FOKS – The Federated Open Key Service
10 months ago
- #encryption
- #security
- #git-hosting
- FOKS provides secure, end-to-end encrypted Git hosting with data encrypted before sending to the server.
- It uses modern PQ-secure public-key cryptography to protect against quantum attacks.
- FOKS implements Git atop an encrypted key-value store, allowing storage of strings or large files.
- Features a federated team management system supporting complex team topologies and cross-server teams.
- Device management includes YubiKey support and cascading key-rotation upon device revocation.
- Uses a key hierarchy with base-level keys, per-user keys (PUKs), and per-team keys (PTKs).
- Employs signature chains and Merkle Trees to prevent server tampering and ensure data integrity.
- Focuses on simple, hardened cryptography, avoiding complex schemes like VRFs or SNARKs.
- Open-source under MIT license, with no vendor lock-in, supporting federation like email or the web.
- Easy installation via package managers (Chocolatey, Homebrew, apt, dnf) or static binaries.
- Future directions include encrypted SQL, calendar, and more, with community-driven development.