TLDR; The title of this post.

Feel free to reach out for clarity instead of reading the code/docs.

I was working on a “react-like syntax for webcomponents”, I wanted to create something robust and flexible for secure data storage and management.

I started off with an approach for asynchronous state management so that components outside the shadow-root could receive updates. (The events are also encrypted to secure against things like browser extensions.)

https://positive-intentions.com/docs/projects/dim/async-state-management

It then made sense to be able to persist that data so it can work between page releoads.

https://positive-intentions.com/docs/projects/dim/bottom-up-storage

The result looks and works like the following when used in a project.

https://positive-intentions.com/docs/projects/dim/encrypted-store

The Dim framework seems like a dead-end. I wanted to try it out on my existing React projects. So I created the equivalent React hooks.

https://positive-intentions.com/docs/projects/dim/use-dim-store-react

I find it to be performant and I want to push the scale of the approach, so I am in the process of testing it out on my projects. A notable use-case there is storing encrypted files at rest.

IMPORTANT: Im not trying to promote “yet another ui framework”, this is an investigation to see what is possible. You should not use this in your own code. It is not reviewed, audited or production-ready. It is not on npm. Shared for testing, feedback and demo purposes only.

TLDR; The title of this post.

Feel free to reach out for clarity instead of reading the code/docs.

I was working on a “react-like syntax for webcomponents”, I wanted to create something robust and flexible for secure data storage and management.

I started off with an approach for asynchronous state management so that components outside the shadow-root could receive updates. (The events are also encrypted to secure against things like browser extensions.)

https://positive-intentions.com/docs/projects/dim/async-state-management

It then made sense to be able to persist that data so it can work between page releoads.

https://positive-intentions.com/docs/projects/dim/bottom-up-storage

The result looks and works like the following when used in a project.

https://positive-intentions.com/docs/projects/dim/encrypted-store

The Dim framework seems like a dead-end. I wanted to try it out on my existing React projects. So I created the equivalent React hooks.

https://positive-intentions.com/docs/projects/dim/use-dim-store-react

I find it to be performant and I want to push the scale of the approach, so I am in the process of testing it out on my projects. A notable use-case there is storing encrypted files at rest.

IMPORTANT: Im not trying to promote “yet another ui framework”, this is an investigation to see what is possible. You should not use this in your own code. It is not reviewed, audited or production-ready. It is not on npm. Shared for testing, feedback and demo purposes only.

TLDR; The title of this post.

Feel free to reach out for clarity instead of reading the code/docs.

I was working on a “react-like syntax for webcomponents”, I wanted to create something robust and flexible for secure data storage and management.

I started off with an approach for asynchronous state management so that components outside the shadow-root could receive updates. (The events are also encrypted to secure against things like browser extensions.)

https://positive-intentions.com/docs/projects/dim/async-state-management

It then made sense to be able to persist that data so it can work between page releoads.

https://positive-intentions.com/docs/projects/dim/bottom-up-storage

The result looks and works like the following when used in a project.

https://positive-intentions.com/docs/projects/dim/encrypted-store

The Dim framework seems like a dead-end. I wanted to try it out on my existing React projects. So I created the equivalent React hooks.

https://positive-intentions.com/docs/projects/dim/use-dim-store-react

I find it to be performant and I want to push the scale of the approach, so I am in the process of testing it out on my projects. A notable use-case there is storing encrypted files at rest.

IMPORTANT: Im not trying to promote “yet another ui framework”, this is an investigation to see what is possible. You should not use this in your own code. It is not reviewed, audited or production-ready. It is not on npm. Shared for testing, feedback and demo purposes only.

By leveraging FileSystem API for browser-based file-management, we can create a fairly unique approach for interacting with files on your device from your browser.

Features:

• PWA
• Local-first
• Word
• Spreadsheet
• PDF

Coming soon:

• Support for more filtypes
• Storage sync
• Collaborative editing
• Encryption at rest
• P2P file-transfer

*** The project is experimental and far from finished. It's presented for testing, feedback and demo purposes only (USE RESPONSIBLY!). ***

This project isnt finished enough to compare to Microsoft Office. This is intended to demonstrate client-side managed functionality. Allowing users to get started without setup.

I have a demo version for testing. It isnt ready to replace any existing app or service, but it would be great to get your feedback on it.

The implementation is based on the functionality described in a previous post.

By leveraging WebCrypto API and FileSystem API for browser-based encryption, we can create a fairly unique approach for encrypting and storing files directly on your device from your browser.

*** The project is experimental and far from finished. It's presented for testing, feedback and demo purposes only (USE RESPONSIBLY!). ***

This project isnt finished enough to compare to veracrypt. This is intended to demonstrate client-side managed secure cryptography. Allowing users to get started without setup.

i have a demo version for testing. it isnt ready to replace any existing app or service, but its a work-in-progress and it would be great to get your feedback on it.

the implementation is based on the functionality described in a previous post.

Id like to share my implementation of the signal protocol that i use in my messaging app. The implementation is in rust and compiles to WASM for browser-based usage.

• Github: https://github.com/positive-intentions/signal-protocol
• Demo: https://signal.positive-intentions.com/ Its far from finished and im not sure when its a good time to share it, but i think its reasonable now.

The aim is for it to align with the official implementation (https://github.com/signalapp/libsignal). That version was not used because my use case required client side browser-based functionality and i struggled to achieve that in the official one where javascript is used but is targeting nodejs.

There are other nuances to my approach like using module federation, which led to me moving away from the official version.

---

IMPORTANT: While this is aiming to provide a secure implementation, it isnt audited or reviewed. Shared for testing, feedback and demo purposes only. Please use responsibly.

Its worth mentioning that its far from finished and i hope with feedback i can make it better. I have put efforts towards directing it towards unit-tests, an audit and formal-proofs. None of that is good-enough, but i hope it can act as a starting point for verifying the implementation is correct.

Im sure people have better things to do with their time than review unstable and unfinished code. The transparency is intended for professionals that may be curious... Feel free to reach out for clarity instead of reading the code/docs.

Im investigating an idea i had about React-like syntax for webcomponents after some experience with Lit.

Lit is a nice lightweight UI framework, but i didnt like that it was using class-based components.

Vue has a nice approach but i prefer working with the syntax that React uses. I find it more intuitive for debugging and deterministic rendering. I wondered if with webcomponents, i could create a UI framework that didnt need to be transpiled.

• How its built
• Checkout the code
• Storybook demo

(My intentions with this framework is to get to a reasonable level of stability, to then replace React on some of my existing projects.)

IMPORTANT: Dont be misled by it being open-source. Im not trying to push "yet another ui framework", this is an investigation to see what is possible. You should not use this framework in your own code. It is not production-ready. It is not on NPM. It is intended for myself on my own projects. This project is far from finished. I am sharing because it might be interesting/educational for someone. Feel free to reach out for clarity if you have any questions.

"Secure and private" is the general aim.

This is a technical/concept demo of a fairly unique approach using a browser-based, local-first and webrtc.

This is intended to demonstrate client-side managed cryptography. We can avoid registration of any sort.

App: https://chat.positive-intentions.com/

Code: https://github.com/positive-intentions/chat

Features:

• P2P
• End to end encryption
• File transfer
• Local-first
• No registration
• No installation
• No database

Feel free to reach out for clarity instead of diving into the docs/code.

IMPORTANT: While this is aiming to provide a secure experience, it isnt audited or reviewed. Shared for testing, feedback and demo purposes only. Please use responsibly.

Im investigating an idea i had about React-like syntax for webcomponents after some experience with Lit.

Lit is a nice lightweight UI framework, but i didnt like that it was using class-based components. It's an acquired taste I haven't acquired.

Vue has a nice approach but i prefer working with the syntax that React uses. I find it more intuitive for debugging and deterministic rendering. I wondered if with webcomponents, i could create a UI framework that didnt need to be transpiled.

• How its built
• Checkout the code
• Storybook demo

(My intentions with this framework is to get to a reasonable level of stability, to then replace React on some of my existing projects.)

IMPORTANT: Dont be misled by it being open-source. Im not trying to promote "yet another ui framework", this is my own investigation to see what is possible. You should not use this framework in your own code. It is not production-ready. It is not on NPM. It is intended for myself on my own projects. This project is far from finished. I am sharing because it might be interesting/educational for someone. Feel free to reach out for clarity if you have any questions.

im working on a decentralized messaging app and generally up until recently i thought in such a system, if a peer is offline, you cant send a message... it wouldnt be "decentralized" if there was some central queue of messages.

it took embarassingly long, but then it hit me... git... just regular git is a decentralized database.

in my setup i need the ability for others to be abe to read and only i should be able to write to it. that functionality is out-the-box in git.

git is also pretty standardized so there are many providers if users want to move away from Github.

the storage requirements for my project are fairly small. typically small text messages. the data itself thats publicly readable would be encrypted.

Im investigating an idea i had about React-like syntax for webcomponents after some experience with Lit.

Lit is a nice lightweight UI framework, but i didnt like that it was using class-based components.

Vue has a nice approach but i prefer working with the syntax that React uses. I find it more intuitive for debugging and deterministic rendering. I wondered if with webcomponents, i could create a UI framework that didnt need to be transpiled.

• How its built
• Checkout the code
• Storybook demo

(My intentions with this framework is to get to a reasonable level of stability, to then replace React on some of my existing projects.)

IMPORTANT: Dont be misled by it being open-source. Im not trying to push "yet another ui framework", this is an investigation to see what is possible. You should not use this framework in your own code. It is not production-ready. It is intended for myself on my own projects. This project is far from finished. I am sharing because it might be interesting/educational for someone. Feel free to reach out for clarity if you have any questions.

Im investigating an idea i had about JSX for webcomponents after some experience with Lit.

Lit is a nice lightweight UI framework, but i didnt like that it was using class-based components.

Vue has a nice approach but i prefer working with the syntax that React uses. I find it more intuitive for debugging and deterministic rendering. I wondered if with webcomponents, i could create a UI framework that didnt need to be transpiled.

• Read the docs
• Checkout the code
• Storybook demo

(My intentions with this framework is to get to a reasonable level of stability, to then replace React on some of my existing projects.)

IMPORTANT: Im not trying to push "yet another ui framework", this is an investigation to see what is possible. You should not use this framework in your own code. It is not production-ready. It is intended for myself on my own projects. This project is far from finished. I am sharing because it might be interesting for someone. Feel free to reach out for clarity if you have any questions.

Im investigating an idea i had about JSX for webcomponents after some experience with Lit.

Lit is a nice lightweight UI framework, but i didnt like that it was using class-based components.

Vue has a nice approach but i prefer working with the syntax that React uses. I find it more intuitive for debugging and deterministic rendering. I wondered if with webcomponents, i could create a UI framework that didnt need to be transpiled.

• Read the docs
• Checkout the code
• Storybook demo

(My intentions with this framework is to get to a reasonable level of stability, to then replace React on some of my existing projects.)

IMPORTANT: Im not trying to push "yet another ui framework", this is an investigation to see what is possible. You should not use this framework in your own code. It is not production-ready. It is intended for myself on my own projects. This project is far from finished. I am sharing because it might be interesting for someone. Feel free to reach out for clarity if you have any questions.

This is hardly an alternative to Signal (or any other secure messaging app). It's a work in progress and "secure and private" is the general goal. Feel free to reach out for clarity instead of diving into the docs/code.

• Whitepaper
• Protocol spec

This is a technical/concept demo of a fairly unique approach using a browser-based, local-first and webrtc.

App demo: Enkrypted.Chat

This is intended to introduce a new paradigm in client-side managed secure cryptography. We can avoid registration of any sort.

Features:

• P2P
• End to end encryption
• Signal protocol
• Post-Quantum cryptography
• File transfer
• Local-first
• No registration
• No installation
• No database
• TURN server

Some open source versions of the core concepts.

IMPORTANT: While this is aiming to provide a secure experience, it isnt audited or reviewed. Shared for testing, feedback and demo purposes only. This isn't ready to replace any app or service. Please use responsibly.

This is a technical demo of a fairly unique approach using a browser-based, local-first and webrtc approach.

Enkrypted.Chat

This is intended to introduce a new paradigm in client-side managed secure cryptography. We can avoid registration of any sort.

Features:

• PWA
• P2P
• End to end encryption
• Signal protocol
• Post-Quantum cryptography
• Multimedia
• File transfer
• Video calls
• Local-first
• No registration
• No installation
• No database
• TURN server

Some open source versions of the core concepts.

• Chat
  • Code: https://github.com/positive-intentions/chat
  • Demo: https://chat.positive-intentions.com/
• File
  • Code: https://github.com/positive-intentions/dim/blob/staging/src/stories/05-Hooks-useFS.stories.js
  • Demo: https://dim.positive-intentions.com/?path=%2Fdocs%2Fusefs--docs
• Signal Protocol
  • Code: https://github.com/positive-intentions/signal-protocol
  • Demo: https://signal.positive-intentions.com/

Feel free to reach out for clarity instead of diving into the docs. Please use responsibly.

IMPORTANT: Caution should always be used for projects like this. While this is aiming to provide a secure experience, it isnt audited or reviewed. Shared for testing, feedback and demo purposes only. If youre unsure, this isnt for you.

Enkrypted.Chat

I'd like to get your feedback on user experience. You can try locally between 2 different browsers (or using incognito-mode).

I have open source some of the core concepts, but feel free to reach out for clarity instead of reading that slop:

• Chat
  • Code: https://github.com/positive-intentions/chat
  • Demo: https://chat.positive-intentions.com/
• File
  • Code: https://github.com/positive-intentions/dim/blob/staging/src/stories/05-Hooks-useFS.stories.js
  • Demo: https://dim.positive-intentions.com/?path=%2Fdocs%2Fusefs--docs
• Crypto
  • Code: https://github.com/positive-intentions/cryptography
  • Demo: https://cryptography.positive-intentions.com/

---

IMPORTANT: Caution should always be used for projects like this. So I'd like to be clear that I am Al-slop-maxxing at scale. If youre looking for good code, clear docs or best-practices; you should look away now. While this is aiming to provide a secure experience, it isnt audited or reviewed. I'd like to share for testing, feedback and demo purposes only. This is a technical demo of a unique concept. Feel free to reach out for clarity. Please use responsibly.

Enkrypted.Chat

This is intended to introduce a new paradigm in client-side managed secure cryptography. We can avoid registration of any sort. A fairly unique offering in the cybersecurity space.

No need for things like phone numbers or registering to any app stores. There are no databases to be hacked. Allowing users to send E2EE messages and files; no cloud, no trace.

Features:

• PWA
• P2P
• End to end encryption
• Signal protocol
• Post-Quantum cryptography
• Multimedia
• File transfer
• Video calls
• Local-first
• No registration
• No installation
• No database
• TURN server

I started off with some open source versions of the core concepts.

• Chat
  • Code: https://github.com/positive-intentions/chat
  • Demo: https://chat.positive-intentions.com/
• File
  • Code: https://github.com/positive-intentions/dim/blob/staging/src/stories/05-Hooks-useFS.stories.js
  • Demo: https://dim.positive-intentions.com/?path=%2Fdocs%2Fusefs--docs
• Crypto
  • Code: https://github.com/positive-intentions/cryptography
  • Demo: https://cryptography.positive-intentions.com/

Open source isnt sustainable. So im taking the Enkrypted.Chat project in a different direction.

To get started, you can take a look here: https://positive-intentions.com/docs/projects/enkrypted-chat/getting-started

To learn more or you want to do a deep-dive: https://positive-intentions.com/blog/introducing-enkrypted-chat

If you really want something to chew on, these are the bleeding-edge docs: https://positive-intentions.com/docs/technical

The docs may answer some questions, but feel free to reach out for clarity instead of reading all that slop.

IMPORTANT: Caution should be used for any unfamiliar project, especially this. I'd like to be clear that I am Al-slop-maxxing at scale. If youre looking for good code, clear docs or best-practices; you should look away now. While this is aiming to provide secure experience, it isnt audited or reviewed. I'm sharing for testing, feedback and demo purposes only. This is a technical demo of a unique concept. Please use responsibly.

(Note: Im actively in the process of rebranding from "positive-intentions" to "Enkrypted Chat". The wording may be inconsistent throughout the docs.)

it is clearly absurd for something like this to be used by anyone on their own computer to view local files. the goal of this project is to enable the viewing/navigating of files in browsers after exchanging over webrtc. i'm aiming for the experience to feel seamless for being able to navigate the folder structure on a remote device.

there are many browser-based office suites out there. this project aims to simplify the setup process by only using client-side resources; making it easy for users to get started.

https://ui.positive-intentions.com/iframe.html?globals=&args=&id=templates-filespage--native-real-folder&viewMode=story

unfortunately, it isnt open source, but i hope it helps to get feedback for improvements. in my project, the aim was to create an intuitive user experience for viewing files and folders in a browser.

A good way to test it out is to create a new empty folder on your computer and grant the webapp access to that folder. Note: the filesystem api provided by the browser will limit the access to explicitly approved folders. Some browsers also guard against access to important os directories on your computer and reject access automatically.

features:

• mounting local folders
• preview functionality for various filetypes
• browser based office suite
• basic folder management

upcoming:

• support for more filetypes
• better implmentation around browser-based office suite
• encryption-at-rest
• browser based file format conversions
• PWA

future:

when this project reaches a reasonable level of features and quality, I will be integrating this functionality into my P2P messaging app to build towards a "more" browser-based Next-Cloud-like solution. It would would be integrated into this app: https://enkrypted.chat/

IMPORTANT: Caution should always be used for all projects, especially like this. So I'd like to be clear that I am Al-slop-maxxing at scale. If youre looking for good code, clear docs or best-practices; you should look away now. While this is aiming to provide secure file-transfer and an intuitive office suite experience, I don't think it will ever be competitive against things like Next Cloud. It isnt audited or reviewed and i DO NOT want you to "trust me". I'd like to share for testing, feedback and demo purposes only. This is a technical demo of a unique concept. Feel free to reach out for clarity. Please use responsibly.

Been banned for AI-Slop on a few subs here on Lemmy as well as on Reddit.

I always provide a good amount of technical detail in my posts and i try to be as transparant and communicative about the details. My projects are very complicated and I try to document them well.

my project is pretty cryptography-heavy... the act of me sharing my efforts in an attempt to show transparency... but it is used against my project by calling it AI-slop (undermining Kerkhoff's principles).

It's 2026 and most developers are using AI. I have used it to create things like formal proof and verification.

my project is aimed to be a secure messaging app. i have all the bells-and-whistles there along with documentation.... but if the conversation cant move past "its AI-generated"... then it seems the cryptography/cybersecurity/privacy community isnt aligned with the fact that using AI is now common practice for developers of all levels.

AI is a tool. you cant (and shouldnt) "trust" AI to do anything without oversight. AI does not replace the due-diligence that has always been needed. i dont "trust" my hammer to bash in a nail... i "use" the hammer. AI is not different in how you need to be responsible for how its used.

i've busted my ass on my project for it to be called AI slop. i think its completely fine when it comes from folks in the community. cryptography is a serious subject and my ideas and implementation SHOULD/MUST be scrutinised... but its simply ignorant if mods are banning me for the quality of my work considering the the level of transparency and my engagement on discussions about it.

It's a bit reductive to call it slop. I think i try harder than most in providing links, code and documentation. Of course I used AI... and it's clearer for it. (you can find more detail on my profile)

i am of course sour from being banned, but am i wrong to think my code isnt AI slop? Some parts of my project are clearly lazy-ui... but im not sharing on some UI/UX/design sub. the cryptography module has unit tests and formal verification. if that is AI-slop and can result in me being banned, i simply dont have faith in that community to be objective on the reality of where AI can contribute.

while its understandable people dont want to review AI-slop... i think the cryptography/cybersecurity community needs to get on board with the idea of using AI to help in reviewing such code. am i wrong? is the future of cryptography is still people performing manual review of the breathtaking volumes of AI code?

TLDR; If you're looking for great engineering and best-practices... you should move away now. I'm creating a solution to a problem that nobody (including myself) has. I'm working with module federation between multiple cloud-providers to create an app that can use interoperable modules from multiple sources.

---

I have a webapp that I deploy with aws-cdk. It's a static webapp that I have on on S3.

AWS-cdk works as expected, but now id would like to investigate a multicloud deployment. Using something like pulumi or terraform (but not limited to those)

Most vendors have something like S3 and so I would like to have something that can deploy to multiple cloud vendors simultaneously.

In that approach, I would like an exhaustive number of vendor providers. I don't just want the top vendors like aws, gcloud, azure... But I'm looking for something that can also handle providers over seas like Alibaba cloud, Kamatera and I'm sure many I haven't heard of.

My project only needs something like S3 (static server) so I don't expect that being exhaustive in providers would be too expensive.

Im looking for something like terraform or pulumi, but I haven't user either enough to settle on one. When deploying to the S3 equivilent, i dont want it to deploy to either GCloud or Azure... i want it to be able to deploy to both.

(aws-cdk is handling things like the TLD so i think i'll have to stick with that setup.)

---

To provide more context about what I'm trying to do, I created a webapp that uses webpack module federation. (see my profile for more details)

The aim is for a resilient infrastructure. S3 is not expected to fail, but in a multicloud approach, if any cloud provider has issues, i want there to already be multiple redundancies in place.

I deploy the same app on gh-pages and aws-s3. Its set it up in a way that it can interoperate with statics from aws-s3 or gh-pages. It works as expected.

https://positive-intentions.com/blog/statics-as-a-chat-app-infrastructure#module-federation-in-action

I'd like to scale that up further, so the next level after that is to have something that can deploy to multiple cloud providers.

---

(Unrelated but worth mentioning: i will also be adding SRI on those imported static files to make sure they have a content-hash that matches expectations. I wont have to "trust" that the providers are serving the correct statics.)