Hacker News new | past | comments | ask | show | jobs | submit login
Introducing Keybase Chat (keybase.io)
990 points by aston on Feb 8, 2017 | hide | past | web | favorite | 192 comments

OP here! I had to trim the post down for brevity, but I thought the HN community in particular might be interested in the API side of things.

Undocumented in the post: you can invent channels for app-to-app communication from the JSON API. For example, it's possible with Keybase chat to have a program posting encrypted messages for another person or program, without cluttering up the visual chat interface.

Also - to test chat we've cut the invitation requirement. You should be able to try the app without anyone inviting you.

This is cool. One thing that keeps me from using Slack, &c is that I don't trust my information to be stored on their servers. Keybase's combination of private keys and open source tools and protocols makes me comfortable with your server-side storage.

Your post does a good job describing what is stored in a readable format on your servers. One thing I didn't understand is where the data sent to users not yet on Keybase is stored. It sounds like my client is responsible for storing this unsent message, either locally or on Keybase's server encrypted for myself, and occasionally querying the DB to see if the target user exists and re-encrypting it. Is that right?

Finally, any thoughts on spam prevention for this protocol?

oh, great question! I wish I'd been clearer in the post.

Encrypted messages waiting for others are stored on Keybase servers. But they're encrypted only for the sender. The important requirement of this protocol is the removal of extra human steps, especially the ones before composing a message. The only thing a person should have to do is (a) write a message and (b) maybe tell the recipient it's waiting for them on keybase.

It's the worst to ask someone for their number or email before you get to compose a message.

There are still computer steps, however, and Keybae hides them from you. If you post an encrypted message for foo@reddit, then you sign a statement to yourself that foo@reddit is an intended recipient. When foo@reddit proves herself by announcing a key, your own client verifies the announcement and rekeys the content for her, assuming her key proof matches your signed assertion. This is no work for you, although it does require that one of your devices comes online. If they try to get to the content and all of your devices are off, they'll see a message that the original sender needs to come online before it's available for the first time.

The story with phones will be even better, as they're easier to reach through push notifications.

As with most large data encryption, this is performed by rekeying a symmetric key. So you can leave a huge attachment for foo@reddit and you don't have to download/upload the data all over again just to make it available.

As for spam prevention...we're still discussing. We obviously don't have the ability to study message contents. At the very least, we will need to have easy/clear blocking features

> Keybae

I hope this is an internal nickname ;)

Thanks for expanding, and I wish you luck on the spam prevention. We often have conversations in the office about implementing a cost-based anti-spam system[1] for email, but I think a lack of universal usage kills that idea before it can begin. Keybase may be in a position to implement it before the protocol and user interfaces have ossified. Something to think about.

I find this stuff fascinating. Deciding not to interview with you guys because I didn't want to move remains one of the biggest "what if"s of my career so far :)

[1] https://en.wikipedia.org/wiki/Cost-based_anti-spam_systems

As for spam prevention...we're still discussing. We obviously don't have the ability to study message contents. At the very least, we will need to have easy/clear blocking features

This immediately jumped out at me as a potential problem with the system. I think you had better get jumping on it quickly. Preventing abusive messages is much easier if mitigation is built in from the start.

What prevents hundreds of spam messages hitting a new user as soon as they sign up? An automated system could create a spam message for every github user account (just as a way to get likely signup identities) and keep a client running and they would be delivered to new users as soon as someone verifies themselves. A group of people could target one individual so that they are flooded with unwanted messages upon joining.

I'm entirely unconvinced by your argument regarding backing up a perfect forward secrecy chat. PFS is about preventing any listener of the messages in-transit from ever effectively decrypting those messages - it says nothing about security guarantees once the message is received.

It'd be like arguing that by enabling PFS also creates a social contract that the receiver guarantees that their device isn't compromised. Or that webservers that use PFS in TLS don't log most/all of the details for the requests they receive. I don't believe either of these to be true.

You seem to have extrapolated some social properties from a purely technical property and assumed everyone must think about it in the same way as you. But in doing so, you've made your protocol weaker against realistic attacks.

Oh, and the likelihood of an attacker stealing a device with WhatsApp installed and only being able to extract the identity keys and not the cached messages seems absurdly improbable.

Personally, I wish you'd either tried to work with OWS/WhatsApp/whoever to integrate in what makes keybase.io great (providing identity verification - something that all these could use) and not gone about adding to the already crowded area of chat providers.

To be clear, all of Keybase's client-server traffic goes over TLS and benefits from TLS's forward secrecy on the wire.

Please see this comment:


Nothing stops you from going full PFS.

In fact, you could even flip it around and let a shared notepad connected to the chat represent what you want to remember permanently, while the chat could remain ephemeral.

This makes for more accurate expectations and less risk of user error.

I can believe that is the case, but that just moves the attack vector to within Keybase's network, it doesn't mitigate it completely.

This is really cool. Question: right now, I have a [deep link to Keybase's encrypt page][1] on my website as "Create encrypted message." Will there be a way to do something similar, but using Keybase Chat(tm)? ("build it yourself" is an acceptable answer in this instance)

[1]: https://keybase.io/encrypt#oddevan

-----BEGIN PGP MESSAGE----- Version: Keybase OpenPGP v2.0.62 Comment: https://keybase.io/crypto

wcBMA+CNQSDgk7JsAQf/bOJdpfJ6Uzt2/dwlQrgYnOOEFVDoFnMYpLDU3R41U4EI vG5CuW3BtpUZyQI+W/sgVXJoaj/HHtc4H+Kj3lqDizdUBansIYBbjtMZaJ/hN/cm zNIa6NlUZqmGKOYt0CKJhINnTp0dQJeVlKJQHjOBwvaqpPw0jfYLqLwfkR5y55RO ++WwyHSLXHQYTd6vX/CYtVAYIEU8NiP3s/FraLtYSF1OWMDITV22vyw5NSg9BLiK SI2vL74hKT5W8AvMBWdMIbFvlC6ef5e8BXABPLVXUtxuHg9t/uCM5ZQ6gnegn54R K39EA4bOwWuCE5XJK1h2RfCB6k8FG7nl9SpjTU6GW8HBTAMv22o+4yM4xAEQAIVZ Szs2mKfbkMKoR1jr6lTvfjm3wpd95ykOMZtKNd1YPPjqbGpAVii/SPqlTMwsgaj3 uuGSZlIQMcjUB/QixaeJowddBQxZzJHS04Cg0t+44MlaVczMe0gE3dyEY8swmKbM OFBq3nPDPuEyFV1LckFUuQwnwfoexvAgzEbW6m6qWt7DR+xKOW6DwkBL2aztWtJc A2s+JBRFw58PY9aeUIku6L0v3+tHLMKAQoXnmwFVA277CpG2OH7sk6rLq85y5JrW fXJ4SuHyIW7mLjYKm9PX6+PhQLH9KzqYlWM+08p/IoXR7DHYSWHRvk7zSruJgHqi I8WJTDdRghfUcbeedQRH8fx7MZiBwLQeHg0kBEEn6ajGr8trbKzdgw82FqPwXIfL 09Df0pcfXhJimfQ8XRVeNPK4+DVHUCEWc4cavm8ZaNSA8r1vRTytNtI3h4eOtM9G FZh/eaxl7hX8KxNGuK0clY+oMshUiNRIVScEUtsgpH8actXSdP16Wv/+H+51Tg9G 8rdNyeRMMBqKn+fDAAQFKbSe7n4GyNcg+dbHFuVzaF1fNq2LbGPOtnKb+Xbfwg0O WMLCui3TXNre30Jv5iorSTNLu3xP9X0LEDWLsgBeqgYW/YFhtwBLjeFUV5lmB4YS UVCDxepIb+yGDHESm9rwb/1Na0kslNPh9/18ngZ40sHBAerxcxFVGav1JBqpModE usf64H3xiBzIyxHbCzPhiSKZjuP2WXNV5k153rCG8bbreTfUXxpO6nIBHT2ie6sA xo7tN66AmN2fouxMIFYERIbL7S5S8fBkO1tsaF+VSveBx2heTQ84k+P4TCVD7PQB IU+TPXg+Vrz15tiVSoSI+Ep+rV2pzKOFQXl0adOUisV8tMMFJD3YSwbUoTreM8tq 7CAyWhCxjnbgiedG1qF/J55WYdNyc9PorK7Kjx6wTRHLVQhF1W80OT8X5gvFbUoe PnzNTp2zi/4hKZfl/8G2tN0VZqhEynCT+iaDO0hG7VVz8DJfDz+9699KpoSVbiad pHiRORulU3/gYKLAYYpOo1fx6AP1utcmDfwEiJEROfZqkMI+CW5HTXGZavr3eImq JhZFsrtSvitXGwcGW6bYDoR56NaV9+A2PUlVt9PrlAonus06tuj2/o47jrdxmX1K aEp3uWVh0ZFSjc2YazmaN/zJyECP7b5Ig2wvhjDh39QqlYPocSZnNnZkWlUi6x3r OQ7ffkqepcFD+Zafm8vU95xs8ehFY+Jivdbbj4P3kff1LBv8NQ6KDKA4eiliDrnO Ml/B1TwipND2PVg8qEq2n64cYJpeGD/Hrcr8PlAvH+v8Xc9VJaerB8yeg9FqyJS7 7dAAkJsgWXBx1bfK6BUkJ/CefNjOYjtizwhVa1uQFOZjpg057WEo0m+dw7nCEG5M 3VexMu/Kx96dI5+hqs6SWSf6rC+Jj74J5cyvtoZZ2XdHl8GzrKt4mHf+XFpqTefG TjwNkYPnofKXfXe/R14wifThs2thVmM6tY5TJBtGdqOVVhJ2wbsbByQ2ivVYBCW3 hAA= =1dpX -----END PGP MESSAGE-----

Considering that HN does not preserve envelope formatting, that more than one person reads HN, and that scrolling through this on my phone was really fun, perhaps PGP messages are not a good idea regardless of how on-topic or clever they are.

even moreso in a thread about keybase which actively tries to solve just that problem.


Thank you and the Keybase team for this. Unlike other services, I think KB has solved the online identity authentication issue.

There's one hurdle I need to work through to get going on chat. Thus far I've avoided uploading my private GPG key to my Keybase profile, or even copying it to other devices (call me paranoid). Unfortunately this apparently means I can't authorize any other devices (see error message: http://imgur.com/a/UOftN). I assumed device keys were meant to solve this problem, but maybe not. Is there a supported way to make a subkey (GPG or otherwise) of my primary private GPG keypair, so other devices can securely authenticate against my KB profile?

EDIT: I haven't yet started using device keys. Maybe they would work?

This is answered in the FAQ at the bottom of the post.

You'll see this policy in action when you install Keybase on a 2nd computer. It'll make you either (a) type something on your first computer, or (b) enter a paper key. This isn't just two-factor auth with server trust. The old key is signing a statement about the new key, and the new key is countersigning.

It could be formatted better: it's telling you you have three different options, one of which is,

    Install Keybase on a different machine that has your PGP key
I was in the same boat as you, I didn't want to import my private key onto this mac laptop because I don't know how the "Keychain.app" works and don't trust apple to not do something super helpful like store my GPG private key forever and always. I did the login flow on the machine I do trust, and was then able to use that machine to authorize the mac laptop, without moving any GPG keys anywhere.

I interpreted that option as Keybase needing a local copy of the PGP key. Thanks for helping me understand that's not the case.

I've set up Keybase on my trusted machine with my GPG keypair, and now have a device key on that machine. When I go to Devices -> Add new... -> New Computer in the GUI I'm told to "Type in text code" (along with the note "In the Keybase app on your computer, go to Devices > Add a new device"). I find this confusing because I'm already there. I tried using the only paper key I have, the one corresponding to my first device key, but there's no response when I click Continue. This is the Linux client, by the way. I'm guessing this is a bug, but I'm not sure. Can you confirm this is the same process you went through to generate your second device key?

When I try to log in on the secondary computer, which doesn't have the GPG keypair or a device key, I'm brought to the same error shown in the screenshot.

on my trusted computer with my GPG key, I ran 'keybase device add', selected option 1 ("desktop or laptop") and it asked me to enter the "verification code" from the other device. It also said, "to get a verification code, run 'keybase login' on your other device", but I'm certain that I just clicked some buttons in the GUI instead of running that command.

  > Undocumented in the post: you can invent channels
  > for app-to-app communication from the JSON API.
Is everything accessible from the JSON API? Like, say I wanted to create a mashup of GitHub and Keybase, could I do so?


This is awesome! Thanks!

Wondering if you can clarify a bit—what parameters cause a chat to/not to show up in the GUI? Different topics? Different channel names? I have a use for this immediately and am excited to give it a shot!

For program-to-program talking, use the "dev" channel, in a topic of your choice. (By default --topic-type=chat and changing it to dev keeps it out of the GUI)

For example:

  keybase chat send friend1,friend2\
   "server-restart [reason:hot and bothered]"
I'll never see this in the GUI but you and your friend1 and friend2, can access the messages through the chat API. The topic-name can be whatever you want, and it allows you to structure messages into channels.


If you're using the JSON api - which makes more sense if you're programming it - take a look at `keybase chat help api` to see some examples of how to structure the JSON going in. Anywhere you see a `channel` object, you can add `topic_type` and `topic_name` to them. Both should be strings.

Why is non-PFS the default? You wrote that somewhere in the documentation.

You said something about violating expectations when you sync PFS'd chat contents, but I don't see why that's relevant unless people were promised otherwise.

There's nothing about the encryption algorithm itself that dictates how data going over it should be handled at the endpoints.

Just let users have a regular mode and an off-the-record mode where nothing is kept. Both PFS protected.

Are ya'll going to post a SHA checksum for the downloadable dmg alongside the download?

Probably not. It's a TLS connection -- if someone can lie about the contents of the DMG, they can lie about the hash too. How would it help?

One thing I've noticed so far is that with the Keybase desktop client on Windows 10, the "Reddit Form" button for submitting a proof didn't work for me. It just fails silently and doesn't open a browser window or whatever it's supposed to do.

Additionally I am curious why on Reddit people have to post a wall of text, while on Twitter you only have to post a small tweet? Is there some reason people can't just paste the tweet version onto Reddit too?

Same problem here.

I just installed the app but still get asked for an invitation code. The chat sounds great, looking forward to try it out! edit: Nevermind, on the website I wasn't asked.

Huh, the channels support is just in time to replace App.net (or maybe "to do App.net right", since it didn't really get off the ground.)

Firstly, thank you so much!

Secondly, I think this is incredibly important moving forward with the proliferation of messaging channels. I want to be able to use one program for all of my different chat sessions. Whether that be adium or pidgin or mIRC or even weechat/bitlebee in a docker container. It would be great if there would be common plugins for common chat clients provided off the shelf. :D

We didn't design Keybase's chat API to match any messaging standard, but the number of calls into it are very few and flexible, and we're open to change.

As it is right now, I imagine it would be very easy to write a library that acts as a bridge to other interfaces, if that's of interest.

There are calls to see into your "inbox" which is the set of conversations, read messages, even peek at unread messages. And of course send messages, too.

Two approaches that could get you very far without O(N) effort:

• a Matrix gateway server

• a libpurple plugin

"it's possible with Keybase chat to have a program posting encrypted messages for another person or program, without cluttering up the visual chat interface."

Nice. I'll be looking at what source of tools that use this style of communication on github.

Just installed and it's still asking me for an invite code on the Fedora RPM.

and for now if anyone hits this, just use the invite code `zcash`. We've left that bypass code working since our recent blog post.

Could you file an issue over at https://github.com/keybase/client/issues and tag @oconnor663 in it please? And maybe include the output of `keybase --version`?

I'm also getting an invite request for macOS


I had the same issue, but signing up on the website seemed to work fine and then I was able to log in without issue.

Q: group chats? Seems like it could be done by encrypting (and sending) the message to all recipients, so it's not particularly efficient, but it's a valuable UI thing.

If you install the client there is an "i" info button in the upper right of chat that allows you to add participants.

I was wondering about that very thing when playing with it; encrypted app-to-app comm via the chat. Maybe something similar for the file system with a pair of pipe files.

Oh! And I was wondering whether someone has invited me and I haven't noticed, or if you don't need invitations anymore. Thanks

Any plans for Steam support?

This really does look great.

Edit: since I haven't been running Keybase for the past 2 weeks, I missed the fact that they disabled continuous background proof verification due to my concerns: https://github.com/keybase/keybase-issues/issues/2782#issuec...

Good on them! The rest of this comment is not actually applicable anymore and you should give Keybase Chat a try :)

Original comment:


My biggest concern with it, however, is that the Keybase client is now frequently verifying all my contacts' proofs. Many of these verifications are for personal websites and are done over port 80 or involve DNS lookups that my contacts control.

This leaks a great deal of metadata over the network about who my contacts are, and makes it easy for a hostile network to determine who I am if I'm running the Keybase app.

I reported this on GitHub when I noticed it and have unfortunately not been regularly running the Keybase app since: https://github.com/keybase/keybase-issues/issues/2782

I hope they decide on some sort of fix for this. They could at least not do verifications over insecure connections and arbitrary 3rd party DNS lookups without my explicit approval.

Looks like they did in fact fix it, just forgot to report back. (Just saw a new comment on that issue)

Nice! Thanks for contributing that feedback and helping to get movement on it.

Warning to all OS X users: The Keybase Chat desktop app does a number of shady things that ultimately led me to delete it from my system. I am writing this purely as a public service announcement, to those who worry about installing unknown apps on their Macs. The Keybase Chat app:

(1) Requires administrator privileges to launch on first run, to install a "Helper Tool". The app does not explain what this tool does, where it lives, nor does the Keybase website.

(2) Installs a login (startup) item without asking permission, so Keybase will auto-launch on every boot.

(3) Installs a Finder Favorite in your Finder sidebar, without asking permission.

(4) Installs /usr/local/bin/keybase without asking permission.

(5) Installs /Library/PrivilegedHelperTools/keybase.Helper without asking permission.

(6) Installs /Library/LaunchDaemons/keybase.Helper.plist without asking permission.

(7) Installs ~/Library/LaunchAgents/keybase.* (3 files) without asking permission.

(8) Runs permanently in your menu bar, even if you quit the main app.

These things may all have good reasons and be benign, but they are too shady for me, so I deleted the app and all the files listed above. Apologies to the devs.

To play devil's advocate, steps 1, 2, 4, 5, and 6 are all fairly standard behavior for a Mac app that is installed "for all users on this system".


Step 2 and 7 are fairly standard behavior for an application that is meant to be running at all times, eg a persistent chat app. Even something like GPG installs files into /Library/LaunchAgents. The location of the directories in question shouldn't set off a warning flag about whether an app is "shady" or not.

I accept your devil's advocacy, but I would argue that the app should have simply asked permission before doing these things, especially installing itself as a startup item and adding a Finder favorite. Also, if the app is going to install things as an administrator, it should tell the user exactly what it plans to do. Just my $0.02. I know that Keybase the company is not shady, but their chat app sure feels off to me.

Note that the app does ask for permission before installing the helper, i.e. via the standard macOS elevation prompt; agreed though that it doesn't actually explain what the helper is for or what it will do.

The whole client is open source:


As far as I know, it asks for root because the Keybase filesystem runs on Fuse, and the menu bar app can be quit from its menu.

It's hard to balance making a simple, self-contained app with providing easy installation, a custom filesystem, automatic updates, and a command line tool… if you have ideas on how to improve things, I think they'd be open to issues/PRs. (I used to work on Keybase. I personally trust the devs, but, really, you can build from source if you want.)

The feeling that the app is shady (because of permission overreach) may stem from the notion that Keybase is a chat app. It is, perhaps in the same sense that a browser running Slack is a chat app. It also includes crytographic key management and message handling via both GUI and command line (the core product), as well as a FUSE-based file system interface that allows transparent encryption/decryption with other users (Keybase FS). Viewed in that light, the installation footprint might be considered more reasonable.

> Installs /usr/local/bin/keybase without asking permission

I'd guess that any installer would be expected to do this, this particular item doesn't sound "shady".

Had an interesting manifestation of this overreach.

I'm using a gulp task to watch for file changes. `gulp-notify` gives me this error. I cleaned up keybase from my system but still getting this:

``` Message: 2017-02-09 11:37:56.154 terminal-notifier[2293:8114763] kCFURLVolumeIsAutomountedKey missing for file:///keybase/: Error Domain=NSCocoaErrorDomain Code=257 "The file “keybase” couldn’t be opened because you don’t have permission to view it." UserInfo={NSURL=file:///keybase/, NSFilePath=/keybase, NSUnderlyingError=0x7ffca345de60 {Error Domain=NSPOSIXErrorDomain Code=1 "Operation not permitted"}} ```

Ugh. Even if these things are fairly common practice for mac apps, there's no reason that a chat app needs to install a bunch of crap to launch on root.

By default, unless absolutely necessary, your app should install with only user-level permissions and should not attempt to insert itself into the boot process. Just let me click on the app when I want to open it. I don't need toolbars, I don't need a launch daemon, I don't need a global install. If you think those features are really great for some reason, let users opt into them later on.

It's not a chat app. They do those to install the keybase filesystem. The chat is a secondary feature.

I'm not qualified or interested enough to investigate this but I can tell you that on Windows Trend Micro have blocked keybase as potential malware. It's reported on github and keybase have requested an exception but reading your post one starts to wonder why Trend Micro would get that idea.

Just a heads up that you might want to be careful with trusting Trend Micro too much...


I'm glad you showed me that but unfortunately I'm required to run it by my organisation. And even if I do disable it we have VPN software that requires some sort of AV before you're granted access.

I suspect this is because of the kb.io filesystem

How did you find these changes?

I used the Unix "locate" command-line tool. I just searched for "keybase". Note that you have to build up a locate DB first by calling "sudo /usr/libexec/locate.updatedb". Type "man locate" in Terminal to learn more.

Note you can also use 'mdfind' for this (assuming you haven't disabled Spotlight), no need to build the updatedb. I actually have locate aliased to mdfind in my bashrc.

"locate" is not an Apple command-line tool. It is a Unix command.

For those who are curious: To be accurate, locate is a command provided by mlocate package (shipped by most modern distributions) which supersedes GNU slocate.

mlocate is a locate/updatedb implementation. The 'm' stands for "merging": updatedb reuses the existing database to avoid rereading most of the file system, which makes updatedb faster and does not trash the system caches as much.

The locate(1) utility is intended to be completely compatible to slocate. It also attempts to be compatible to GNU locate, when it does not conflict with slocate compatibility.

Reference: https://fedorahosted.org/mlocate/

Not the parent, but it’s pretty easy to find all files on disk with a particular name with something like Find Any File¹.


¹ — http://apps.tempel.org/FindAnyFile/

For instance, fs_usage(1)

Umm has anyone read the lisc. for this application?


When providing Keybase or the Service with content, such as your name, username, photos, social media names, data or files, or causing content to be posted, stored or transmitted using or through the Service (“Your Content”), including but not limited to the Registration Data and any other personal identification information that you provide, you hereby grant to us a non-exclusive, worldwide, perpetual, irrevocable, royalty-free, transferable (in whole or in part), fully-paid and sublicensable right, subject to the Privacy Policy, to use, reproduce, modify, transmit, display and distribute Your Content in any media known now or developed in the future, in connection with our provision of the Service. Further, to the fullest extent permitted under applicable law, you waive your moral rights and promise not to assert such rights or any other intellectual property or publicity rights against us, our sublicensees, or our assignees.

That's a bridge too far, and someone needs to dial this back.

> in connection with our provision of the Service.

This is pretty much boilerplate legalese that's generally intended to mean "you can't upload a file to your public folder, then sue us for copyright infringement because that file is in a public folder".

Lawyers seem like to cover their clients' asses as much as possible, but for a service like this that's designed for privacy-conscious people it'd do them well to step back and think about how the license comes across to privacy-conscious laypeople.

From what I've seen of Keybase, from back when they were just an alternative to the PGP Web of Trust to now, I don't think they're genuinely planning anything nefarious (but they'd still do well to have a ToS that reflects that).

What you're describing is "for the sole purpose of proving the service to you". The "in connection with" language is much broader. Whether the license is intended to give them more leeway or not is a different question.

Note the "in connection with our provision of the Service". This largely looks to me like a standard set of terms that they require in order to not get sued for shuffling around your content just to provide the service you're signing up for.

While the rest of the paragraph looks standard to me, I'm not completely sure about that last sentence. Is that what you're wondering about?

Isn't that boilerplate legalese for a service that lets you upload, edit, and share media?

there are key additional phrases that subtly make it different, like the fact, that this is transferable. And though not uncommon, using the term "provision of service" leaves the door wide open to your contents usage, because the lisc. is non-revocable, and perpetual.

If say, in 3 years from now as a provision of their service they offer analytics, or direct marketing. they can use any of your content for that.

I get this is probably just a wide net they are casting to not box themselves in, but it's something that is super restrictive to the user. And being as they also have a section require arbitration, and barring class action suits.

If they are acquired by, or decided become a bad actor, then you are pretty much SOL.

Does this mean that you are giving them the right to use any data transmitted through the service? Including your own personal messages?

No, from what I can tell it is them asking not to be sued to for providing the service they signed up for. That is, looking at your social media profiles to verify your identity across profiles.

Even if it did mean that, it would be of 0 use to them because they are fully end-to-end encrypted

The continued fragmentation of chat into walled gardens is really annoying. I feel like Matrix has done a good job not only designing their protocol to be open and federated from the start, but also in that they are actively working to provide bridges to other services. It would be really nice if keybase would work to federate with Matrix servers.

(Link to Matrix service, since they have an un-googleable name: https://matrix.org. The only working client that I know of at the moment is https://riot.im)

I am convinced that we are cursed to relive this nightmare once a generation:

1. Some chat application blows up in popularity. 2. Everyone looks around and says "Hey, that's an easy problem, let's build a competitor but with feature X and Y!" 3. We are stuck with a nightmarish number of chat apps until someone reverse engineers the protocols for each. 4. The bubble bursts and everyone realizes there wasn't any money in it anyway and goes off to doing something more interesting (like building better PKI). 5. ~10 years goes by and someone finds a new chat niche and the cycle repeats itself.

Yeah, though IRC seems to have weathered the years fairly well (at least with its core audience), and it's an open and federated protocol. Since Matrix bridges to IRC, and adds some features that you used to need IRC bouncers and such to get, and is federated itself, my (possibly naive) hope is that it can evolve into something at least akin to a "next generation" IRC with first-class support for E2E encryption and various other chat features that people tend to like these days.

Why do all new chat clients look like Slack? We're rapidly moving towards a monoculture of chat UIs.

I'd like to see a return to less intrusive chat apps, with more minimal UIs that don't take up most of the desktop real estate. The most common screen resolution out there? 1366x768. I kid you not. IRC has it's many flaws, but the clients still understood the meaning of good information density.

People seem to forget that chat is a communication medium first and foremost, and not a multimedia based experience.

Electron is the short answer to that. From what I've seen pretty much all the "new wave" cross platform chat apps are based on electron and a lot of the companies are emulating slack. In combination that leads to a lot very similar looking programs.

>Why do all new chat clients look like Slack?

Laziness so they can use the same styles on all devices. For the same reason many websites have mobile style buttons and fonts that are way too big on desktops.

Mobile first sucks if not done properly.

I disagree with the idea of allowing backup/restore of conversations defeats forward secrecy. There's a big difference between decrypting past conversations and decrypting chat logs. I have full control over my chat logs, I can choose to delete them, not store them with some people, encrypt them with a different password and rotate them monthly, etc.

Even Signal and other apps store all your messages on your device, optionally locally encrypted.

Forward secrecy is so that you can't just steal the key and network traffic and get _all_ past messages, regardless of whether or not I wanted to archive them. And getting my live key doesn't mean getting all my archived logs.

I said the same thing!


Worst case, make PFS without sync the default, but include a native feature for pasting into a shared document (Etherpad style, hosted by Keybase) for whatever your want to keep. Then you've got two spaces with different expectations, matching their capabilities.

And for attached files, they'd be displayed in a list while the chat is active, asking if you want to keep them in your keybase storage or let them vanish from the servers when you close the chat (delete their session keys).

That's an interesting idea. I think ultimately you need to trust the people you talk to though if you're discussing something private with them.

There's no technical solution to copying and pasting the conversation - try as you may, someone can always get a hook in there and dump the raw text out. Any technical measure you take against this is just as effective as DRM - a total half measure, vulnerable to everything from reverse engineering to the analog hole. The only solution is a social one.

Agreed, logged history and in-transit communication should not be considered the same thing.

> What if we're living in a simulation? > > Keybase offers no guarantees against sophisticated side-channel attacks by higher-level entities.

ahahah, that's great!

Hey malgorithms, this is great! I check the Keybase website every month or so for updates and discovered yesterday that there's a new logo, replacing the old thieving dog/ferret/raccoon with what appears to be a person's head with their hair in a bun holding a key. Can you give some background on the thinking behind this logo redesign? (Sorry it's not a question about chat, per say)

we knew we needed a logo redesign no matter what; the old didn't scale well. The new one looks good at small sizes - say in a menubar or as a small icon. Of course that's just an opinion, but our team is happy with it. In old displays (think 72dpi), our new one isn't perfect, but most devices in the future will be high dpi.

As for brand messaging: the thieving kangarooster was suggestive of spy-like activity, which was playful but many people thought it sent the wrong message.

I personally like the message of the key in the hair...I mean I haven't thought it through in some deep way, but it's sort of like seeing a pencil in someone's hair: it's suggestive about their personality, and a pencil is an easy-to-use tool. A key in there feels good like that, like you can just grab it and use it easily. But that's just my own personal, previously unshared, take on why I like it.

I don't know for sure, but my assumption is that she is 'Alice'[0] which is a common name used when explaining cryptography

[0] https://en.wikipedia.org/wiki/Alice_and_Bob

And apparently Alice looks like Pebbles (Flinstones)! A key in her hair sounds like a good place to keep. Visible yet on her person at all times.

Looks more like Little Mu from Moomins to me :)


Looks like it's a bit more friendly than some creepo raccoon

Not only that - but a "thieving raccoon" helps reinforce the mistaken belief that crypto is only for criminals. While I don't think that had a "serious" effect or that people would read so heavily into a logo - it never sat well with me. While I didn't notice the logo change until the GP post pointed it out, I like the new one better.

I kinda liked the raccoon...

I always thought it was a dog.


That looks spectacular, can't wait to try it tonight. Hope this software can overcome the network effects of existing systems. End-to-end encryption is really, really important, but I feel like the real game changer is being able to instantly chat with anybody online by just typing in their username.

Is it technically possible for Signal/Whatsapp to use Keybase keys in lieu of phone numbers? If so, how practical would it be to add this as an option?

I wonder how that would work with key rotation. Those chat services do a lot of key management for you during a conversation, while Keybase is more focused on long-lived keys.

Found the relevant part of the post:

How Keybase solves this problem:

End-to-end encrypt all messages, but only "exploding messages" (coming soon) will have FS. Therefore, your history will survive, encrypted, except for the messages you choose.

No. And even if it were possible they wouldn't allow it. Their servers are designed to forbid anything different from what they already do. Forget about that.

This is fantastic! I've been playing with it for a bit, and I'm loving it.

Question: since (encrypted) chat history is stored on keybase servers, does my chat history count against my KBFS quota? If so, how do I clear it out? If not, how do you mitigate against someone building a pseudo-FS on top of chat messages for free unlimited storage?

Wow, this is awesome! A colleague and I were just recently discussing how badly we feel the need for "encryption-first" chat software is - not tools that sell it as a feature, but tools that make it _the_ feature.

Great work KB team!

This looks great, but if you want this to work, you need Android and iOS support. When is that going to happen? Is that going to happen?

> When our mobile apps launches, your phone will be a great device for provisioning and chatting.

Apparently it is coming.

Thoughts from skimming the post:

Using all of the associated accounts across services to do user lookup is really quite cool, and the CLI integration and public broadcasts look very fun. Nice work there.

Multi-device key management is one of the hardest tasks for end-to-end, but that's been taken seriously from the beginning by keybase, and I'm leaning toward optimism. The UX decisions for forward secrecy seem pretty reasonable as well.

It'll be interesting to see if I ever receive messages from my fellow HN users now that it's a bit easier to do so without navigating my website to find my email address. I doubt it, but still.

I'll give it a run when I get home today. Since few of my contacts use Keybase, or would have any interest in Keybase, this is less "Wow! Awesome!" for me than the release of KBFS was - but it's still pretty cool.

I love how Keybase is expanding to be more than just a collection of "internet personas verified by a PGP signature" and am interested in what else you guys may have in the works.

E: Updated my profile info to make mention of Keybase Chat. And I don't even have it yet. ;)

This is the last time I spam a Keybase thread with invite codes :)




I have about 15 invites available. Let me know if anyone wants codes.

Hi I would like a keybase invite code. Thanks.

Did you get your invite code?

I have codes too, feel free to drop me a message for one :)

If anyone is still looking I have quite a few sitting idle.

Do you have any more? Looking for an invite :)


I have a lot more, message me if you want one.

Likewise - I have a handful left. Anyone that wants an invite, find me on Twitter if you want one!

First come first serve: https://keybase.io/inv/ae76df3488. I have more if you message me.

Keybase invite code. Pretty pls :)

https://keybase.io/inv/820655c2a8. Hmmm... is there a way to directly message one to you?

I love keybase. I am waiting for a password manager solution from them

You could do it yourself using /keybase/private :-)

But I'd agree, a good UI provided by keybase would be lovely.

Hey, whaddyaknow, that's what I did with Passbase ;) [0]

Well, not the UI part. And it's probably buggy as hell* - be warned - but It Works For Me ^TM. (And issues/PRs more than welcome!)

[0] - https://github.com/OJFord/passbase

* A big part of my motivation to do it was as a toy thing to learn some Rust, so it has all the hall marks of someone kludging around trying to learn something new. Critiques/"WTH ARE YOU DOING"/PRs with style improvements also welcome :)

I use pass, of http://passwordstore.org

While I didn't try it myself (I just run my own git server), symlinking the directory of that to kbfs (or maybe just create a git repo there and make some magic to locally push stuff) should work.

I saw that recently, after the post on here about the 'pass compatible password management for teams', I forget what it was called.

It's actually more along the lines of the latter I wanted to do with Passbase - seeing as it's already using KBFS it would be (relatively) easy to do password sharing, just throw it in a shared private folder.

I was thinking more of the shared pizza-order password with room-mates, or groceries, bill-paying - whatever - than professional teams, though.

I digress, yes, I'd definitely recommend using Pass over anything I've cobbled together!

I think it was probably 'gopass', https://news.ycombinator.com/item?id=13551692

This could be a great way to securely alert Github project maintainers about security vulnerabilities.

The "forgot your password" flow on keybase.io explicitly tells you whether or not the email address you enter has a valid account. Is this ok?

111MB for the setup download (at least on Windows)?! What's in it apart from a chat app and encryption library?

Without even clicking the link I'll guess it is an Electron app. So it comes bundled with Chromium, hence the size


How you managed to make Keybase.dmg 72MB when any Electron app is 120+?

This is the reason I am so excited about Keybase. I can't comment on the integrity of the software but the vision is there. All encrypted everything is where I see the future of the internet.

Does anybody know if they are working on a mobile app for at least the chat system? I don't necessarily need the whole desktop app on the phone but encrypted chat would be fantastic. (Currently using Signal but would be open to using everything keybase in the future)

Yes, mobile apps are on the way, it mentions in the faq

Sorry, I'm a little confused: is this a chat app client that still requires a central server to route messages around?

That's right. The messages are stored encrypted on a central server which can't read them.

Thanks for confirming.

I've been using the riot.im client over the matrix protocol, and while not yet the most mature comms stack, I appreciate that it is not based on a centralized server (i.e. i can and do self-host). My hope is that keybase can be made to be decentralized and that i can self-host. ..Or that its good features can be merged somehow with the best features of the matrix protocol.

i'm wondering which features would ideally make it over to Matrix? it feels there is parity already (other than perhaps defining PFS messages as 'exploding'?)

Good question/point...I guess I should have dived into the features of both and seen for myself (instead of assuming that the shiny new thing has better features)! ;-)

Why doesn't this seem to be in a release? The last release of the client was back in October: https://github.com/keybase/client/releases/tag/v1.0.18

It's in our released downloads at https://keybase.io/download

We don't use GitHub releases often.

https://keybase.io/download just points back to github for source.

You also haven't tagged anything more recent than that github release: https://github.com/keybase/client/tags

If you're not tagging or doing github releases, is there a list of 'stable' versions that distros should consider packaging?

No, sorry. We're still making a new release almost every day, and we have no stable branches, only master.

We'd prefer people to just install our own package.

I don't suppose you could tell us where the version number comes from then? I looked at opt/keybase/version of the 'now' package (20170214-1250 UTC) you host for Linux x64 and it says v1.4.12. What is the git commit reference for that version?

I would fully recommend against people installing packages from outside their distro. especially crypto related ones.

Do you consider master stable? i.e. should we consider packaging every master commit?

Is there another location for official source releases? The Nix expression [1] builds from source from GitHub releases, but it could easily be modified to point to an different address on the web to stay more up-to-date.

[1] https://github.com/NixOS/nixpkgs/blob/711a42e03aa44439142bb8...

I would love to have a linux curses client for encrypted chat. Something that irssi can connect to, perhaps?

Even better would be an open protocol. Keybase would sit as the trusted key database (go figure), verifier of identities.

Something like irssi-otr? https://github.com/cryptodotis/irssi-otr

That's great, but I also need a web client for friends who can't use irssi.

Can't they use pidgin/gtalk? Gtalk works with bitlbee/irssi-otr.

They can't install anything on their computer, so no pidgin. Is it possible to use the web interface with Gtalk without having your personal email open?

They have a command line API for the json messages that the chat uses.

I don't use Keybase on a regular basis yet but every time they announce something new I check it out again, and every time I'm impressed. I'm not sure what it will take for me to make the switch and use it regularly but if they keep this up I have no doubt it'll happen.

I'm not really sure about Keybase accumulating more and more services instead of focusing on integrating to existing ones. One of the initial attractions of Keybase (to me at least) was how the system was very simple, transparent, and not really dependent on keybase.io.

Keybase is a VC-funded startup, and this is part of the standard playbook for such companies. Expect more of it from Keybase, and expect it for any other company whose investors are still looking to get a payout on their millions of dollars.

It seems that this app and Slack are hugely influenced from the iPad style of app design. Why can't we have a window per chat session on the desktop and why do desktop users get wrapped apps? Is this an indication of the lack of perceived importance of the desktop?

Hey Keybase, I have a question for you guys:

What if we launch our own apps and websites that would allow users to claim they are X on website Y. Do you have a way for them to use their public/private key pair from their keybase clients, to sign these claims?

I do not necessarily want these claims to be publicly available to everyone on website Y. I want them to be privately transmitted between website A and B, so people can't be tracked between domains.

Argh! Please remove the typing animation! It's flipping between one two and three lines jerking the whole screen around on my phone.

Shameless plug: Before the Keybase [GUI] Chat was invented I hacked together this simple text-based client that uses twtxt formatted files to store private chats between two keybase users:


PS: It doesn't use the Keybase chat API, and it never will.

Awesome! I've been using this for the past few weeks on and off, and the user experience is very pleasant.

Now that I know about the JSON API for chatting, I'll have to add it to my unofficial Ruby interface[1].

[1]: https://github.com/woodruffw/keybase-unofficial

So how does this compare to Slack's free tier? Is there a user limit, channel limit, message history limit, etc.?

Think of this chat system as something similar to whatsapp or telegram. There are groups, and not channels. User limit, afaik, is not hardcoded. Message history afaik, also has no limit.

If you need an invite, hit me up on Twitter! If you're trying to find a random person on the internet to chat with and test this out, hit me up on Keybase! :)

Use my HN username.

Why does the page have 112px of top padding? Seems like a waste of space.

   body {
       overflow-x: hidden;
       padding: 112px 0 50px;

It's because 111 was not enough and 113 is excessive.

Do you think this could end up the same way OpenID did?

Saw this yesterday in the app, tried to use it and it failed.

Works like a charm today.

This should be very nice for ad-hoc secret exchange.

The --public broadcast messages are interesting. Is a Twitter-style service part of the plans?

Played around with the chat in beta and it's super neat! Keybase really is keybae.

Key gen less than two minutes from phone - all around great UI signing up!

I tried to set the proxy setting but it still does not work?

If I don't have a keybase account, can I use this app?

No. The whole point of the app is to have a verifiable chat with people whom you have also verified the identity of. Without an account, this verification is not possible.

... on their system, not in the general sense.

This should be clear in the first blog line, it is not a public service and it says "TL;DR: Install it".

I didn't realize that keybase is open to everyone now. The downvotes gave me the information subliminally.

I think this tool is very cool.

What is this paper key? I don't want a paper key! Now I have to write this and keep it in my pocket? No!

It's a backup key in case you lose access to all your other devices.

That way, you don't have to rekey all your services if you lose it and access to all your devices, like I did.

Protip: Use the paper key. Keep it safe. You never know when you'll have to use it.

But I can still rekey everything using my master password and the encrypted private key is still stored on keybase's servers, right? (or something like that)

I'm going to lose the paper key just like I lost my 5 BTC wallet just before the great Bitcoin boom of 2013.

Depends on how you set up the key initially. I don't know if it's still possible, but at some point in the past you could specify your own master key that isn't stored on their servers. My account was one of those, so once I lost access to my computers/paper key, I also had lost access to the PHP key and therefore had to essentially start fresh.

The only pain is that you have to re-verify all your services.

I actually keep it in my keepass password manager, so it is encrypted and on my phone.

I'm doing the same thing but with enpass.

iphone app please! until i can use it on my iphone its not that useful...

this looks like a great codebase! thanks so much for open sourcing this.

This looks absolutely amazing!

Any plans for a web client for chat?

Should be easy since main app is in electron

It's pretty hard to do crypto securely in a browser though without depending on browser extensions and whatnot.

I made a research on this https://sakurity.com/blog/2015/07/28/appcache.html

I'm fine with having a less secure web version and i know its limitations

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact