Part I: Understanding and Creating Cryptographic Identities. All with MIT licensed Open Source code, and that works right in the browser with realtime updates? Then you’ve come to the right spot. First, watch these 1 minute explainer videos on how cryptography works: Second, thanks to the work of on the SEA framework (Security, Encryption, Authorization), your app will use the latest native Web Crypto API for all the functions explained in the above video series — like ECDSA, PBKDF2, AES, and more. Here is a demo of it working in action: @mhelander To get started building your app, just include SEA in your app: <script src="https://cdn.jsdelivr.net/npm/gun/gun.js"></script><script src="https://cdn.jsdelivr.net/npm/gun/lib/cryptomodules.js"></script><script src="https://cdn.jsdelivr.net/npm/gun/sea.js"></script> Note: If the CDN becomes compromised, your app could be hacked, consider Electron-ifying your app to remove any hosts. Also, _lib/cryptomodules_ name will change in the future, you'll need to keep your app up to date. Now in your javascript, you instantiate gun and and reference your user: var gun = Gun();var user = gun.user(); To create a cryptographic identity backed by a public/private key-pair (see the video explainer), just do: // Browser Native Web Crypto API used to PBKDF2 extend password.user.create('alice', 'unsafepassword', function(ack){// done creating user!}); Once you have created a user, you can log them in with: // Browser Native Web Crypto API used to PBKDF2 extend password.user.auth('alice', 'unsafepassword', function(ack){// logged in!}); Finally, you can then save data to the account that nobody else can write to: var alice = {name: "Alice"};alice.boss = {name: "Fluffy", species: "Kitty", slave: alice};user.get('profile').put(alice); When it is stored on disk or sent over the wire, it uses cryptographic signatures (see the video explainer), to secure the account and data without relying upon any trusted servers! And then when you use to read the data, it automatically verifies and decrypts the data for you: GUN user.get('profile').get('boss').get('slave').get('name').val(data =>console.log("The boss's slave's name is:", data); // Alice); Try running it yourself in a ! Codepen Now that you have P2P identities, you can combine it with the logic from the , to create a list of tweets from the user. 5min interactive ToDo app tutorial We’ll go over how to do this in Part II. As for now, realize and play with the mind-blowing idea that you now have secure user accounts, without any centralized or federated servers to authorize them! Follow us on while we kill Twitter, or read about , or to improve this article, and don’t forget to share! Twitter how future social networks will work make a PR
