R3

module

v0.0.0-...-cd73554 Latest Latest Go to latest Published: Oct 7, 2022 License: GPL-3.0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/stefanovazzocell/R3

Links

Open Source Insights

README ¶

Share links, messages, images and files securely with client side encryption in the browser and a speedy GoLang back-end.

This is the successor to Rocket and LaunchPad.

Read about the threat model and encryption or catch up with the definitions in our docs.

Disclaimer

This is a personal project and a beta product. The encryption was written by me (not a cryptographer) in house and has not yet been reviewed by others. Please, consider the encryption potentially compromised and avoid using Rocket for any serious need.

I spent countless hours doing research on how to securely implement this system but I am by no means qualified to certify their safety. I will commit to ask others with more experience to review the logic behind the encryption.

The server code and front end code also needs more testing and refactoring; this is a beta personal project made for fun.

Idea

A few years back when I created the first version of Rocket I wanted to make a URL Shortener that was fast and that I could host myself. At the time I was concerned with abuse of the service and liability regarding what people would share through it. I was also letting my friends and family use it and I wanted to provide them a reasonable expectation of privacy. Although none of those worries became a reality but at the time I added some encryption based on the shortened link to sleep better at night. This was back in 2015-2016.

Forward to 2017 I decided to redesign the website to make it more usable, allowing sharing (heavily compressed) images and a few more features. This update did improve the encryption too, as computers and phones became more powerful I could perform a few more rounds of hashing. The main problems with this version is that the random link it generated by default (although editable) was quite unusable due to the complexity, the interface was still quite awful, and the encryption was somewhat lacking.

And now in 2020, privacy is treated by too many companies as a joke or a buzzword more than a real requirement for every program and app; although Rocket does not aim to be a solution, it does take an approach of security first and it iterates on what I learn during the previous versions to deliver a safer (read the disclaimer) and better experience for sharing long links, messages, images and even files.

Rocket aims to provide a reasonably secure and private way to share small pieces of information behind a short URL.

Changes

v4.0.0

New UI: An updated UI using a Monokai-based theme. Simple, elegant, with better contrast. New features such as a real-time share storage usage calculator have been implemented.
Omni: The new UI is smart enough to understand if you're sharing a link, a message, or a file without you needing to tell it. Just start typing or drag and drop a file to start sharing.
Folder: You can now share more than one file at the time.
Bigger Shares: Decreased base space required for a single share and increase share size to up to 10MB.
Smaller Footprint: The site is now better compressed and requires less than 17kB (no gzip) of data and loads extremely fast even in the slowest of network.
Better tooling: More Makefiles, html/js/css compression built in, and more.
Go client: A simple client written in Go to create shares without the WebUI.
Rewritten Server: Rewritten and improved server code, fixed bugs, moved some functions to a share library, improved errors logging, and more.
Rewritten JS client: The new JS client has been substantially rewritten and the site is now much more robust to network/server errors.
Tests: Added tests for the server and client library.

v3.1.0

Tweaked encryption: up to 2x more rounds of PBKDF2, simpler hashing, and more (see docs for more details).
Better error handling on expired share and network failure.
Updated dependencies.
[WIP] New Go library to interact with Rocket shares.

v3.0.2

Added detection of unsupported images.
Tweaked CSS file.

v3.0.1

Improved canvas access detection.
Better messaging for unsupported browsers (No JavaScript and no Crypto).
Improved image compression algorithm for better compression performance.
Fix a but that would cause some compression scenarios to fail.

v3.0.0

Fixed "Open Link" button not working on link shares.
Improved privacy/security by deleting the ShareID from the browser history.
Simpler and much faster handling of images/files download.
Minor UI tweaks.

v2.0.0

Uses the Web Crypto API for faster encryption in modern browsers which in turn allows me to perform 5x more rounds of hashing with PBKDF2 and SHA512 compared to the previous version. It also allowed me to write my encryption scheme using lower level primitives.

More asynchronous code allows the page to keep being responsive even when performing operations even during the encryption process.

Now allowing files uploads and images up to 1.5MB.

New - more reasonable - interface. Single page app, no separate create/view pages.

Directories ¶

Path	Synopsis
client
clientgui
clientlib
server
shared

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL