
ZeroDB, an end-to-end encrypted database, is open source - mwilkison
http://blog.zerodb.io/zerodb-open-source-announcement/
======
lewisl9029
This is fascinating. Awesome work!

An encrypted server-side database with client-side decryption definitely seems
like a great building block for private, secure applications! However, my
ideal building block for the data-layer would take one step further: by only
storing data on the client, and be able to synchronize between separate
clients in a fully distributed manner.

This would open up the door to purely client-side applications with zero-
knowledge sync clients that can be _optionally_ hosted on servers to improve
availability without any compromises to privacy. It also has the potential to
offer better-than-centralized UX due to the fact that all data is available
locally, so there is no network roundtrip to be concerned with. A centralized
solution like ZeroDB definitely still has it's place though, especially in
applications that involve sharing and collaboration between multiple users,
and in applications where the size of each user's dataset is too large to be
managed fully locally.

My previous project, Toc Messenger [1], used a custom encryption layer over
remoteStorage [2] to achieve something close to this, but remoteStorage is not
a fully distributed protocol, and has to rely on the existence of a
centralized storage server to function. For my next project, I'm hoping to
experiment with something like Swarm [3] for the data layer instead, which
uses CRDTs for conflict resolution and supposedly supports direct P2P sync in
the upcoming 1.0 release [4].

[1] [http://toc.im/](http://toc.im/)

[2] [http://remotestorage.io/](http://remotestorage.io/)

[3] [https://github.com/gritzko/swarm](https://github.com/gritzko/swarm)

[4]
[http://swarmjs.github.io/articles/2of5/](http://swarmjs.github.io/articles/2of5/)

~~~
michwill
Oh wow, thanks for the links, will need to go through that!

We've seen gundb [[http://gun.js.org/](http://gun.js.org/)] keeping data
distributed between clients. Also, I'm even thinking if it is possible to run
ZeroDB on top of SpiderOak's Crypton (which is inspired by ZODB) :-)

------
swswsw
a very cool concept for doing a lot of projects where users need shared db.

------
ex3ndr
I wish i will have NaCL-sompatable encryption that can be used to easily
implement your own clients.

