Keyhive
7 hours ago
- #local-first
- #decentralization
- #access-control
- Keyhive is a project exploring local-first access control for secure collaboration.
- It aims to provide secure collaboration guarantees similar to private chat but for any local-first application.
- Keyhive rethinks access control mechanics without relying on a central server, focusing on user experience.
- The project addresses challenges like concurrent access control, revocation, and edge cases in decentralized systems.
- Keyhive uses convergent capabilities, a group management CRDT, and E2EE with causal keys for secure access control.
- BeeKEM is introduced as a Continuous Group Key Agreement protocol for Keyhive, providing forward secrecy and post-compromise security.
- Keyhive's design excludes user identity, leaving it to future layers, and focuses on decentralized and secure access control.
- The project emphasizes performance, aiming to handle thousands of documents, millions of readers, and hundreds of admins.
- Keyhive's sync protocol, Beelay, is designed for encrypted data transfer, ensuring confidentiality and authentication.
- The project is in pre-alpha, with early code releases for core libraries, but not yet ready for production use.