Skip to content

A dead man's switch for full but responsible disclosure of vulnerabilities

License

Unknown, MIT licenses found

Licenses found

Unknown
LICENSE-APACHE
MIT
LICENSE-MIT
Notifications You must be signed in to change notification settings

drand/timevault

Repository files navigation

Timevault

A deadman's switch to encrypt your vulnerability reports or other compromising data to be decryptable at a set time in the future. Uses tlock-js and is powered by drand. Messages encrypted with timevault are also compatible with the go tlock library.

Automagically deploys to https://timevault.drand.love

Prerequisites

  • node 16+
  • npm 8+

Quickstart

  • run npm install to install all the dependencies
  • run npm start to run an HTTP server locally serving the UI for encrypting/decrypting your important material

Network

This is currently running against the drand mainnet. Ciphertexts from prior to 22st of March 2023 were using testnet, and as such you may need to replace instances of mainnetClient() with testnetClient() in the code for it to decrypt them.

Deployment

The app is currently deployed on cloudflare, though running the build:githubpages npm script to build it. Github Actions did not allow setting some useful security headers out-of-the-box.

License

This project is licensed using the Permissive License Stack which means that all contributions are available under the most permissive commonly-used licenses, and dependent projects can pick the license that best suits them.

Therefore, the project is dual-licensed under Apache 2.0 and MIT terms:

About

A dead man's switch for full but responsible disclosure of vulnerabilities

Resources

License

Unknown, MIT licenses found

Licenses found

Unknown
LICENSE-APACHE
MIT
LICENSE-MIT

Security policy

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published