├── .gitignore
├── .gitmodules
├── LICENSE
├── README.md
└── protocol.pdf
/.gitignore:
--------------------------------------------------------------------------------
1 | *.DS_Store
--------------------------------------------------------------------------------
/.gitmodules:
--------------------------------------------------------------------------------
1 | [submodule "web-client"]
2 | path = web-client
3 | url = git@github.com:blindnet-io/blindsend-web-client.git
4 | branch = main
5 | [submodule "server"]
6 | path = server
7 | url = git@github.com:blindnet-io/blindsend-server.git
8 | branch = main
9 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2020-2022 blindnet, Inc.
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 |
2 | blindsend
3 |
4 |
5 |
6 |
7 | 
8 | 
9 |
10 |
11 |
12 |
13 | End-to-end encrypted file sharing
14 |
15 |
16 |
17 |
18 | Web client
19 | •
20 | Server
21 | •
22 | Submit an Issue
23 |
24 |
25 |
26 |
27 | ## About
28 |
29 | blindsend is an open source tool for private, [end-to-end encrypted](https://en.wikipedia.org/wiki/End-to-end_encryption) file exchange.
30 |
31 | It supports two use cases - [sharing files](https://github.com/blindnet-io/blindsend#sharing-files) and [requesting files](https://github.com/blindnet-io/blindsend#requesting-files).
32 |
33 | You can find the protocol description in the [protocol.pdf](./protocol.pdf) file.
34 |
35 | A demo can be found on https://blindsend.io.
36 |
37 | ## Sharing files
38 |
39 | You will start by uploading files and obtaining a link to download. You can then share the link with anyone and they will be able to download the files.
40 |
41 | We call this the **Share file** use case.
42 |
43 | If you are sharing the link via an unsecure channel like facebook messenger, a password can be set to additionally improve the security. You should share the password using a different secure channel, for example, in person.
44 |
45 | ## Requesting files
46 |
47 | If you need someone to send you a file, you will generate a request link and send it to that person. They will open the link and upload the requested files, after which you can access the same link to download the files.
48 |
49 | We call this the **Request file** use case.
50 |
51 | Similar to the [sharing files](https://github.com/blindnet-io/blindsend#sharing-files) use-case, you can set a password which needs to be input again when downloading files.
52 |
53 | This use-case is suitable for various professional services, such as doctors asking for blood results or a lawyer asking for a subpoena.
54 | Traditionally, those documents were shared using an insecure channel such as email.
55 |
56 | ## Architecture
57 |
58 | Blindsend consists of four parts:
59 | 1. [Server](https://github.com/blindnet-io/blindsend-server), which provides the REST API for managing file exchange workflows.
60 | 1. [Web UI](https://github.com/blindnet-io/blindsend-web-client), which handles encryption and decryption of files on agents' local machines, and provides a web client.
61 | 1. [Cloud Storage](https://cloud.google.com/storage) on the [Google Cloud platform](https://cloud.google.com/) where the encrypted files are stored.
62 | 1. [PostgreSQL](https://www.postgresql.org/) where link data is stored.
63 |
64 | ## Security
65 |
66 | Files uploaded to blindsend are encrypted using an [end-to-end encrypted](https://en.wikipedia.org/wiki/End-to-end_encryption) protocol, meaning neither blindsend nor any third party can decrypt them.
67 |
68 | Only the persons possessing the link (and an optional password) can decrypt the files.
69 | It is important to share the link using an authenticated channel, meaning the link wasn’t changed during the transfer and the other party receives the same link you sent them.
70 | If the channel is not secure, a password can be set to prevent the third party from decrypting the files.
71 |
72 | To keep sensitive information away from the blindsend servers, links use the [URL fragments](https://en.wikipedia.org/wiki/URI_fragment). They are the parts of the URL after the # symbol which are not sent to the server when the URL is opened in the browser.
73 |
74 | Protocol diagrams are coming soon!
75 |
76 | ## Considerations
77 |
78 | 1. Currently, the files are deleted after 7 days.
79 | - Add the option to set custom file expiration date.
80 | - File deletion policy can be based on the number of times the file was opened.
81 | 1. Specify your email address to receive the access logs.
82 | 1. Specify another user’s email address who will receive a link.
83 |
84 | ## Current status
85 |
86 | blindsend is under development by a team of software engineers at [blindnet.io](https://blindnet.io) and several independent cryptography experts.
87 |
88 | ## Community
89 |
90 | > All community participation is subject to blindnet’s [Code of Conduct][coc].
91 |
92 | Stay up to date with new releases and projects, learn more about how to protect your privacy and that of our users, and share projects and feedback with our team.
93 |
94 | - [Join our Slack Workspace][chat] to chat with the blindnet community and team
95 | - Follow us on [Twitter][twitter] to stay up to date with the latest news
96 | - Check out our [Openness Framework][openness] and [Product Management][product] on Github to see how we operate and give us feedback.
97 |
98 | ## License
99 |
100 | The blindsend-server is available under [MIT][license] (and [here](https://github.com/blindnet-io/openness-framework/blob/main/docs/decision-records/DR-0001-oss-license.md) is why).
101 | You are free to deploy your own instances. Contact us if you need any help at _blindsend@blindnet.io_
102 |
103 |
104 | [new-issue]: https://github.com/blindnet-io/blindsend/issues/new/choose
105 | [fork]: https://github.com/blindnet-io/blindsend/fork
106 |
107 |
108 | [openness]: https://github.com/blindnet-io/openness-framework
109 | [product]: https://github.com/blindnet-io/product-management
110 | [request]: https://github.com/blindnet-io/devrel-management/issues/new?assignees=noelmace&labels=request%2Ctriage&template=request.yml&title=%5BRequest%5D%3A+
111 | [chat]: https://join.slack.com/t/blindnet/shared_invite/zt-1arqlhqt3-A8dPYXLbrnqz1ZKsz6ItOg
112 | [twitter]: https://twitter.com/blindnet_io
113 | [docs]: https://blindnet.dev/docs
114 | [changelog]: CHANGELOG.md
115 | [license]: LICENSE
116 | [coc]: https://github.com/blindnet-io/openness-framework/blob/main/CODE_OF_CONDUCT.md
117 |
--------------------------------------------------------------------------------
/protocol.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/blindnet-io/blindsend/87a6bd03fb0d8d885c32983e85c0886ad8f2e764/protocol.pdf
--------------------------------------------------------------------------------