Welcome to Keybase. Keybase is a new and free security app for mobile phones and computers. For the geeks among us: it’s open source and powered by public-key cryptography.
Keybase is for anyone. Imagine a Slack for the whole world, except end-to-end encrypted across all your devices. Or a Team Dropbox where the server can’t leak your files or be hacked.
Keybase is a key directory that maps social media identities to encryption keys (including, but not limited to PGP keys) in a publicly auditable manner. Keybase offers an end-to-end encrypted chat and cloud storage system, called Keybase Chat and the Keybase filesystem respectively. Files placed in the public portion of the filesystem are served from a public endpoint, as well as locally from a filesystem mounted by the Keybase client.
Keybase supports publicly connecting Twitter, GitHub, Facebook, Reddit, and Hacker News identities to encryption keys, along with Bitcoin and Zcash wallet addresses. Keybase has supported Coinbase identities since initial public release, but ceased to do so on March 17, 2017 when Coinbase terminated public payment pages.
In 2019, Keybase added a Stellar wallet to support cryptocurrency payments.
Identity ProofsKeybase allows users to “prove” a link between certain online identities (such as a Twitter or Reddit account) and their encryption keys. Instead of using a system such as OAuth, identities are proven by posting a signed statement as the account a user wishes to prove ownership of. This makes identity proofs publicly verifiable – instead of having to trust that the service is being truthful, a user can find and check the relevant proof statements themselves, and the Keybase client does this automatically.
AppIn addition to the web interface, Keybase offers a client application for Windows, Mac, Android, iOS, and most desktop Linux distributions, written in Go with an Electron front end. The app offers additional features to the website, such as the end-to-end encrypted chat, teams feature, and the ability to add files to and access private files in their personal and team Keybase filesystem storage. Each device running the client app is authorized by a signature made either by another device or the user’s PGP key. Each device is also given a per-device NaCl key to perform cryptographic operations.
If the recipient (the online alias owner) has an account on Keybase, they will seamlessly receive the message. If the recipient doesn’t have a Keybase account, and later signs up and proves the link between the online account and their devices, the sender’s device will rekey the message for the recipient based on the public proof they posted, allowing them to read the message. Since the Keybase app checks the proof, it avoids trust on first use.
Public files are stored in /public/username, and are publicly visible. All files in the public filesystem are automatically signed by the client. Only the user who the folder is named after can edit its contents, however, a folder may be named after a list of comma-separated users (e.g. a folder /public/foo,bar,three would be editable by the users foo, bar, and three).
Public files can be accessed by any user. Single user folders are displayed at keybase.pub and are also accessible by opening the directory in the mounted version of the filesystem. Multi user folders (such as /public/foo,bar,three) are only accessible through the mounted version of the system.
Private files are stored in /private/username, and are only visible to username. Private folders, like public folders, can be named after more than one user (e.g. a folder /private/foo,bar,three would be readable and editable by the users foo, bar, and three). Private files can also be read only for users after “#” (e.g. a folder /private/writer1,writer2,#reader1,reader2 would be readable and editable by the users writer1 and writer2 but only readable for reader1 and reader2). Unlike public files, all private files are both encrypted and signed before being uploaded, making them end-to-end encrypted.
Teams are largely administrated by adding signatures to a chain. Each signature can add, remove, or change the membership of a user in a team, as well as when changes are made to subteams.
Each chain starts with a signature made by the team owner, with subsequent actions signed on by team admins or users. This ensures that every action is made by an authorized user, and that actions can be verified by anyone in possession of the public key used.
What do you do?
- A free, happy solution, Starting today in the Keybase app, you’ll see a new Git tab. From there, you can make hosted repositories. Just type a name and you’re good to go. From zero to clone, it’s less than 60 seconds.
- Actually private
- Underneath the hood
- Authenticity, Everything is signed.
- It works with GitHub Desktop. Prefer a Git visual interface? No problem.
- You can have as many repositories as you want, but the total for your personal repositories can’t exceed 100GB. Each team also gets 100GB.
Well, there’s no website interface. No pull requests, no wiki, no issue tracking. It’s git, pure and simple. But it’s actually encrypted and super easy to use.
For more information please read https://keybase.io/