Keybase is a key directory that maps

social media Social media are interactive technologies that facilitate the Content creation, creation, information exchange, sharing and news aggregator, aggregation of Content (media), content (such as ideas, interests, and other forms of expression) amongs ...

identities to encryption keys (including, but not limited to PGP keys) in a publicly auditable manner. Additionally it offers an end-to-end encrypted chat and

cloud storage Cloud storage is a model of computer data storage in which data, said to be on "the cloud", is stored remotely in logical pools and is accessible to users over a network, typically the Internet. The physical storage spans multiple servers (so ...

system, called Keybase Chat and the Keybase Filesystem respectively. Files placed in the public portion of the filesystem are served from a public endpoint, as well as locally from a filesystem union-mounted by the Keybase client. Keybase supports publicly connecting

Twitter Twitter, officially known as X since 2023, is an American microblogging and social networking service. It is one of the world's largest social media platforms and one of the most-visited websites. Users can share short text messages, image ...

GitHub GitHub () is a Proprietary software, proprietary developer platform that allows developers to create, store, manage, and share their code. It uses Git to provide distributed version control and GitHub itself provides access control, bug trackin ...

Reddit Reddit ( ) is an American Proprietary software, proprietary social news news aggregator, aggregation and Internet forum, forum Social media, social media platform. Registered users (commonly referred to as "redditors") submit content to the ...

, and

Hacker News Hacker News (HN) is a social news website focusing on computer science and entrepreneurship. It is run by the investment fund and startup incubator Y Combinator. In general, content that can be submitted is defined as "anything that gratifies one' ...

identities, including websites and domains under one's control, to encryption keys. It also supports

Bitcoin Bitcoin (abbreviation: BTC; Currency symbol, sign: ₿) is the first Decentralized application, decentralized cryptocurrency. Based on a free-market ideology, bitcoin was invented in 2008 when an unknown entity published a white paper under ...

Zcash Zcash is a privacy-focused cryptocurrency based on Bitcoin's codebase. It shares many similarities, such as a fixed total supply of 21 million units. Transactions can be transparent, similar to bitcoin transactions, or they can be shielded t ...

, Stellar, and QRL wallet addresses. Keybase has supported

Coinbase Coinbase Global, Inc. is an American cryptocurrency exchange. It was founded in 2012 by Brian Armstrong and Fred Ehrsam. Coinbase has over 100 million users, and is the largest U.S. based cryptocurrency exchange as well as the world's bigge ...

identities since initial public release, but ceased to do so on March 17, 2017, when Coinbase terminated public payment pages. In general, Keybase allows any service with public identities to integrate with Keybase. On May 7, 2020, Keybase announced it had been acquired by

Zoom Zoom may refer to: Arts, entertainment and media Film * ''Zoom'' (2006 film), starring Tim Allen * ''Zoom'' (2015 film), a Canada-Brazil film by Pedro Morelli * ''Zoom'' (2016 Kannada film), a Kannada film * ''Zoom'' (2016 Sinhala film), a Sr ...

, as part of Zoom's "plan to further strengthen the security of tsvideo communications platform".

Identity proofs

Keybase allows users to ''prove'' a link between certain online identities (such as a

account) and their encryption keys. Instead of using a system such as

OAuth OAuth (short for open authorization) is an open standard for access delegation, commonly used as a way for internet users to grant websites or applications access to their information on other websites but without giving them the passwords. Th ...

, identities are proven by posting a signed statement as the account a user wishes to prove ownership of. This makes identity proofs publicly verifiable – instead of having to trust that the service is being truthful, a user can find and check the relevant proof statements themselves, and the Keybase client does this automatically.

App

In addition to the web interface, Keybase offers a client application for

Windows Windows is a Product lining, product line of Proprietary software, proprietary graphical user interface, graphical operating systems developed and marketed by Microsoft. It is grouped into families and subfamilies that cater to particular sec ...

Mac Mac or MAC may refer to: Common meanings * Mac (computer), a line of personal computers made by Apple Inc. * Mackintosh, a raincoat made of rubberized cloth * Mac, a prefix to surnames derived from Gaelic languages * McIntosh (apple), a Canadi ...

, Android,

iOS Ios, Io or Nio (, ; ; locally Nios, Νιός) is a Greek island in the Cyclades group in the Aegean Sea. Ios is a hilly island with cliffs down to the sea on most sides. It is situated halfway between Naxos and Santorini. It is about long an ...

, and most desktop

Linux distribution A Linux distribution, often abbreviated as distro, is an operating system that includes the Linux kernel for its kernel functionality. Although the name does not imply product distribution per se, a distro—if distributed on its own—is oft ...

s, written in Go with an

Electron The electron (, or in nuclear reactions) is a subatomic particle with a negative one elementary charge, elementary electric charge. It is a fundamental particle that comprises the ordinary matter that makes up the universe, along with up qua ...

front end. The app offers additional features to the website, such as the end-to-end encrypted chat, teams feature, and the ability to add files to and access private files in their personal and team Keybase Filesystem storage. Each device running the client app is authorized by a

signature A signature (; from , "to sign") is a depiction of someone's name, nickname, or even a simple "X" or other mark that a person writes on documents as a proof of identity and intent. Signatures are often, but not always, Handwriting, handwritt ...

made either by another device or the user's PGP key. Each device is also given a per-device

NaCl Sodium chloride , commonly known as edible salt, is an ionic compound with the chemical formula NaCl, representing a 1:1 ratio of sodium and chloride ions. It is transparent or translucent, brittle, hygroscopic, and occurs as the mineral hali ...

(pronounced "salt") key to perform cryptographic operations.

Chat

Keybase Chat is an end-to-end encrypted chat built in to Keybase launched in February 2017. A distinguishing feature of Keybase Chat is that it allows Keybase users to send messages to someone using their online aliases (for example a

reddit Reddit ( ) is an American Proprietary software, proprietary social news news aggregator, aggregation and Internet forum, forum Social media, social media platform. Registered users (commonly referred to as "redditors") submit content to the ...

account), even if they haven't signed up to Keybase yet. If the recipient (the online alias owner) has an account on Keybase, they will seamlessly receive the message. If the recipient doesn't have a Keybase account, and later signs up and proves the link between the online account and their devices, the sender's device will rekey the message for the recipient based on the public proof they posted, allowing them to read the message. Since the Keybase app checks the proof, it avoids

trust on first use Trust on first use (TOFU), or trust upon first use (TUFU), is an authentication scheme used by client software which needs to establish a trust relationship with an unknown or not-yet-trusted endpoint. In a TOFU model, the client will try to look ...

Keybase Filesystem (KBFS)

Keybase allows users to store up to 250 GB of files in a cloud storage called the Keybase Filesystem for free. There are no storage upgrades available, but paid plans allowing for more data are planned. The filesystem is divided into three parts: public files, private files, and team files. On

Unix-like A Unix-like (sometimes referred to as UN*X, *nix or *NIX) operating system is one that behaves in a manner similar to a Unix system, although not necessarily conforming to or being certified to any version of the Single UNIX Specification. A Uni ...

machines, the filesystem is

mounted Mount is often used as part of the name of specific mountains, e.g. Mount Everest. Mount or Mounts may also refer to: Places * Mount, Cornwall, a village in Warleggan parish, England * Mount, Perranzabuloe, a hamlet in Perranzabuloe parish, Co ...

to /keybase, and on

Microsoft Windows Windows is a Product lining, product line of Proprietary software, proprietary graphical user interface, graphical operating systems developed and marketed by Microsoft. It is grouped into families and subfamilies that cater to particular sec ...

systems it is usually mounted to the K drive. Currently, mobile versions of the Keybase client can only download files from kbfs, and can not mount it. However, they do support operations such as rekeying files as necessary. In October 2017 Keybase brought out end-to-end encrypted

Git Git () is a distributed version control system that tracks versions of files. It is often used to control source code by programmers who are developing software collaboratively. Design goals of Git include speed, data integrity, and suppor ...

repositories.

Public files

Public files are stored in /public/''username'', and are publicly visible. All files in the public filesystem are automatically signed by the client. Only the user who the folder is named after can edit its contents, however, a folder may be named after a comma-separated list of users (e.g. a folder /public/''foo,bar,three'' would be editable by the users ''foo'', ''bar'', and ''three''). Public files can be accessed by any user. Single user folders are displayed at and are also accessible by opening the directory in the mounted version of the filesystem. Multi user folders (such as /public/''foo,bar,three'') are only accessible through the mounted version of the system.

Private files

Private files are stored in /private/''username'', and are only visible to ''username''. Private folders, like public folders, can be named after more than one user (e.g. a folder /private/''foo,bar,three'' would be readable and editable by the users ''foo'', ''bar'', and ''three''). Private files can also be read only for users after "#" (e.g. a folder /private/''writer1,writer2,#reader1,reader2'' would be readable and editable by the users ''writer1'' and ''writer2'' but only readable for ''reader1'' and ''reader2''). Unlike public files, all private files are both encrypted and signed before being uploaded, making them end-to-end encrypted.

Team files

Team files are stored in /team/''teamname'', and are publicly visible to team members. All files in the team filesystem are automatically encrypted and signed by the client. Only users who are marked as writers can edit its contents, however, any readers can access the files stored there.

Teams

In September 2017, Keybase launched Keybase Teams. A team is described as "...a ''named'' group of people." Each team has a private folder in the Keybase filesystem, and a number of chat channels (similar to Slack). Teams can also be divided into "subteams" by placing a . in the team name. For example, wikipedia.projects would be a subteam of wikipedia, while wikipedia.projects.foobar would be a subteam of wikipedia.projects (and therefore, also of wikipedia).

Team administration

Teams are largely administered by adding signatures to a chain. Each signature can add, remove, or change the membership of a user in a team, as well as when changes are made to subteams. Each chain starts with a signature made by the team owner, with subsequent actions signed on by team admins or users. This ensures that every action is made by an authorized user, and that actions can be verified by anyone in possession of the public key used.

References

External links

* * {{GitHub, keybase Key management OpenPGP Free software programmed in Go Tor onion services Internet properties established in 2014 2020 mergers and acquisitions