs
mix.exs
 
 
mix.lock
mix.lock
 
 

Repository files navigation

Rayven

Private and secure data sharing application.

Who is this for

Rayven is primarily intended for companies that want to give their employees a private and secure way to share sensitive information. However, it is available for anyone to use for any purpose.

Why Rayven?

There are a number of ways to share some data online. Email, Slack, Dropbox, Google Drive, etc. However, most of the ways people share online are not private or secure. Most products are able to see the data people upload and the data often lingers around for a long time, potentially forever.

Sensitive values, like passwords, private keys, SSNs, photos of driver licenses, etc., should be kept secret between the sender and the recipient only. End-to-end encryption is a tool that can help keep data private and secure, available only to the sender and recipient.

There are a couple of products out there that use end-to-end encryption for exactly this purpose. But the ones I know about are not open source and are therefore hard or impossible to fully audit.

Rayven intends to be a fully open source alternative to something like Doppler Share or Wormhole. Its goals are:

  • Support private and secure data sharing via end-to-end encryption.
  • Open source the application so anyone can use it and so that it can be thoroughly audited.
  • Support for both small text blobs and large files.
  • (Potentially) support for encrypting data under someone elses' public key (e.g., a bitcoin or ethereum address).
  • And more

Screenshots

⚠️ User interface is a work in progress.

User wants to share a secret value with someone, like an API secret key.

User enters a secret in the form

After creating the link, the user can copy the share link and share it with whomever.

User copies share link

When someone receives a share link, they can view it.

User confirms they'd like to view secret

User views secret

How it works

  1. Rayven allows users to enter something they'd like to securely share.
  2. It is encrypted on the client and the encrypted result is sent to the server along with some values (max views, expiration date) that configure when this data is no longer valid and should be deleted.
  3. User receives a share link that contains the encryption key in the URL's hash (NOTE: the key is never sent to the server).
  4. User can share out the link to whomever.
  5. Visiting the link will download the encrypted data IFF the user proves ownership of encryption key (from URL hash). If so, data is decrypted on the client and revealed to the user.

For specific details on the cryptography, please see the crypto README and code.

Deployment instructions

Coming soon.

Credits

Thanks to Doppler Share and Wormhole for inspiration.

Development

To start your Phoenix server:

  • Install dependencies with mix deps.get
  • Create and migrate your database with mix ecto.setup
  • Start Phoenix endpoint with mix phx.server or inside IEx with iex -S mix phx.server

Now you can visit localhost:4000 from your browser.

Tests

mix test
mix test path/to/test/folder/or/file.exs

About

Private and secure data sharing application

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Elixir 76.5%
  • TypeScript 12.1%
  • HTML 8.5%
  • JavaScript 2.8%
  • CSS 0.1%