I looked into your challenge handshake logic, and it looks legit. Really impressed. Do you have a solution for pw derived keys?
(Also, you have a few UI issues: login exists across browser sessions, stuff like that. Feel free to ping me to talk more.)
Is it possible to consult code on Github?
This is a PoC I worked on over the last week while I've had a little bit of free time.
In general I'd love to have an ecosystem of apps (calendars, notifications, etc) built on this type of platform, I've done a lot of the ground wrt. encrypting/decrypting/signing/verifying general operations.
Tech wise it's deployed on Netlify (the backend is just a Netlify function) with:
- Frontend: React, Grommet, web.crypto.subtle
- Backend: Node.js, Mongo, native crypto module