As for storing the private key you could encrypt it with (a derivative of) the user’s password

And now every time a user forgets their password and does password recovery, they lose all their DMs.

E2EE chat is a difficult problem.

That’s a feature not a bug!
Actually, users should not be required to trust the browser storage or in-app key generation, but be enabled to enter their own pgp key.

Amju Wolf
link
fedilink
1
edit-2
1Y

I mean you could just store it encrypted in the database for the basics, and for advanced users allow them to back it up.

There are tons of ways to improve it, but there is definitely way more you can do without much inconvenience to the users. I doubt losing old DMs is a huge issue when you forget your password…

Create a post

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

  • 0 users online
  • 57 users / day
  • 383 users / week
  • 1.5K users / month
  • 5.7K users / 6 months
  • 1 subscriber
  • 2.97K Posts
  • 74.6K Comments
  • Modlog