Skip to content

ml4den/gonenote

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Gone Note

Intro

Send encrypted self-destructing notes securely.

Architecture

  • Frontend - fully static HTML deployed from this repo to Cloudflare Pages.
  • Backend - powered by a Cloudflare Workers - a global serverless runtime. The worker source is in ./worker.
  • Storage - Encrypted notes are stored on Cloudflare Workers KV, a global, low-latency, key-value data store.

How it works

  1. A note is encrypted with a key that is generated locally in the browser.
  2. The encrypted note value is sent to a Cloudflare worker that saves it in KV.
  3. The worker returns an ID which can be used to get the note.
  4. The browser generates a link containing the note ID and the key.
  5. When a note is read using the link, the worker is contacted with the note ID. The key is never sent.
  6. The browser uses the key from the link to decrypt the note value received by the worker.
  7. The encrypted note is deleted from KV when its view count is exceeded, or when it expires.

Security

  • Zero knowledge - the key is never sent to the backend.
  • Keys are generated securely by CryptoJS.
  • Notes are encrypted by CryptoJS using AES.
  • The CryptoJS library is verified using Subresource Integrity.
  • Note links are protected by HTTPS.

To do

  • The code needs to be refactored and made more readable to make it easier to verify the trustworthiness of the service, or raise issues.
  • Branding and SEO/Open Graph improvements are needed.

About

Send encrypted self-destructing notes securely.

Topics

Resources

Stars

Watchers

Forks