Sentc documentation

Sentc documentation

Encryption and group/user management sdk

Quick Start → Try it out

Easy-to-use encryption with post quantum cryptography

Create secure applications with just a few lines of code and post quantum algorithm.

Group management

Create groups where every member can encrypt content for all other members.

User management

Register and securely log in users with ease. Optional adding Multi-factor authentication via Totp.

Key rotation

Renew the keys while still using the old ones.

Queryable encryption

Search or query sorted content without decrypting it, with searchable and sortable encryption.

Encrypted files

Handle large files in groups. Encryption + upload / download + decryption for every group member.


Easy to install:

npm install @sentclose/sentc
yarn add @sentclose/sentc

Easy to use, installed or in the browser:

import Sentc from "@sentclose/sentc";

//init the javascript client
await Sentc.init({
    app_token: "5zMb6zs3dEM62n+FxjBilFPp+j9e7YUFA+7pi6Hi"  // <-- your app token
});

//register a user
await Sentc.register("username", "password");

//login a user, ignoring possible Multi-factor auth
const user = await Sentc.login("username", "password", true);

//create a group
const group_id = await user.createGroup();

//load a group. returned a group obj for every user.
const group = await user.getGroup(group_id);

//encrypt a string for the group
const encrypted_string = await group.encryptString("hello there!");

//now every user in the group can decrypt the string
const decrypted_string = await group.decryptString(encrypted_string);
			
console.log(decrypted_string);  //hello there!
<!DOCTYPE html>
<html lang="en">
<head>
    <title>Sentc example</title>
</head>
<body>
    <script src="https://cdn.jsdelivr.net/npm/@sentclose/sentc/dist/sentc.min.js"></script>

    <script>
        //init the wasm
        const sentc = window.Sentc.default;

        async function run() {
            //use your public token as the app token.
            // if a user is already logged in, this function will return the logged-in user
            await sentc.init({
                app_token: "5zMb6zs3dEM62n+FxjBilFPp+j9e7YUFA+7pi6Hi"
            });
			
            //now you are ready to go
            //register a user:
            await sentc.register("username", "password");

			//login a user, ignoring possible Multi-factor auth
            const user = await sentc.login("username", "password", true);
			
            //create a group
            const group_id = await user.createGroup();
			
            //load a group. returned a group obj for every user.
            const group = await user.getGroup(group_id);
			
            //encrypt a string for the group
            const encrypted_string = await group.encryptString("hello there!");
			
            //now every user in the group can decrypt the string
            const decrypted_string = await group.decryptString(encrypted_string);
			
            console.log(decrypted_string);  //hello there!
        }
		
        run();
    </script>
</body>
</html>

Limitations

The protocol is designed for async long-running communication between groups.

  • A group member should be able to decrypt the whole communication even if they joined years after the beginning.
  • Group member should get decrypt all messages even if they were offline for years.

The both requirements make perfect forward secrecy impossible. See more at the Protocol how we solved it.

In Browser encryption

  • Make sure to protected your app against XSS attacks. The data is encrypted and can't be checked on the server. XSS attacks can also leak the private keys!
  • If you are using a CDN, make sure that the CDN will not inject malicious code that could leak information instead of your original code.
  • In the browser we are using the indexed db to store the keys and the files. The db has only 2 gb of space. If the user needs to download larger files try to use a native app instead of the browser.

Contact

If you want to learn more, just contact me contact@sentclose.com.