NOTE: This is just a toy project. You shouldn't try to actually use this yet.
Simple image hosting for the paranoid.
Enjoy your placebo software.
- XSalsa20 + Poly1305
- Go 1.5 or newer (for vendoring support)
The entire codebase is licensed under AGPL unless stated otherwise.
Do I have to trust the server?
If you use the web interface
If you only use the CLI client
To not delete your files? Yes. Other than that? No.
Why are you using Salsa20, a stream cipher, to encrypt files?
Because for small files, it really doesn't matter whether you're using a block cipher or a stream cipher. Salsa20 has a really good reputation and is a lot faster than some other ciphers like AES.
Tests done with a 500 KB image (using SJCL for the AES implementation):
salsa20 x 39.49 ops/sec ±0.89% (40 runs sampled) aes-256 x 3.66 ops/sec ±3.44% (14 runs sampled)
They're all true. You can use the included desktop CLI client if you prefer.
The html/css/whatever looks horrible. What's up with that?
Tell me about it.