OpenXrypt is a Chrome extension that provides secure and encrypted communication on social media platforms. It utilizes the OpenPGP encryption standard to help protect the privacy of your communications and ensure the confidentiality of sensitive information.
- Twitter DMs
- Whatsapp Web
Social media platforms have become integral parts of our daily lives, facilitating real-time communication, information sharing, and community building. However, the inherent nature of these platforms often raises concerns regarding user privacy and data security. Unencrypted messages and personal information are susceptible to unauthorized ads and access, potential surveillance and/or data breaches, posing significant risks to individuals and organizations.
OpenXrypt recognizes the critical need for secure communication channels, particularly in an era where privacy violations and data mishandling have become increasingly prevalent. By offering robust encryption capabilities, OpenXrypt aims to empower users to engage in secure conversations, share sensitive information, and express themselves freely without the fear of unauthorized monitoring or interception.
-
End-to-End Encryption: Encrypts messages using OpenPGP to ensure only the sender and recipient can access the content.
-
Automatic Encryption and Decryption: OpenXrypt seamlessly integrates with the compatible platforms, automatically encrypting and decrypting messages using OpenPGP standards, ensuring that sensitive information remains protected during transmission and storage.
-
Group Messages Encryption You can encrypt messages on X and Whatsapp groups by just having all participants public keys registered.
-
Passphrase Management: Users can securely set, reset, and manage their passphrases, enabling them to maintain control over their encryption keys and ensure the confidentiality of their communications.
-
Key Management: OpenXrypt provides a user-friendly interface for adding, editing, and deleting GPG public and private keys, allowing users to manage their encryption keys and those of their contacts with ease.
-
Timeline Obfuscation: OpenXrypt enhances your privacy by obfuscating your timeline, making it hard for algorithms to use your content for AI training or targeted advertising. Your posts will be symmetrically encrypted with a SHA-256 hash of your public key's fingerprint, ensuring your content remains public but more secure.
-
Timeline Encryption: You can use GPG to encrypt messages for your target audience using their public keys and post them on your timeline. This ensures message privacy because no algorithm can identify the recipients who can decrypt and read the messages. By leveraging this method, you can confidently share sensitive information publicly, knowing that only your intended audience can access the message content. Here's how you can do it:
- Encrypt Your Message: Use GPG to encrypt your message with the public keys of your intended recipients. You can use tools like
gpg cli
,Kleopatra
,GPGTools
, among others. - Post the Encrypted Message: Share the encrypted message on your timeline.
- Ensure Privacy: Only the recipients with the corresponding private keys can decrypt and read the message, ensuring that the content remains secure and private.
- Encrypt Your Message: Use GPG to encrypt your message with the public keys of your intended recipients. You can use tools like
- Install Extension: Add OpenXrypt to your Chrome browser.
- Setup Keys:
- Add GPG (armored) public keys for your contacts.
- Add GPG (armored) your own private key for decryption ** - recommend ECC-25519 bc size&speed**
- Tip for for beginners: to create your keys, use an app like Kleopatra on Linux & Windows or GPGTools on a Mac
- Encrypt & Decrypt:
- Encrypt: Select text in a direct message and click the "Encrypt" button in the popup.
- Decrypt: Encrypted messages will be automatically decrypted and replaced with readable text.
- Clone the repository or download the ZIP:
git clone https://github.com/eddieoz/openxrypt.git
- Open the Chrome Extensions page by navigating to
chrome://extensions/
. - Enable "Developer mode" using the toggle switch.
- Click "Load unpacked" and select the cloned/downloaded
openxrypt
folder. - Close and reopen the browser to correctly load the extension.
- Manage Public Keys: Add and delete public keys for your contacts.
- Manage Private Keys: Add, delete, and use your private key to decrypt messages.
- View Fingerprints: Easily view the GPG fingerprint for each key.
- All keys are managed locally.
- It is recommended to create a new private key for messaging purposes.
- Open the Manage Keys section via the popup.
- Enter the X handle and paste the contact's public key.
- For Whatsapp Web, enter the mobile number ex. 552134562938 and the contact's public key
- Click Add Key.
- Enter your X handle and paste your private key.
- For Whatsapp Web, enter your mobile number ex. 552134562938 and paste your private key.
- Click Add Private Key.
- Go and DM one of your contacts that you have already added a public key (from Messages left menu)
- Write a message
- Click the Encrypt button.
- The selected text will be encrypted and replaced.
- Send the message on X.
- Just write your post, click on Encrypt button.
- Send the message on X.
Encrypted messages will be automatically decrypted on the X website.
If you want to try, drop me a DM on X. Just add @eddieoz
and the pubkey below.
-----BEGIN PGP PUBLIC KEY BLOCK-----
xjMEZj4wahYJKwYBBAHaRw8BAQdAFYhu0HUpfn3Iku+KFGghJdYB1HefU4cB
F5u2rhmI5NfNHEVkZGllT3ogKHVzZWQgZm9yIE9wZW5YcnlwdCnCrQQTFggA
PhYhBBOCHcMytdy4w1uDNtbLM3XlJgVNBQJmPjBqAhsDBQkB4TOABQsJCAcC
BhUKCQgLAgQWAgMBAh4BAheAACEJENbLM3XlJgVNFiEEE4IdwzK13LjDW4M2
1sszdeUmBU0pKwD9EgovnDI7yVZXmSKZlFgl3VZl2tDnw1EgIoEG9Qt+v/QB
AI0dIlX3J7IZrccUWPcRcOU3V9Jb6hMeChkd3tUKlOMPzjgEZj4wahIKKwYB
BAGXVQEFAQEHQKfhytNbWHaSneg613gh/nA/wA+IcuKiuszsPHJ8kSswAwEI
B8KVBBgWCAAmFiEEE4IdwzK13LjDW4M21sszdeUmBU0FAmY+MGoCGwwFCQHh
M4AAIQkQ1sszdeUmBU0WIQQTgh3DMrXcuMNbgzbWyzN15SYFTXQAAP4jOFzK
MjdyS8Sw//1pD1Sle329OCU+bW1gh96m0fErzgEA+GkFAcH5XkELMDy6CUHF
fPpU+z70EKFF+IXjY6nm9QY=
=JhSM
-----END PGP PUBLIC KEY BLOCK-----
- Clone the repository.
- Install the extension using the steps in the Installation section.
- Make changes and reload the extension.
- Fork the repository and clone to your local environment.
- Create a new feature branch.
- Commit your changes with clear messages.
- Push your feature branch and submit a PR.
- Encrypted public timeline posts ('maybe' use symmetric encryption with X handle, just to keep it fuzzy).
- Extend the extension to cover more web messengers like Telegram web, and others.
- Try newer algorithms like NaCL + Chacha20 to increase performance. Study the trade-offs.
- It does not encrypt images and emojis
- Can't encrypt messages for a group yet
- Can't encrypt messages in timeline
- Limited use of cryptography through opengpg yet.
This project is licensed under the MIT License.
-
How does OpenXrypt handle my passphrase?
The passphrase is securely stored in session storage and only for the current browser session.
-
Can I use OpenXrypt with other platforms?
Currently, OpenXrypt is optimized for X direct messages and Whatsapp Web, but can be extended to other platforms.
-
Is my data stored online?
No, OpenXrypt stores encryption keys locally in your browser's storage.
For further queries, reach out via GitHub Issues.
Feel free to ask for more questions or specific edits!
Did you like it? Buy me a coffee
Or drop me a tip through Lightning Network: ⚡ zbd.gg/eddieoz