It runs entirely in the browser, using the Web Crypto API. For key management, I store the user's private keys in the browser's password manager, and friend keys in IndexedDB, backed up to the user's host in a client-side encrypted blob.
> When someone adds a friend, how do you grant that new friend access to their older friends-only posts? How do you revoke that access, and access to any future posts, when they unfriend someone?
My project publishes an encrypted post as one file, then 1 keyfile for each of your friends to unlock that post. When you unfriend someone, you can just delete all their keyfiles and cease generating them for future posts.
It runs entirely in the browser, using the Web Crypto API. For key management, I store the user's private keys in the browser's password manager, and friend keys in IndexedDB, backed up to the user's host in a client-side encrypted blob.
> When someone adds a friend, how do you grant that new friend access to their older friends-only posts? How do you revoke that access, and access to any future posts, when they unfriend someone?
My project publishes an encrypted post as one file, then 1 keyfile for each of your friends to unlock that post. When you unfriend someone, you can just delete all their keyfiles and cease generating them for future posts.