↳ /transparency · updated continuously

Verify. Don't trust.

Every privacy claim Siphr makes is something you can check yourself. This page is the machine-readable version of that promise. Open a terminal; nothing on the next page is asked to be taken on faith.

↓ View on GitHub Threat model Subscribe to log changes

✓

last build verified

siphr.dev is serving the same code on this page.

verified · just now

by independent reproducers (cli)

re-run verification

commit · main · HEADbuild hash · sha256:reproduciblelicense · agpl-3.0

artifact · 01

verifying live

The source you can run is the source we ship

The build hash on siphr.dev matches the one produced from a clean checkout of this commit, on your own machine.

$ git clone github.com/VisualActions/Siphr && npm run build

✓ build artifacts match siphr.dev

↳ reproducible via Next.js build · same dependency lockfile

artifact · 02

verifying live

The server only stores ciphertext

Hit any object endpoint with a fresh session. Decryptors are client-side; the responses contain no plaintext for private repos.

$ curl /api/repos/{id}/objects/{oid}

objects · encrypted · plaintext readable · 0 bytes

↳ private-repo endpoints return AES-256-GCM ciphertext

artifact · 03

verifying live

Public keys are stored per-user, never shared

Every public key Siphr accepts is bound to a username. The encrypted identity blob is uploaded once and never re-derived server-side.

$ curl /api/users/{username}

{ publicKeyJwk, fingerprint, verified }

↳ no admin override · no out-of-band key rotation

artifact · 04

verifying live

What we wrote in the code is what runs

Open source, AGPL-3.0. The privacy policy is what the code does, not what we promise. PRs against the crypto primitives are public review.

$ open lib/crypto.ts

P-256 ECDH · PBKDF2-SHA256 (600k) · AES-256-GCM

↳ every primitive uses WebCrypto · no custom crypto in the hot path

↳ transparency log · recent events

wheneventsignerwitness

continuouslycommit graph · github.com/VisualActions/Siphrci · siphr-builder✓ git history

per-requestpublic-key writes · /api/usersuser (client-side)✓ unique-on-username

per-requestrepo creation · wrapped-key uploaduser (client-side)✓ stored verbatim

continuouslyobject writes · /api/repos/:id/objects/:oiduser (client-side)✓ oid is content-hash

design-timethreat model · /securitythis repo✓ source-of-truth

↳ the things this page can't fix

Verifiability covers what the server stores and what the code does. It does not cover the device you decrypt on. If your laptop is compromised, the threat model leaks. We can't transparency-log our way out of that — but we'll say it loudly here so you don't think we tried.