This is an implementation of the client-side component of the
Public Key Directory specification, written in Rust.
See fedi-e2ee/pkd-server-go for the reference implementation of the server-side component written in Go.
The hardest part of designing end-to-end encryption for the Fediverse, as with most cryptography undertakings, is key management. In short: How do you know which public key belongs to a stranger you want to chat with privately? And how do you know you weren't deceived?
Our solution is to use Key Transparency, which involves publishing all public key enrollments and revocations to an append-only ledger based on Merkle trees. This allows for a verifiable, auditable log of all key-related events, providing a strong foundation for trust.
This project, and the accompanying specification, are the result of an open-source effort to solve this problem. You can read more about the project's origins and design philosophy on Soatok's blog, Dhole Moments:
The goal of this library is to expose PKD functionality to the languages implementing fediverse software.
The plan is to use the uniffi crate to expose bindings to the following according to fedi-e2ee/public-key-directory-specification#78
- TypeScript - Misskey, PeerTube, Micro.blog, etc. (Also for browser extensions)
- Ruby - Mastodon (and its many forks), etc.
- Python - Bridgy, Bookworm
- Go - WriteFreely
Furthermore, we can expose Dart, Kotlin and Swift for mobile clients as well.
This leaves the following languages to implement bindings for
- PHP - Pixelfed, Friendica, etc.
- Elixir - Pleroma, Mobilizon, Akkoma, etc.
This project is licensed under the MIT License.