Keyhive: Coordination-Free Access Control for Local-First Apps.

Contributor(s)

Abstract

The local-first model eliminates the need for centralised cloud servers, which changes the economics of building & maintaining software (helping scale both up to large orgs and down to individuals), but had no strong security or privacy story that preserved these properties. In this talk, I will discuss Keyhive, a project my team developed at Ink & Switch. Keyhive opens new use cases for individuals, journalists, activists, and marginalised groups to control their software and not worry about their communications being at the whims of single cloud hosts. This talk will touch on the following: * Why local-first and privacy tech are a very nice fit, but also why this is hard / only explored recently * Convergent capabilities: a novel capability auth system * BeeKEM: our MLS-like key agreement that lifts MLS's central server requirement