A new approach for file sharing you don’t need to trust!

Dweb.page: Decentralized end-to-end encrypted file sharing based on IPFS, IOTA, and the Web Cryptography API

The first verison of Dweb.page was called Pact

When you open Google’s privacy policy you can read the following statement:

“When you use Google services, you trust us with your data.”

This is probably more honest than a lot of other companies. But DO you really trust all these companies with your data?

Your personal data is becoming an increasingly valuable asset for many companies (sometimes regarded as the new oil). Additionally, your personal data might not be as secure as you think (e.g. Equifax breach or Facebook privacy scandal) nor as confidential as you’d hope. Let’s be honest: how exactly do Facebook and Google earn money?

Okay, to stick with honesty here, until now I was using Google, Facebook and Co every day and I’m not using any of the more secure alternatives (like searchencrypt.com or minds.com, maybe I should switch). That’s because I think my search terms aren’t too important and I’m also quite lazy. However, this changes when it comes to more sensitive data. If someone asks for information about my bank account or a copy of my passport, I probably wouldn’t share this data with everyone (keep in mind Google might already know this stuff based on my search terms). So, to summarize there is some data I’m giving away for free to use all these cool technical gadgets and other data which I don’t give away and that causes me to sometimes live in a technical stone age (fax machine 📠, I am looking at you!).

Now, what if there was a way that allowed you to still enjoy the use of software without trading your privacy for it? Well, there may be a solution on the horizon. I’m talking about end-to-end encrypted decentralized solutions, where nobody except yourself is in control of your data. With this goal in mind, we developed a file-sharing tool called Dweb.page that aims to make data sharing really simple and secure.

If you upload your file on Dweb.page it will be completely encrypted 🔒 inside your browser (AES256-GCM) on your local device. This means all the information which is uploaded to our server is already fully encrypted thanks to the Web Cryptography API. You wonder why you should trust us? Good! Feel free to open the developer console and take a look at our code. There is nothing hidden from you. It’s all running in your browser. Furthermore, the server isn’t a simple server, it’s an IPFS node (hopefully soon a decentralized cluster) which shares all data with the rest of the IPFS network.

Here’s an example to make the benefits of decentralization even more clear. Imagine you load some data on a server and you wish to store it for a longer period of time. Later, if you want to get all your data back, the owner of the server could decide to charge you a pricey amount 💵 for it. If this would happen, you can simply request your data from any other publicly available IPFS node because of the decentralized storage of data! Another benefit is that browsers, such as Firefox, have started to support IPFS. So instead of going to a website, you can practically request this file from every network participant.

In addition, certain laws and regulations dictate that a log should be kept of your shared information. A decentralized third party keeping track of these transactions may then make sense. In this case, making sure that the decentralized transaction logging system is secure and immutable is important, where you have a fixed address to look up the logs (with IPFS the address would change with every new log entry) and it’s not possible to easily delete this log entry. Therefore, we are using the network (called tangle) of a distributed ledger technology called IOTA.

So, there you have it: a decentralized file sharing service, which (except for some early bugs) works as fast as any other file sharing service. And I’m quite optimistic that this is only the beginning.

Please distrust us, test Dweb.page! 😉