
Keys.pub – Manage cryptographic keys and user identities - qertoip
https://keys.pub/
======
Sidnicious
This loses something important about Keybase sigchains: on Keybase, a sigchain
represents an identity and _not_ a single key, which makes it possible to add
separate keys for different devices and to seamlessly replace and revoke keys
over time. (Non-key-specific sigchains let the Keybase client do interesting
things like automatically re-encrypting shared data when someone revokes an
old key.)

Tying sigchains to keys seems limiting, and I'm curious if there's a reason
for it. Otherwise, I like this a bunch.

~~~
rakoo
Indeed, in a perfect UX you'd never manipulate keys, always identities; that
gives keys less importance and allow them to be rotated in a period that's
closer to 10 weeks than 10 years. Also, exchanges are done with identities,
not keys.

------
Legogris
I, for one, am happy Keybase user, excited about their new features and can
see it already becoming a much better (but not ideal) alternative to Signal
for private IM (proper encryption, every device is first-class, usable CLI, no
phone-number bullshit, good team chats, etc).

But I do see that the same reason I am optimistic is the same reason many
users are disappointed and they're right - Keybase seems to have pivoted and
they are headed in a completely different direction than they were when we
joined.

Keys.pub looks to fulfill precisely the promise of "what Keybase was supposed
to be". And crucially, I think; looks to be fully open source (server-side
included, no sketchy opaque metadata spider-web by a US corporate).

I do see these two projects as fully complementary.

It would be interesting if this could, optionally, import pubkeys from Keybase
as well. I think these could be complementary.

~~~
0xEFF
Keybase jumped the shark with their crypto coin offering.

~~~
everfree
I keep hearing people say this, but I don't understand it. It was a fun little
giveaway experiment funded by someone else, in the spirit of the company's
focus on cryptography.

I don't visit the cryptocurrency tab anymore, and it's not like it gets in the
way or anything.

~~~
yarrel
It was a trainwreck that damaged the project's reputation and harmed its
users.

If you know crypto, it had several problems. There are worse coins to airdrop
on your users but not many. The user experience resembled that used by
scammers on Telegram and the project's overall behaviour looked like a de-
anonymization attack (I mean that seems to be Keybase's business model but
this looked _exactly_ like one). All of this led to crypto chats on Keybase
being targeted by social engineering attacks, and Keybase's famously bad
moderation tools made that much harder to deal with than it could have been.

If you don't know crypto it made Keybase look like a crazy crypto project,
which isn't an easy sell.

In either case you could be forgiven for wondering when Keybase got their
money transmitter license.

So this did get in the way, and the sooner Keybase remove the tab the sooner
it will be clear that they are past the denial stage.

This was a bad enough fuck-up that I removed my social proofs and now
recommend that people not use Keybase. But if they fixed a few things (remove
the Crypto tab, fix moderation, fix name changes) I'd pay them a subscription
in a heartbeat.

~~~
ME70
In all honesty I believe the crypto offerings were a smart idea that didn’t
undermine Keybases reputation , it attempted to highlight a user friendly
exchange of Stellar and any further crypto to come along . What did undermine
the reputation was allowing a system that could be scammed which called for
the closing of the offering . Clearly not thought out enough .

------
ithkuil
One of the things I liked about keybase is that it pooled identity proofs from
different providers. If somebody manages to replace a proof in my gihub
account, other people can (independently) verify that there is something
wrong.

I'm not sure if I misread the documentation, but it seems that with keys.pub
each "service" offers a disconnected world. If somebody manages to publish a
proof in my github account, it can trick people using keys.pub to think that's
still me.

OTOH, with keys.pub I don't need to trust any server.

Am I misunderstanding something?

------
kreetx
Lots of keybase early users here. I started really using it relatively
recently, and mostly like it, regardless of "losing its way".

What I use are is the chat, git and filesystem. Verifying other people's
identities - not so much.

The only problems are related to the GUI having hiccups, opening images posted
to the chat, say. Git and filesystem are relatively slow, but can live with
that.

~~~
novok
I feel like if they did some decoupling and got rid of the persistent running
connection / filesystem stuff for features that did not need it as a mandatory
thing that early users wouldn't mind as much. For all I know it actually does
work that way too.

------
vorpalhex
I was a very early user of Keybase and I've been super disappointed in the
direction they've gone. They've had some neat ideas along the way but packing
them onto the key service and the cryptocurrency missteps have caused me to
shy away from them.

This looks like a good start for a real competitor. Obviously it's early but
I'm seeing the right things.

~~~
StavrosK
I see this from a lot of people and I'm puzzled, can you not just avoid using
the features you don't like? I don't see anyone going "I used to use VS Code
but they added a database viewer so I stopped".

~~~
vorpalhex
The keybase client went from a small CLI to a persistently connected app that
ties into a filesystem, cryptocurrency platform, chat ecosystem and more.

Nothing is free. Adding features takes up resources, adds complexity and
errors and increases attack surface. Sometimes that's an OK tradeoff - I like
being able to see images in my email client. Sometimes the tradeoff is not
worth it - my text centric IDE has no business touching database files.

~~~
StavrosK
That's fair, my question was more about the cryptocurrency feature
specifically. "General bloat" I can understand, if you only care about the
keys.

It seems to me, though, that the key part is just the first step in an entire
featureset: Once you have a reliable way to get trusted encryption keys for
any person, you can build a whole lot of useful functionality on top of that,
which is what they've been doing.

Personally, I wouldn't have much use for just the key exchange, and I really
like the encrypted chat/repos/files/etc on top, but I can understand different
preferences there.

~~~
vorpalhex
It would be possible to build an ignorable cryptocurrency feature, and if that
had been the case, I probably wouldn't have noticed or cared. Instead Keybase
tied into the launch of a questionable currency which involved giving the
currency to people as a marketing tool and then resulted in a spree of
attackers, disclosure attacks and other problems.

There's a difference between "Hey, we've built in a small wallet feature" and
"Congratulations user, we've now given you 200 Lumens of tax liability and
sent you marketing emails disguised as information, please prepare for a horde
of hackers. Also we've fussed with your keys to make this new feature work.
Thanks!"

~~~
ocdtrekkie
I haven't found a use for it yet, but I'm not upset that they gave me money.
It's the only crypto I've ever owned, but it's mine I guess?

Also, my understanding is (at least in the US) that you don't need to declare
gifted cryptocurrency until/unless you realize it's value by either selling it
or sending it to someone else as payment for a service.

------
thanksforfish
> This project is in development and has not been audited.

I love seeing notes like this. Everyone needs to start somewhere, and for
security projects there is a danger of overselling initially, which undermines
credibility. This sounds like someone who understands that theres a lot of
complex challenges to get this to production level security.

------
bhhaskin
This seems like a cool project. Keybase has kinda lost it's way and has no
idea what it is anymore. Where this seems pretty focused on doing one thing
and one thing well.

------
gbriel
Hi all,

I'm the author of keys.pub.

Can the mods change the title of this post at all? This project is meant to be
supportive of ideas from Keybase and to promote Saltpack and this title is
weirdly disparaging. (Edit: Title was changed, thanks!)

Thanks everyone for the feedback. This project is in its early stages but the
goal is to make it easier to manage and securely store keys and secrets.

I'm currently working on hardware key support and FIDO2 integration, so be on
the lookout for that.

~~~
dang
Sure, no problem. I've used the HTML doc title but I had to shorten it to fit
80 chars. If there's a better—more accurate and neutral title—let us know.

(Submitted title was "Keys.pub – Keybase Without the Cruft".)

Edit: I changed the title to something the author suggested in an email.
Before that it was "Keys.pub – Manage keys, sigchains, identities, signing,
encryption, passwords".

~~~
gbriel
That's great, thank you.

------
rguiscard
In light of Zoom buying keybase
([https://news.ycombinator.com/item?id=23102430](https://news.ycombinator.com/item?id=23102430)),
this project might be more interesting to users of keybase now.

------
JNRowe
I get that this is new and in development, but I'd really like to see a more
in-depth comparison to keybase than:

> This project borrows many ideas from Keybase, including sigchains and user
> (proofs), and uses Saltpack and keybase/go-keychain and other packages.
> However, this project only links a single key to a user.

I say this while noting I've seen that "Better documentation" is an item in
the todo list. However, it just isn't clear - to me - where they plan to move
or draw a finish line for features.

If you have a better comparison please post it, and I guess a PR for the
project too ;)

------
terrywang
Keys seems to have taken the `back to the basics` approach and follow KISS to
solve the original problem(s) Keybase was trying to solve (key & user ID
management for human beings).

Obviously Keybase has strayed away from its original heart, added all those
unrelated elements like social chat, Dropbox like (fuse) filesystem (this is
actually OK), team collaboration, SCM, and even crypto currency wallet, so
bloated [1], hmm... Do we really need all those? No for me, but I don't have a
choice if I want to use the core bits and pieces (good part) of Keybase.

Glad to see Keys, gave it a try on Linux (thumbs up for packaging it using
`AppImage` instead of snap or flatpak). However, it had gnome-keyring
dependencies (wrong assumption that people use GNOME Shell or variants as
default Desktop Environment), issue reported [2] and being worked on. I did
run it in a Windows VM and it seems to be exactly what I need for key & user
id management, looking forward to its development and adoption.

[1]: Keybase GUI for Linux
[https://pbs.twimg.com/media/EW0wKs4VcAAL3Qi?format=jpg](https://pbs.twimg.com/media/EW0wKs4VcAAL3Qi?format=jpg)

[2]: [https://github.com/keys-pub/app/issues/6](https://github.com/keys-
pub/app/issues/6)

------
mfrager
This is very cool but I screwed up 2 of my "sigchains" to Reddit and to GitHub
by deleting the underlying messages (I didn't realize I wasn't supposed to) so
now two of my identities are messed up and I can't even use the app. I get
this message: "panic: Unknown user status content-invalid (13)". Great
project, but needs a better way to clean up invalid keys and re-issue them.

------
meddlepal
One of the killer features for Keybase is the combination of teams +
KeybaseFS. Unfortunately this doesn't look like it has either of those
features.

~~~
prophesi
That's the cruft. If they separated those out into separate apps, I'd be
happy. It's an E2E-encrypted Slack-clone, public key management system,
encrypted file storage, and a crypto wallet.

~~~
cortesoft
I guess one man's cruft is another man's crucial feature.

~~~
prophesi
Precisely the reasoning for writing tools that do one thing very well.

~~~
ibejoeb
The problem with that is that it completely disregards one market, i.e., the
one that wants an integrated system. You could probably install six programs
that do these individual things, but then you'd have to install six programs.
That's a non-starter for those looking for the integrated solution.

~~~
feanaro
What if you made a unified installer that installs those six tools configured
in a certain default way?

~~~
ibejoeb
Certainly there are plenty programs that are designed modularly,
componentized, plugin-based, compositional, whatever... They just never feel
as good as purpose-built apps with good workflows. If you know of one that
does, please do forward it on because I'd love the inspiration.

I think Keybase does what it intends to do, which is to make PKI accessible to
non-experts and to cultivate a community of users achieve the usefulness that
network effect affords.

If you're really just looking for encryption and signing, encrypted
filesystems, encrypted chat, distributed filesystems, and you're an expert,
you have the tools you need.

~~~
asdkhadsj
> They just never feel as good as purpose-built apps with good workflows. If
> you know of one that does, please do forward it on because I'd love the
> inspiration.

I think the flaw here is that you're _(likely)_ comparing purpose-built with
unrelated unix-like apps.

What could have been done here with Keybase, is a purpose built app composed
of unix-like tools, all controlled and implemented towards the purpose-built
app. Aka the IM would be unique if you wanted it, or bundled with the FS, but
both would be first-class Keybase citizens.

Unfortunately most companies don't put the time or effort into letting people
consume parts of their offerings. It's all or nothing. Which is the complaint
here, imo.

------
ahnick
So there is no network that connects all the keys.pub clients together? Are
you just supposed to do point-to-point connections through Wormhole? Still
trying to understand it.

I keep hoping for a decentralized/federated network implementation for Keybase
(or forked version) that will basically take the place of the centrally
managed Keybase servers.

------
markandrewj
I might have to give this a try. Keybase has turned into something that I
don't enjoy for a variety of reasons.

------
uranium235
I think it might be a good idea to use something like IPFS to distribute keys.
Now that cloudflare seems to want to support it officially, the only exception
to why they might not are the same kind of lawsuits that brought down the
pirate bay but cloudflare has opted to offer content blacklisting/cache refuse
in their terms of service so I'm not sure how that's going to work out, but so
far since 2018 nothing seems to have changed. I'm not really sure what their
takeaway is though, it must provide them some benefit otherwise it's just a
waste of their money to provide a gateway service. I'm not sure how well it's
going to scale once people start building on it and actually use it more.

~~~
uranium235
I want to add to that the ethereum name service,
[https://www.increaseo.com/eth-domains-ipfs/](https://www.increaseo.com/eth-
domains-ipfs/) could also potentially play a role in a means to efficiently
and reliably distribute public keys in conjunction with IPFS? Seems worth
considering at least.

~~~
uranium235
and it's not the fastest thing but in theory it's simple enough that you can
just do something like this:

ipfs add test.asc added QmX1yKeerXb9vSYoQXcZuuw1QFTu5UxDCec4hY9htjRYE7
test.asc

and retrieve it [https://cloudflare-
ipfs.com/ipfs/QmX1yKeerXb9vSYoQXcZuuw1QFT...](https://cloudflare-
ipfs.com/ipfs/QmX1yKeerXb9vSYoQXcZuuw1QFTu5UxDCec4hY9htjRYE7)

if you have an ENS name you can access it this way: [https://cloudflare-
ipfs.com/ipns/atmarketplace.eth/](https://cloudflare-
ipfs.com/ipns/atmarketplace.eth/)

------
EGreg
Can anyone suggest a serialization format that can be implemented across
languages without being a language lawyer?

JSON seems like it fits the bill but I have seen soooo many complaints about
UNICODE encodings, whitespace or some other things, and people saying secure
scuttlebutt suxx because it relies on perfectly copying Node’s JSON
implementation. But dudes, what format is better out there?

~~~
Vendan
The SSB issue with json is that it plays with the json after signing it. Just
don't do that.

~~~
EGreg
Please elaborate

What specifically do you mean? I have so far resorted to using
http_build_query type algorithms to make it for sure canonical.

------
jadbox
What does this wormhole exactly do? The docs just say it's a secure
connection, but how exactly do you interact with it?

~~~
philsnow
it's [https://github.com/warner/magic-
wormhole](https://github.com/warner/magic-wormhole)

but see in particular [https://github.com/warner/magic-
wormhole/issues/107](https://github.com/warner/magic-wormhole/issues/107) . It
uses a static wordlist and by default uses a shared pool of rendezvous
servers.

The (an?) author addresses this here [https://magic-
wormhole.readthedocs.io/en/latest/attacks.html](https://magic-
wormhole.readthedocs.io/en/latest/attacks.html) but I think characterizes the
attack poorly: it's not important that it's low-probability that an attacker
can pull off a MitM transparently, all an attacker needs to do is be able to
guess the channel + code words before the receiver receives the message. The
default is to only use two code words, so 65536 possibilities. I don't think
it would be hard to open 64k connections very quickly, so this seems like an
easy-to-win race. Maybe I misunderstand the math.

I don't think wormhole should be used for anything important without a private
rendesvous server, and if you have secure access to a private rendezvous
server, why bother with wormhole?

~~~
psanford
That's not how the protocol works. A single failed guess terminates the
connection and alerts the sender that an incorrect code was used and someone
might be attacking them.

If you are concerned about guessability you can use more than 2 words. You can
also use strings that are not in the default word list (the only thing the
default word list gives you is tab completions).

edit: Also the "wormhole" spec that keys.pub has is not related to magic-
wormhole.

~~~
philsnow
I happily stand corrected on both counts, thanks

------
jwr
Question is, will this become a useful tool or a bloated multi-purpose
behemoth (with no clearly defined purpose) like Keybase did?

We badly need good simple tools for encryption. For all the criticism of GPG
coming from the savvy crypto-crowd, there is still no other tool that performs
common encryption-related tasks quickly and easily.

~~~
doomrobo
age is the standard answer to this [https://age-encryption.org/](https://age-
encryption.org/)

~~~
jwr
I like where age is going. It only does a fraction of what I need (for
example, I need to sign and keep detached signatures), but I have high hopes
for it.

Still, it is nowhere near a replacement for GnuPG.

------
eeZah7Ux
GnuPG - Keys.pub without the cruft

Jokes aside, gpg does exactly key management, signing, encryption and so on.

Plus, it's nice to acknowledge and support the work of the author.

A tiny wrapper that provides a friendly CLI/TUI would be welcome.

