#FOKS
#FOKS
I'll definitely be taking a deep dive on FOKS.
When we launched Keybase over 11 years ago, we read a lot of good, well-informed feedback. We folded some but not all of these suggestions into Keybase. Most important, you convinced us that passwords are not a good long-term strategy for protecting secret key material. As a result, we spent months ripping up the app and pivoting to per-device keys, which were clearly the right way to go. WhatsApp eventually caught up in 2023!
Among the best ideas that we lacked the bandwith to tackle were: federation, open-source backend, YubiKey support and SSO support. No longer affiliated with Keybase or Zoom (Keybase’s new owner), I’ve been thinking about how to resurrect these very good ideas. Today, I’m happy to announce FOKS, the Federated Open Key Service. The gist is “Keybase, but with federation, SSO and YubiKey support, and fully open-source”. FOKS is not a fork, but rather built from scratch in pure Go. FOKS inherits the general goal of Keybase: give teams of users, each with multiple devices, shared secret keys so they can share data securely across the internet. It inherits Keybase’s core cryptographic techniques: append-only data structures that allow clients to catch dishonest server behavior; and cascading key rotations on device revokes and team member removals. The key difference is federation.