Comment by π satch
Re: "Lagrange is *seriously* impressive. Once I can syncβ¦"
@skyjake here's a sync proposal:
Anyone can run a public server which provides a sync service to users. The server has some kind of endpoint which you can configure clients to use for sync. Server uses gemini and titan to send and receive updates.
File transfer can be end to end encrypted with a one time key transfer between devices during setup.
Is that too sophisticated for your liking? I have more thoughts on how this could be done well but I understand if you think it's overkill.
2025-02-05 Β· 1 year ago
2 Later Comments β
π skyjake [...] Β· 2025-02-05 at 13:28:
@daruma @satch Ideally the sync system would work without any additional dependencies. Using Titan and Gemini requests would be ideal, I suppose.
Both self-hosted and public sync servers are justified. Especially in the latter case, encrypting all data stored on the server using a client-provided key seems mandatory. The server operator ideally wouldn't be able to access the clear data at all, for privacy and security. I have some thoughts how you'd do incremental sync updates and merges like this, but it starts getting complicated. Also remember, there is more data than just bookmarks and identities (navigation history == subscription read status, maybe open tabs, snippets, site settings, trusted server certs).
π satch Β· 2025-02-05 at 17:33:
@skyjake we're thinking along the same lines here.
Each user has:
- Master key (MK) used to encrypt/decrypt bookmark data.
- Public/Private Key Pair (PK, SK) for device authentication & key exchange.
Data is encrypted using AES-GCM or XChaCha20-Poly1305 for better nonce security.
When a new device is added, the existing device shares the Master Key encrypted with the recipient deviceβs public key.
All the server needs is a way to associate different public keys from different devices with one set of data. It would be nice to avoid usernames but that's one simple solution.
Original Post
Lagrange is *seriously* impressive. Once I can sync bookmarks and certs easily between clients it'll be near perfect.