/deadrop

e2e encrypted secret sharing

Primary LanguageTypeScriptGNU General Public License v3.0GPL-3.0

deadrop

Playwright Tests CLI Build

deadrop is an e2e encrypted secret sharing platform that leverages the Web Crypto API.

How it Works

Utilizing public key infrastructure patterns, deadrop uses AES (with GCM) and Eliptical Curve (ECDH) cryptographic methods to generate keys and obfuscate payloads then SHA-256 is used after handoff for verifying data integrity. All keys are exchanged through peer-to-peer connections over WebRTC allowing all key and payload communications to remain solely between the two peers ("dropper" and "grabber") and are not logged or tracked by any server-side functionality. An opaque drop ID, the dropper's peer ID, and a nonce for the drop session are stored in a redis instance. The dropper's peer ID and nonce are then retrieved for the grabber by sending GET request to the /api/drop endpoint.

deadrop diagram

Features

  • raw text secret sharing
  • JSON string secret sharing
  • secret file sharing
  • basic captcha protection via hcaptcha
  • CLI implementation (in-progress)
    • text
    • files
  • multi-user sharing
  • drop passcode protection

Using the Web Application

To use the web application, visit https://deadrop.io. It is a PWA so you can also save it to your home screen on your mobile devices.

Using the CLI

If you want to drop or grab a secret using the CLI implementation, you can install it by running:

npm install deadrop
npm run deadrop ...

Or if you want to run it without installing it within your project:

npx deadrop ...