From:

To:

Primitive public key encryption for any platform using emoji

WARNING

I am not a security expert, this project does not use best practices and this is not a replacement for Signal/Matrix/etc. Messages are encrypted, but the chance of them leaking one way or another is probably higher than twitter DMs. Do not send customer SSNs over emj.wtf. Do not admit to felonies using emj.wtf.

Instructions

This app only handles encrypting and decrypting messages. Sending encrypted messages is done on the social media or messaging platform of your choice.

  1. Generate a public/private key pair
  2. Share your public key
  3. Import a friend's public key
  4. You can now encrypt messages to them and decrypt messages from them

You can download a backup of your private keys and all imported public keys to use the same keys on multiple devices. Backups are encrypted, but the encryption is only as strong as the password you use. Uploading a backup will not remove keys you've already generated/imported unless the backup contains different keys with the same name.

How it works

Diffie–Hellman key exchange is used so public keys and messages can be short enough to fit in a single Bluesky post or tweet. All cryptography is done with the browser's native crypto support.


Messages and keys are split into blocks and base conversion is used to turn each block into a sequence of emoji. The first emoji of each emoji sequence indicates the sequence type (📢 for public key, 📬 for message, etc). The next is a checksum. For messages, the following two are the checksums for the senders and receiver's public keys. Following that is the actual data.


Source code