Hi 👋 Nice project!

The docs aren't clear on this question: how do you recommend setting up multiple devices to use the same private key? Or is that a no-no?

If you're quick you could add a "migrate from Keybase" blog post or section on your website, and post a comment in either of these three threads:

https://news.ycombinator.com/item?id=23103386
https://news.ycombinator.com/item?id=23104702
https://news.ycombinator.com/item?id=23102430

Could help drive adoption!

The installation of the CLI is currently failing. The resource is 'forbidden'.

❯ brew tap keys-pub/tap
Updating Homebrew...
==> Auto-updated Homebrew!
...
==> Tapping keys-pub/tap
Cloning into '/usr/local/Homebrew/Library/Taps/keys-pub/homebrew-tap'...
remote: Enumerating objects: 230, done.
remote: Counting objects: 100% (230/230), done.
remote: Compressing objects: 100% (193/193), done.
remote: Total 230 (delta 112), reused 41 (delta 13), pack-reused 0
Receiving objects: 100% (230/230), 26.26 KiB | 6.56 MiB/s, done.
Resolving deltas: 100% (112/112), done.
Tapped 1 cask and 2 formulae (30 files, 62.3KB).
~ via 🐏 52GiB/66GiB | 11GiB/11GiB on ☁️  us-east-1 took 11s

❯ brew install keys
==> Installing keys from keys-pub/tap
==> Downloading https://github.com/keys-pub/keysd/releases/download/v0.0.39/keys_0.0.39_darwin_x86_64.tar.gz
==> Downloading from https://github-production-release-asset-2e65be.s3.amazonaws.com/226203365/45071080-8ee4-11ea-95b9-dc7111ff5841?X-Amz-Al
##O=#  #
curl: (22) The requested URL returned error: 403 Forbidden
Error: An exception occurred within a child process:
  DownloadError: Failed to download resource "keys"
Download failed: https://github.com/keys-pub/keysd/releases/download/v0.0.39/keys_0.0.39_darwin_x86_64.tar.gz

I noticed the following:

When generating a key for twitter the username must be lowercase, this is enforced on the linux client: name should be lowercase.
So I entered my twitter username in lowercase and continued. However publishing the key works, validation fails because my username contains some letters in uppercase
failed to create user: path invalid (name mismatch)

Hi! Cool project.
I'm getting stuck at authorizing my client. Any advice?

$ keys auth
timed out waiting for pid

$ keys --version
keys version 0.0.36 32283ad6227383e43213e6062fb8de35889e5ce7 2020-04-24T03:20:44Z
$ uname -a
Linux mbp13 4.19.0-8-amd64 #1 SMP Debian 4.19.98-1 (2020-01-26) x86_64 GNU/Linux

EDIT: I currently have my CPUs limited, but I don't know if this should be a blocker to authorizing the client.

$ cpufreq-info 
cpufrequtils 008: cpufreq-info (C) Dominik Brodowski 2004-2009
Report errors and bugs to [email protected], please.
analyzing CPU 0:
  driver: intel_pstate
  CPUs which run at the same hardware frequency: 0
  CPUs which need to have their frequency coordinated by software: 0
  maximum transition latency: 4294.55 ms.
  hardware limits: 500 MHz - 3.40 GHz
  available cpufreq governors: performance, powersave
  current policy: frequency should be within 500 MHz and 1.20 GHz.
                  The governor "powersave" may decide which speed to use
                  within this range.
  current CPU frequency is 891 MHz.
...

Supporting CORS on API calls, at least some of them, would be a good feature. Keybase supports it for user lookups and for Merkle tree related calls, so supporting it at least for user lookups will be great.

When I open the app for the first time I see:

Error:

Oops, exec error: Error: Command failed: /Volumes/Keys 0.0.38/Keys.app/Contents/Resources/bin/keys start --from=app
/bin/sh: /Volumes/Keys: No such file or directory

OS: Catalina 10.15.3
Keys-0.0.38

I looked through settings and then docs, but was unable to find any information about the local storage and whether it ca be synced / backed up.

Even simple sigchain timestamping allows to prove useful things like, ex:

• key X exists since at least date D1
• revocation of X has been issued before D2
• etc…

The easiest way to achieve this would be:

1. Hash sigchain Statements as they arrive
2. Periodically:
   1. Construct merkle tree out of recent Statements
   2. Submit tree root to opentimestamps servers
   3. After some time, upgrade the timestamp.

AFAIR the implementation Keybase has, is, used to have, was going a step further, by basically rolling the same UTXO, which ensured no sigchain history forks could occur. That's even better, but it is quite more involved to implement, and would incur small, but continuous cost.

Implementation of a similar function to Keybase Filesystem to allow for added private storage of files and documents beyond system level drive encryption. This is a useful tool that may be worth implementing at some point for Keys.

https://github.com/keybase/client/tree/master/go/kbfs

Binary or Armored detached signatures created with the CLI cannot be verified in the GUI. Only attached signatures work.

# GUI FAIL "failed to verify: failed to verify file: invalid data "
$ keys sign --signer grempe@github --in foo.txt --out foo-a-d -a -d

# GUI OK
$ keys sign --signer grempe@github --in foo.txt --out foo-a-t -a -t

# GUI FAIL "failed to verify: failed to verify file: invalid data "
$ keys sign --signer grempe@github --in foo.txt --out foo-b-d -b -d

# GUI OK
$ keys sign --signer grempe@github --in foo.txt --out foo-b-t -b -t

On encryption, I think there should be some easier way to default to a sender, rather than needing to specify it all the time. Maybe the first key created? For example, I have four keys in my keyring:

% keys list -t edx25519
kex1cff9ug3yflntlwjcjrh4amsdpwcvu4rsnsaru2e4z2rdqerwlagsd7gwd2 aarontoponce@twitter
kex1l0vr4xn8xzmyk8gemvtuh6dw93glujn9apwhrkh528t5fkw62weqel0ymw atoponce@github
kex1c0jp03hpuall9rphcn3syzncsqn9m2hswpj6ca3d66hy65vpvraq57yepu atoponce@reddit
kex13jf47j9492ck7twu8wstq68ezjggruv06vfr39s8s2xa2434c77sec6lyk pthree.org@https

Twitter was the first key I created, so maybe " (default)" could be appended at the end of the line, with functionality to change the default, say to my Reddit or Github keys. Then, I can do:

% echo 'super secret message' | keys encrypt -a -r user@example

Rather than needing to:

% echo 'super secret message' | keys encrypt -a -r user@example -s atoponce@reddit

Also, I find it curious that --mode, -m signcrypt isn't default. I'm curious if there is a larger usecase for sending deniable messages that aren't signed versus ones that are.

Last thing. One thing I always felt missing from the Keybase CLI was the ability to generate passwords or passphrases. With the fact that you're supplying keys rand to generate random bytes and encode them, works for most cases I think. You have various encodings, including BIPS-39. But the help on error is confusing:

% keys rand -n 8 -e bip39
Entropy length must be [128, 256] and a multiple of 32

But I can do:

% keys rand -n 16 -e bip39
powder kitchen stove already range ignore prison group recall elite hedgehog alpha

It took some fiddling, but what you're saying in the STDERR output is that you must supply at least 128 bits (16 bytes), but no more than 256 bits (32 bytes), and it must be a multiple of 32 bits (4 bytes). That means when using BIPS39 encoded, there are really only five options: 16, 20, 24, 28, and 32 bytes. I would also recommend standardizing on a unit (bytes or bits) and remain consistent. So maybe something like this instead:

% keys rand -n 8 -e bip39
bip39 must be 16, 20, 24, 28, or 32 bytes in length

Hi folks,

The latest commit dates back to 2021 and that makes me wonder if there is any future for keys.pub?

Regards.

Title pretty much says it all.

thanks

Many (email) clients have some support for GNUpg (e.g., astroid). While some may allow complex configuration sufficient to hand-code swapping in keys-pub, for some the integration is hard-coded. In these cases, it'd be useful to have a wrapper script that mocks GNUpg for signing, verification, decryption, and encryption.

Arguments for providing a utility script, and including it in the keys-pub/keys (or, possibly, keys-pub/keys-ext) are:

• it would facilitate user migration from pgp, particularly in the case of users who are not programmers.
• it would ensure a more correct implementation, as it would be a 1-time implementation, rather than N-times.
• it would ensure compatibility between clients, since options would be consistent between clients

I'm willing to provide a pull request, but I believe the resulting code would be best hosted in the canonical repo, and having input from users of other email clients would help nail a more robust implementation.

Without this, accidental logout happens as you try to figure out if this button clears an input field. A more standard UI icon for signout might be preferred as well.

Would be cool sketch out what it would take to write a git-remote helper so we can do something like:

git remote add keys://~sigchainid/repos/shared-project

And have anyone who has signed something on a sigchain be able to push and pull that remote.

I just wanted to start the discussion on how to build this, what makes sense from a single-user and multi-user perspective, etc, and figured there might be enough interest here.

After keys auth (and entering a new password), and exporting the token:

$ keys --log-level debug generate
INFO[2020-05-07T16:56:31.677116-07:00] Version: 0.0.39 fa25a4ec201c3ceaafbc7add19751e72df2ce505 2020-05-05T22:22:19Z
DEBU[2020-05-07T16:56:31.677428-07:00] PID: 96350
DEBU[2020-05-07T16:56:31.677454-07:00] UID: 501
DEBU[2020-05-07T16:56:31.677472-07:00] OS: darwin
DEBU[2020-05-07T16:56:31.67769-07:00] Command: generate
INFO[2020-05-07T16:56:31.677714-07:00] Autostart
DEBU[2020-05-07T16:56:31.677732-07:00] Start process
DEBU[2020-05-07T16:56:31.67969-07:00] Found process: &{pid:95054 ppid:1 binary:keysd}
DEBU[2020-05-07T16:56:31.679722-07:00] Already running
DEBU[2020-05-07T16:56:31.679732-07:00] Client connect...
DEBU[2020-05-07T16:56:31.679836-07:00] Loading certificate /Users/karan/Library/Application Support/Keys/ca.pem
INFO[2020-05-07T16:56:31.680296-07:00] Opening connection: 127.0.0.1:22405
DEBU[2020-05-07T16:56:31.68048-07:00] Service status...
$KID # replaced for issue

$ keys --log-level debug list
INFO[2020-05-07T16:59:03.016306-07:00] Version: 0.0.39 fa25a4ec201c3ceaafbc7add19751e72df2ce505 2020-05-05T22:22:19Z
DEBU[2020-05-07T16:59:03.016754-07:00] PID: 96717
DEBU[2020-05-07T16:59:03.016792-07:00] UID: 501
DEBU[2020-05-07T16:59:03.016813-07:00] OS: darwin
DEBU[2020-05-07T16:59:03.017142-07:00] Command: list
INFO[2020-05-07T16:59:03.017168-07:00] Autostart
DEBU[2020-05-07T16:59:03.017184-07:00] Start process
DEBU[2020-05-07T16:59:03.0199-07:00] Found process: &{pid:95054 ppid:1 binary:keysd}
DEBU[2020-05-07T16:59:03.019937-07:00] Already running
DEBU[2020-05-07T16:59:03.01995-07:00] Client connect...
DEBU[2020-05-07T16:59:03.020106-07:00] Loading certificate /Users/karan/Library/Application Support/Keys/ca.pem
INFO[2020-05-07T16:59:03.020783-07:00] Opening connection: 127.0.0.1:22405
DEBU[2020-05-07T16:59:03.021051-07:00] Service status...
INFO[2020-05-07T16:59:03.073476-07:00] Received error 2 The user name or passphrase you entered is not correct. (-25293)
The user name or passphrase you entered is not correct. (-25293)

Then, naively, I also deleted all files in ~/Library/Application Support/Keys including ca.pem 😢

After recovering the CA and nothing else from a backup, I try to auth with my system (user) password, and I get this:

$ keys --log-level debug auth
INFO[2020-05-07T17:08:08.967123-07:00] Version: 0.0.39 fa25a4ec201c3ceaafbc7add19751e72df2ce505 2020-05-05T22:22:19Z
DEBU[2020-05-07T17:08:08.96747-07:00] PID: 98585
DEBU[2020-05-07T17:08:08.967496-07:00] UID: 501
DEBU[2020-05-07T17:08:08.967511-07:00] OS: darwin
DEBU[2020-05-07T17:08:08.967787-07:00] Command: auth
INFO[2020-05-07T17:08:08.967826-07:00] Autostart
DEBU[2020-05-07T17:08:08.967842-07:00] Start process
DEBU[2020-05-07T17:08:08.969503-07:00] Found process: &{pid:95054 ppid:1 binary:keysd}
DEBU[2020-05-07T17:08:08.96953-07:00] Already running
DEBU[2020-05-07T17:08:08.969539-07:00] Client connect...
DEBU[2020-05-07T17:08:08.969604-07:00] Loading certificate /Users/karan/Library/Application Support/Keys/ca.pem
INFO[2020-05-07T17:08:08.970086-07:00] Opening connection: 127.0.0.1:22405
DEBU[2020-05-07T17:08:08.970289-07:00] Service status...
INFO[2020-05-07T17:08:09.035342-07:00] Auth setup needed? false
Enter your password:
INFO[2020-05-07T17:08:12.265023-07:00] Auth unlock...
INFO[2020-05-07T17:08:12.270808-07:00] Received error 2 failed to unlock: failed to load salt: The user name or passphrase you entered is not correct. (-25293)
failed to unlock: failed to load salt: The user name or passphrase you entered is not correct. (-25293)

And same result with the password I used during initial setup. And same result after killing the keysd process.

A few questions:

• During auth, it's unclear if it's asking for system password, or a new password. Which one is it?
• How do I recover the ca (luckily I had a backup so not applicable to me)? brew reinstall keys didn't seem to help.
• Why is auth not working anymore?
• When auth did work, why couldn't I list keys?

If you paste armored text into GUI decrypt tool (whether created with mode encrypt or signcrypt) the GUI will display the decrypted plaintext directly within the GUI.

However, if you instead choose a binary file from the filesystem to decrypt it will always save plaintext back to the filesystem as a file with the .dec (presumably for decrypted) back to the same folder.

This differing treatment can be confusing. I can see how saving the file to the filesystem would be useful for files that are non-textual in nature (e.g. an encrypted .zip or .png), but the heuristic of assuming that ascii armored ciphertext represents something able to be displayed within the GUI won't apply universally.

One possible solution might be to examine the file when it is decrypted (and before displaying or saving it) and checking if it contains only GUI safe characters with a regex and if so display it in the GUI directly whenever possible. This is a much friendlier way of dealing with the output (and likely safer as there won't be a plaintext artifact for the user to cleanup afterwards).

As an example here is a screenshot of a .jpg file I encrypted and armored. Pasting this armored text results in unpleasant output. I would have to resort to the command line to actually open this file.

keys encrypt -r grempe@github -s grempe@github -a -in testing.jpg -out testing.jpg.enc

https://share.getcloudapp.com/7KuLJekl

Unfortunately the only way to sign a key for a domain with keys.pub currently is via uploading a file to a server. This does not verify a domain, this simply verifies that a domain is linked to a server, in which case the server can be changed, swapped, etc. This is a security vulnerability, and ought to be corrected. Keys need to be signed in coordination with the DNS records themselves, so that servers are not involved.

$ ./security.sh
...
Results:

Golang errors in file: [/memfs/git/keys/keyring/keyring.go]:

  > [line 13 : column 9] - undeclared name: newSystem



[/memfs/git/keys/saltpack/sign.go:281] - G304 (CWE-22): Potential file inclusion via variable (Confidence: HIGH, Severity: MEDIUM)
    280:        outTmp := out + ".tmp"
  > 281:        outFile, err := os.Create(outTmp)
    282:        if err != nil {



[/memfs/git/keys/saltpack/sign.go:208] - G304 (CWE-22): Potential file inclusion via variable (Confidence: HIGH, Severity: MEDIUM)
    207:        outTmp := out + ".tmp"
  > 208:        outFile, err := os.Create(outTmp)
    209:        if err != nil {



[/memfs/git/keys/keyring/backup.go:20] - G304 (CWE-22): Potential file inclusion via variable (Confidence: HIGH, Severity: MEDIUM)
    19: 
  > 20:         file, err := os.Create(tmpPath)
    21:         if err != nil {



[/memfs/git/keys/http/client/client.go:210] - G307 (CWE-703): Deferring unsafe method "Close" on type "io.ReadCloser" (Confidence: HIGH, Severity: MEDIUM)
    209:        }
  > 210:        defer resp.Body.Close()
    211:        return c.response(req.Path, resp)



[/memfs/git/keys/http/client.go:124] - G307 (CWE-703): Deferring unsafe method "Close" on type "io.ReadCloser" (Confidence: HIGH, Severity: MEDIUM)
    123: 
  > 124:        defer resp.Body.Close()
    125:        if resp.StatusCode/200 != 1 {



Summary:
  Gosec  : dev
  Files  : 103
  Lines  : 11782
  Nosec  : 6
  Issues : 5

Commit 258cbb4

How to decode saltpack keys now without that function? Can u please help me?

Folks.

With Keybase, we would have multiple proofs for our Keybase identity, so keyid:public-identifier was a 1:many relationship. With Keys.pub, I am getting an error when I try to add any key after the first.

I can find no clear statement in the docs as to whether or not we should be creating a new keyid for each public identity (1:1) or including multiple public identifiers in the sigchain for one keyid. Which is it supposed to be, please?

In this case, the keyid is kex1g4x72y80l8vhtzsy9fchpj4fx4nzyzcrmmukmm37lz02cvavm9mshq6gx5 and I've tried adding a Reddit proof https://old.reddit.com/r/keyspubmsgs/comments/gjg2p9/syscomet/ and had tried a Twitter proof before that (since deleted, since it didn't work).

Am I doing something very wrong?

keys is 0.0.45 2a859beaec195f67b14448f9c7a6edec1dada32c on Linux, and I just tried a keys/keysd built from source at git revision 60eff28aa8d0920def33f474f7c622ae3bcaa5bc which did not help.

I'm running keys inside a Docker container setup I threw together, at https://github.com/PennockTech/keyspub-docker.

Thanks.

I'm very new to using keys, but I was confused what to do if your private key or a device with it installed is compromised?

I'm not sure if this is I'm scope for the project, but it would be good to either explain that, or offer steps to take if it happens to new users like me.

I'm happy to make a PR adding this if you let me know what you recommend.

Thanks for the cool project! 🙂

Support macOS' touch ID for FIDO2 login to the vault (if possible) :)

Is it possible to encrypt data for teams? In Keybase it is very convenient since we can add/remove users from already encrypted content.

I'm intrigued by this project since we're looking for some solution to verifying identity for @JuliaLang's package manager. However, even though there is a "what is it?" section on the keys.pub website, I can't seem to find the answer to that question anywhere. There is a list of features, but no actual statement of what it is. Is it a server? Is it a service? Is it a client? How does it work? There's also a section for that but I find myself similarly unenlightened. That section is another list of features. I know these answers are probably so obvious to people who work on the project that it doesn't even occur to you to explain it, it would be great for people like me who come here and have no clue.

Windows support legacy DOS command keys.

I didn't install keys for CLI, so I don't know what shall happen if install.
Just keep that in mind. Perhaps it may confuse or complicate writing cross-platform scripts.

I didn't find information on the DOS command keys on the Internet. I got the information from a message in the console, through keys /?, After the message keys -> "Keys mode is disabled."

Hi! I stumbled upon this project yesterday. Even though it looks interesting to me, I can't find any info about threat models and how keys.pub deals with them.

Is keys.pub centralised? Is there a single point of failure? What happens if an attacker gets control of the server or just the domain? How would that affect the users of keys.pub? If the service ever gets shut down, what gets lost and what doesn't? How the users can make use of what remains? etc. etc.

The help text for --out is missing a closing parenthesis.

This help text should also indicate how STDIN and STDOUT can be used.

❯ keys encrypt -h
NAME:
   keys encrypt - Encrypt

USAGE:
   keys encrypt [command options] [arguments...]

OPTIONS:
   --recipient value, -r value               recipients
   --sender value, --signer value, -s value  signer (or anonymous if not specified)
   --armor, -a                               armored
   --in value, -i value                      file to read
   --out value, -o value                     file to write (defaults to {in}.enc
   --mode value, -m value                    encryption mode: encrypt (default) or signcrypt

See title. I don't see an option for this. thanks!

Hi,

it would be really nice if we had labels for public keys, so that we could give the keys names in order to know which key belongs to which person, once we have many of them in our key ring.

When adding a gist to verify one's github account, the keys.pub application requires a lowercase username. This isn't a large issue except that when keys.pub tries to verify the username and gist, the usernames don't match because the real one is uppercase.

Screenshots below

After changing my username to lowercase and creating the gist, I get this error while verifying.

This is not a critical issue since you can make the name in the url lowercase and it will succeed, but it certainly is not great UX.

I don't know what to do with this.

I don't have a PGP key in GitHub and I don't understand what this means "If you don't have access to the key, you can find and remove the signed statement that you previously saved."

iOS and Android versions would be highly appreciated.

Version 0.0.39 (macOS GUI and CLI)

I think that the keys decrypt function (and the equivalent in the GUI if it doesn't shell out to CLI) should auto detect the armoring and the mode (encrypt | signcrypt) when decrypting content.

Especially for cyphertext that was signcrypt vs. encrypt as this is not something the recipient can know in advance. This causes UX issues in both the GUI and the CLI. Some examples.

Also, there are interoperability issues between GUI and CLI which is due to the related problem of improper mode selection for both signcrypt and decrypt type operations.

GUI

OK : Using the GUI Encrypt tab to sign and encrypt a message (in this case signed by grempe@github and encrypted to myself as well) and then pasting that ciphertext into the Decrypt tab properly decrypts the contents and verifies the signature. So cyphertext BOTH created and decrypted WITHIN the GUI is OK.

ERROR : In GUI, pasting a signcrypt message with the same users that was created in the CLI into the Decrypt GUI pane fails with message Wrong saltpack message type: wanted an encrypted message, but got a signed and encrypted message instead. The GUI should just 'do the right thing' and handle a signed and encrypted message created by the CLI.

The command used on the CLI to create the ciphertext for the GUI was:

echo "foo" | keys encrypt -r grempe@github -s grempe@github -m signcrypt -a

ERROR : If using the GUI to create encrypted text, and also choosing that it should be signed by someone is only creating encrypt mode ciphertext, not signcrypt as expected.

e.g. in GUI I encrypt 'FOOBAR' to myself, and also choose to sign with my same key results in ciphertext that is in encrypt mode, not signcrypt mode.

Note, I had to specify encrypt mode not signcrypt mode.

echo "BEGIN SALTPACK ENCRYPTED MESSAGE. kcJn5brvybfNjz6 D5ll2Nk0YySyo5u S8VITxP1Nu9IZBo GKPXIiQJPm0Pp0f 19D7dVOcGMstPuc lCqpOhGMzz8wFgS DRIO9gnIKuCZJwN dHpiNUpllGRU3LS 4vusrjLtGnrkzlE vbaUnW9HMd4IM9P N2ENoDnrXGbWTSW aZ3hELM4HppRWxJ Otp4pA2f6K8xGsD 9GVOcXCzAlnqJCw 24HRMmMHxNPwA7r isdGXipkuZfZJhZ ZlFMQ7KJrikG5cw kII7wNE4760U2jL RtYqclNUh36Hn2N Add. END SALTPACK ENCRYPTED MESSAGE." | keys decrypt -a -m encrypt
verified kex1ygrarq8l83l0tvhhesqwepuzza26zq75t9nm8pq78svz086ktk2sl5mtul grempe@github
FOOBAR%

CLI

echo "foo" | keys encrypt -r grempe@github -s grempe@github -m signcrypt -a | keys decrypt -a -m signcrypt

ERROR : this throws an error when no mode is supplied to decrypt, even though the decrypt function clearly knows that this content was both signed and encrypted. It should use this knowledge to just automatically apply the right mode.

❯ echo "foo" | keys encrypt -r grempe@github -s grempe@github -m signcrypt -a | keys decrypt -a
Wrong saltpack message type: wanted an encrypted message, but got a signed and encrypted message instead

ERROR : this throws an error when armor setting is not applied to decrypt. This despite the fact that decrypt did not see the expected header bytes. In which case it should apply armoring mode as needed to attempt decrypt. The message is also not helpful in guiding the user to a proper solution (providing the -a flag).

❯ echo "foo" | keys encrypt -r grempe@github -s grempe@github -m signcrypt -a | keys decrypt -m signcrypt
failed to read header bytes

Same for when neither armor or mode option is provided to decrypt:

❯ echo "foo" | keys encrypt -r grempe@github -s grempe@github -m signcrypt -a | keys decrypt
failed to read header bytes

SUMMARY

Implementing these heuristics on decrypt, in GUI and CLI, would allow decrypt to be much more forgiving (especially in a GUI context!). You should be forgiving as there is no way for the user to know the mode by looking at the ciphertext. In all cases content created by the GUI or CLI MUST be fully interoperable.

I think it would be a great idea to use a quick system to import keys from keybase. What do you think? :-)

A Matrix room, perhaps, or even IRC?

I love this app, tanks for developing it, it is awesome.

While signing a message in the app, it update the signature for every key typed! While cool UX wise, i think this a dangerous practice as it creates hundreds/thousands of useless signatures. Plus it gives the user te impression that signatures are cheap and thus not sound.

Same for encryption

The subreddit is banned for being unmoderated. I'm figuring out how to fix and unban.
If not will start a new subreddit and setup moderation correctly.

The url should be https://example.com/.well-known/keyspub.txt. See https://tools.ietf.org/html/rfc8615 and https://www.iana.org/assignments/well-known-uris/well-known-uris.xhtml and maybe https://en.wikipedia.org/wiki/List_of_/.well-known/_services_offered_by_webservers