Skip to content

eddieoz/openxrypt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

81 Commits

fonts

fonts

 
 

imgs

imgs

 
 

lib

lib

 
 

src

src

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

manifest.json

manifest.json

 
 

Repository files navigation

OpenXrypt: Secure and Private Direct Messaging for Social Media

OpenXrypt is a Chrome extension that provides secure and encrypted communication on social media platforms. It utilizes the OpenPGP encryption standard to help protect the privacy of your communications and ensure the confidentiality of sensitive information.

Compatible Platforms

  • Twitter DMs
  • Whatsapp Web

The Importance of Secure Communication

Social media platforms have become integral parts of our daily lives, facilitating real-time communication, information sharing, and community building. However, the inherent nature of these platforms often raises concerns regarding user privacy and data security. Unencrypted messages and personal information are susceptible to unauthorized ads and access, potential surveillance and/or data breaches, posing significant risks to individuals and organizations.

OpenXrypt recognizes the critical need for secure communication channels, particularly in an era where privacy violations and data mishandling have become increasingly prevalent. By offering robust encryption capabilities, OpenXrypt aims to empower users to engage in secure conversations, share sensitive information, and express themselves freely without the fear of unauthorized monitoring or interception.

Key Features

  • End-to-End Encryption: Encrypts messages using OpenPGP to ensure only the sender and recipient can access the content.
  • Automatic Encryption and Decryption: OpenXrypt seamlessly integrates with the compatible platforms, automatically encrypting and decrypting messages using OpenPGP standards, ensuring that sensitive information remains protected during transmission and storage.
  • Group Messages Encryption You can encrypt messages on X and Whatsapp groups by just having all participants public keys registered.
  • Passphrase Management: Users can securely set, reset, and manage their passphrases, enabling them to maintain control over their encryption keys and ensure the confidentiality of their communications.
  • Key Management: OpenXrypt provides a user-friendly interface for adding, editing, and deleting GPG public and private keys, allowing users to manage their encryption keys and those of their contacts with ease.

Screenshots

Popup Manage pubkeys Manage privkeys Show pubkey

How It Works

  1. Install Extension: Add OpenXrypt to your Chrome browser.
  2. Setup Keys:
    • Add GPG (armored) public keys for your contacts.
    • Add GPG (armored) your own private key for decryption ** - recommend ECC-25519 bc size&speed**
      • Tip for for beginners: to create your keys, use an app like Kleopatra on Linux & Windows or GPGTools on a Mac
  3. Encrypt & Decrypt:
    • Encrypt: Select text in a direct message and click the "Encrypt" button in the popup.
    • Decrypt: Encrypted messages will be automatically decrypted and replaced with readable text.

Getting Started

Installation

  1. Clone the repository or download the ZIP: 
    git clone https://github.com/eddieoz/openxrypt.git
  2. Open the Chrome Extensions page by navigating to chrome://extensions/.
  3. Enable "Developer mode" using the toggle switch.
  4. Click "Load unpacked" and select the cloned/downloaded openxrypt folder.
  5. Close and reopen the browser to correctly load the extension.

Key Management

  • Manage Public Keys: Add and delete public keys for your contacts.
  • Manage Private Keys: Add, delete, and use your private key to decrypt messages.
  • View Fingerprints: Easily view the GPG fingerprint for each key.
  1. All keys are managed locally.
  2. It is recommended to create a new private key for messaging purposes.

Public Key Management

  1. Open the Manage Keys section via the popup.
  2. Enter the X handle and paste the contact's public key.
    • For Whatsapp Web, enter the mobile number ex. 552134562938 and the contact's public key
  3. Click Add Key.

Private Key Management

  1. Enter your X handle and paste your private key.
    • For Whatsapp Web, enter your mobile number ex. 552134562938 and paste your private key.
  2. Click Add Private Key.

How to Encrypt and Decrypt Messages

Encrypt Text

  1. Go and DM one of your contacts that you have already added a public key (from Messages left menu)
  2. Write a message
  3. Selected the entire messade (CTRL + A or CMD + A)
  4. Open the OpenXrypt popup by clicking the extension icon.
  5. Click the Encrypt button.
    • The selected text will be encrypted and replaced.
  6. Send the message on X.

Automatic Decryption

Encrypted messages will be automatically decrypted on the X website.

My pubkey

If you want to try, drop me a DM on X. Just add @eddieoz and the pubkey below.

-----BEGIN PGP PUBLIC KEY BLOCK-----

xjMEZj4wahYJKwYBBAHaRw8BAQdAFYhu0HUpfn3Iku+KFGghJdYB1HefU4cB
F5u2rhmI5NfNHEVkZGllT3ogKHVzZWQgZm9yIE9wZW5YcnlwdCnCrQQTFggA
PhYhBBOCHcMytdy4w1uDNtbLM3XlJgVNBQJmPjBqAhsDBQkB4TOABQsJCAcC
BhUKCQgLAgQWAgMBAh4BAheAACEJENbLM3XlJgVNFiEEE4IdwzK13LjDW4M2
1sszdeUmBU0pKwD9EgovnDI7yVZXmSKZlFgl3VZl2tDnw1EgIoEG9Qt+v/QB
AI0dIlX3J7IZrccUWPcRcOU3V9Jb6hMeChkd3tUKlOMPzjgEZj4wahIKKwYB
BAGXVQEFAQEHQKfhytNbWHaSneg613gh/nA/wA+IcuKiuszsPHJ8kSswAwEI
B8KVBBgWCAAmFiEEE4IdwzK13LjDW4M21sszdeUmBU0FAmY+MGoCGwwFCQHh
M4AAIQkQ1sszdeUmBU0WIQQTgh3DMrXcuMNbgzbWyzN15SYFTXQAAP4jOFzK
MjdyS8Sw//1pD1Sle329OCU+bW1gh96m0fErzgEA+GkFAcH5XkELMDy6CUHF
fPpU+z70EKFF+IXjY6nm9QY=
=JhSM
-----END PGP PUBLIC KEY BLOCK-----

Setup for Development

  1. Clone the repository.
  2. Install the extension using the steps in the Installation section.
  3. Make changes and reload the extension.

Contribution Guidelines

  • Fork the repository and clone to your local environment.
  • Create a new feature branch.
  • Commit your changes with clear messages.
  • Push your feature branch and submit a PR.

To-do

  • Encrypted public timeline posts ('maybe' use symmetric encryption with X handle, just to keep it fuzzy).
  • Extend the extension to cover more web messengers like Telegram web, and others.
  • Try newer algorithms like NaCL + Chacha20 to increase performance. Study the trade-offs.

Known limitations

  • It does not encrypt images and emojis
  • Can't encrypt messages for a group yet
  • Can't encrypt messages in timeline
  • Limited use of cryptography through opengpg yet.

License

This project is licensed under the MIT License.

FAQs

  1. How does OpenXrypt handle my passphrase?

    The passphrase is securely stored in session storage and only for the current browser session.

  2. Can I use OpenXrypt with other platforms?

    Currently, OpenXrypt is optimized for X direct messages and Whatsapp Web, but can be extended to other platforms.

  3. Is my data stored online?

    No, OpenXrypt stores encryption keys locally in your browser's storage.

Contact

For further queries, reach out via GitHub Issues.

Feel free to ask for more questions or specific edits!

Buy me a coffee

Did you like it? Buy me a coffee

Buy me a coffee

Or drop me a tip through Lightning Network: ⚡ zbd.gg/eddieoz

About

OpenXrypt: Secure and Private Direct Messaging for Social Media

Topics

chrome-extension security automation privacy social-media extension twitter messenger gpg chrome-extensions gpg-encryption security-tools privacy-enhancing-technologies privacy-protection privacy-tools extension-chrome

Resources

Readme

License

MIT license
Activity

Stars

27 stars

Watchers

3 watching

Forks

7 forks
Report repository

Releases

12 tags

Packages

No packages published

Contributors 2

Languages