porcellus's comments

Hi, a ZeroKit developer here. We agree, third-party audits are crucial. We’re working on this, so stay tuned.

Hi, one of the devs here working on ZeroKit. We encrypt everything on the client, so the it is end-to-end encrypted. We only store the private keys on our servers in an encrypted form. The server only provides ACL (so users don't get access to encrypted data they shouldn't, even if they wouldn't be able to decrypt it), checks the password using SRP-6a and provides OpenId Connect that realm uses to authenticate the users

Ah I forgot, I'm one of the developers working on zerokit

We are working on fully detailed whitepaper, meanwhile you can read about some of this in our documentation. Here is some clarification: The user password is critical, because we need some kind of secret from the user, as we want them to be able to log in from multiple devices. The password requirements are entirely application dependent, we don't handle them: we provide feedback based on zxcvbn that the app can use to judge password strength. Regarding kdfs: the user password is first stretched using scrypt, then we use pbkdf2 to derive different keys for a few different uses. These keys are used to encrypt the user profile (which is just a collection of generated keys) before storing on the server. The keys derived from the user password won't travel to the server, they never leave the client, only data encrypted by it does. This data is mostly just other keys, we don't store any user data. We use AES GCM-256 Most keys are 32 bytes, for asymmetric key exchange we use the X25519 curve.