What's built,
what's next,
what's not planned.
Siphr is being built in the open. This page tracks the work against the cryptographic claims on the rest of the site. If a claim isn't shipped yet, it's markedplannedand tied to a phase below. No vapor.
Sign up, generate a real keypair, push from git, file issues + PRs, run an org.
HTTPS git push + PAT auth, server-side at-rest encryption for private repos, server sessions, issues / PRs / releases, orgs + RBAC, a mobile shell, and the dogfood site serving its own source. The external crypto audit is the next bar — see below.
↳ source · github.com/VisualActions/Siphr
Crypto, identity, and a place to put things
The cryptographic plumbing is real. Object writes go to Supabase; the server holds public material only.
- ✓WebCrypto identity: P-256 ECDH keypair generated client-side
- ✓Passphrase-wrapped private key (PBKDF2-SHA256 · 600k iter · AES-GCM)
- ✓Stable public-key fingerprints (SHA-256 of canonical JWK)
- ✓Repo-key wrap/unwrap (ECDH + AES-GCM)
- ✓Per-object AES-256-GCM with fresh nonce
- ✓Postgres schema (users / repos / refs / objects) via Supabase
- ✓Signup flow that actually wraps your private key locally
- ✓Dashboard reads /api/users + /api/repos (real data)
- ✓Cross-device sign-in via encrypted identity blob
The first real commit, end-to-end encrypted in the tab
The repo-create UI generates a fresh AES-256 repo key in the browser, wraps it to your public key, and stores ciphertext only. The empty-repo page is a real working in-browser editor.
- ✓/repos/new matches artboard 08 (step rail, name-availability, segmented visibility)
- ✓Toggle grid for commits/branches/issues/filenames + rotation cadence
- ✓Live server-view preview updates as toggles flip
- ✓isomorphic-git over Lightning FS in the browser
- ✓In-browser file editor with a working commit button
- ✓Folder drop via File System Access API · default-skip .git/.env/node_modules/
- ✓Each loose object encrypted with the repo key before PUT
- ✓Refs advance server-side after the upload finishes
- ✓/admin operator console + /featured curation
git clone + git push for public repos · v0.4 includes a private-repo helper
Smart-HTTP discovery returns 403 for private today; v0.3 implements the real upload-pack + receive-pack for public repos so plain `git push` works end-to-end. v0.4 ships a native helper for private.
- ○Smart-HTTP upload-pack (real packfile streaming) for public repos
- ○Smart-HTTP receive-pack with object validation for public repos
- ○File browser hooked to real objects (currently only public-repo tree is real)
- ○Amend / multi-commit support in the browser editor
- ○Native siphr-helper binary · intercepts plain push for private repos
- ○Per-commit signing with Ed25519 keys (separate keypair from the ECDH one)
~/.ssh.More than one key per repo
The wrap-to-recipient primitives worked for one person; this phase shipped them for multi-collaborator repos and the painful case (revocation).
- ✓Invite by public-key fingerprint · pending-invite accept/decline handshake
- ✓Wrap repo key to each accepted collaborator (repo_recipients · client-side)
- ✓Revoke → flag rotation → client mints a fresh DEK and re-wraps recipients
- ✓Issues / PRs / comments with encrypted bodies at rest (per-repo DEK)
- ✓Ed25519 signing keys + server-side signature verification
- ✓Web of trust: signed cross-attestation of another fingerprint
Make 'verify, don't trust' actually verifiable
A privacy product without verifiable claims is just a sticker. This phase shipped the things that turn the marketing page into evidence.
- ✓Recovery codes (10-word phrase) generated at signup · second wrap of the private key
- ✓Public-key transparency log · append-only · sha256 hash-chained · re-derivable
- ✓/transparency wired to real counts (repos, keys, objects, audit, log chain)
- ✓Per-repo audit log of key-events (push, ref move, grant, rotate)
- ✓AGPL-3.0 license committed at the repo root
- ○Reproducible build pipeline · published build hash · external reproducers
Doors open. Audit still pending.
1.0 cut with the full forge — push, issues, PRs, releases, orgs, RBAC, sessions, mobile, dogfood serving itself. The external crypto audit is the next bar; we'd rather ship with an honest 'audit pending' label than wait for a perfect ribbon-cutting.
- ✓Server sessions (scrypt-hashed passphrases · 30-day cookie · revoke list)
- ✓Production hardening — security headers, rate-limit, RLS on user tables
- ✓HTTPS git push + PAT auth · per-object PUT bypass for large dogfood pushes
- ✓Server-side at-rest encryption for private repos (AES-256-GCM · master-key wrap)
- ✓Issues, PRs, releases — fast-forward merge, comment threads, per-repo numbering
- ✓Orgs + teams + RBAC (read / write / maintain / admin)
- ✓Mobile-responsive shell (phones can sign in, browse, file issues)
- ✓siphr.dev/siphr/siphr — Siphr hosting Siphr's source
- ✓Operator console live (real fleet metrics · verify/feature actions · transparency chain)
- ✓BYOK per-org master key · wrapped to the platform key, never stored bare
- ✓Binary release assets via Vercel Blob (client-direct upload + integrity hash)
- ✓Amend + multi-commit browser editor (parent-tree materialization)
- ✓/status page with live server-side health checks · /bounty program page
- ○External crypto + threat-model audit (the bar — not yet booked)
- ○Public bug bounty payouts (program + scope published on /bounty)
- ○Pricing committed (free for public + 1 private; paid for orgs)
The things that come after a launch worth caring about
Deliberately listed last. None of these matter if v0.4–v0.8 aren't real.
- ○Native git helper (encrypts on push) · community could ship this earlier
- ○Mobile-friendly browse (read-only first)
- ○GitHub mirror import · 'send my embargoed branch to Siphr' flow
- ○Webhooks (signed, scoped to public-key holders only)
- ○Org accounts with key-hierarchy (admin keys delegate to repo keys)
- ○Languages other than English in the UI
- ✗SSH transport — not planned · keys live in the browser, not ~/.ssh
- ✗Federated forge protocol (ForgeFed) — deferred · not enough adopters yet
- ✗AI-anything — out of scope on purpose · 'we can't read it' includes us
The deliberate absences.
Private keys live in the browser. We don't want a copy in ~/.ssh — that would double the attack surface for no security gain.
If we could reset your access by email, we could be compelled to. The whole pitch breaks. Recovery codes only.
The server holds ciphertext. Searching it is impossible without a key — by design. Search is client-side.
'We can't read it either' has to include us. Inference-time access is reading.
Try the scaffold.
Sign up. Make a repo. Lose your passphrase on purpose and confirm we can't recover it. File issues.
Audit the crypto.
lib/crypto.ts is ~280 lines. Read it. Tell us what's wrong. The threat model wins from being wrong loudly and early.
Build it yourself.
When v0.8 ships, we'll publish a build hash. Until then: clone, build, diff. Any mismatch is interesting.