Skip to content

itsh3sam/ignis

BranchesTags

Repository files navigation

Ignis Logo

Ignis

Ignis is a minimal, self-hosted, zero-knowledge ephemeral secret sharing application built with Elixir, Phoenix, and the Web Crypto API.

Features

  • Zero-Knowledge: Secrets are encrypted in the browser. The server never sees the plaintext or the decryption key.
  • Ephemeral: Secrets are view-limited and time-limited. They are automatically deleted after the limit is reached.
  • Privacy First: URL fragments are used for keys, and IDs are moved to fragments to ensure the server logs contain no sensitive metadata.
  • Modern UI: Dark-mode only, minimal, responsive, and tactile with haptic feedback.
  • LiveDashboard: Real-time performance metrics and monitoring, protected by Basic Auth.

How E2EE Works

Ignis ensures your data remains private using a "Zero-Knowledge" architecture. This means the server hosting the application knows nothing about the content of your secrets.

1. Client-Side Encryption

When you create a secret, your browser generates a random 128-bit AES-GCM key locally using the Web Crypto API. Your message is encrypted inside your browser before it ever touches the network.

2. Zero-Knowledge Storage

The browser sends only the encrypted ciphertext, the Initialization Vector (IV), and the Authentication Tag to the server. The server stores these bits in the database along with your chosen expiration rules (views/time). The decryption key is never sent to the server.

3. The URL Fragment Strategy

Ignis generates a link in the following format: https://ignis.locker/v#IDKey

  • The Fragment (#): In the HTTP protocol, any data following the # symbol is processed only by the browser and is never sent to the server in the request headers.
  • Access ID: The first 6 characters of the fragment are the unique ID used to retrieve the encrypted data from the server.
  • Decryption Key: The remaining characters are the AES key.

4. Decryption

When a recipient opens the link:

  1. The browser loads the minimal Ignis decryption page.
  2. JavaScript extracts the ID and Key from the URL fragment locally.
  3. The browser requests the ciphertext from the server using the ID.
  4. The browser decrypts the data using the Key and displays it.
  5. The server immediately deletes the record if the view limit is reached or it has expired.

The Role of the API Layer (SecretController)

The SecretController serves as the API bridge between the server's database and the client-side browser where the actual "zero-knowledge" work happens.

1. Fetching the Encrypted Payload

The DecryptHook in the frontend needs to retrieve the encrypted data (ciphertext, IV, and tag) from the server before it can decrypt it using the key in the URL fragment. Using a standard HTTP request for this fetch ensures that the raw encrypted bytes are handled cleanly without triggering unnecessary LiveView re-renders.

2. Atomic View Decrementing

When a secret is fetched, the database must atomically decrement the views_remaining count. By performing this inside a controller-driven API endpoint, Ignis ensures the "fetch and decrement" happens in a single, clean database transaction, preventing race conditions or accidental over-consumption of views.

3. Enumeration Protection

The API is protected by a Rate Limiter (Hammer) that restricts the number of requests per IP address. This makes it mathematically impossible for an attacker to "guess" active secret IDs through brute-force enumeration, as their IP would be blocked long before they could successfully find a valid record in the vast 68.7 billion ID space.

4. External API Access

While the web interface uses LiveView for a rich experience, the SecretController also provides a traditional REST API. This allows external tools, scripts, or other applications to securely create and retrieve secrets programmatically.

Getting Started (Docker)

The easiest way to run Ignis is with Docker. You can use our pre-built images from Docker Hub or GitHub Container Registry:

  • Docker Hub: hesamnorin/ignis:latest
  • GHCR: ghcr.io/hesamnorin/ignis:latest
  1. Clone the repository:
  git clone https://github.com/itsh3sam/ignis.git
  cd ignis
  1. Create an environment file: Copy .env.example to .env and fill in the values. Note: Generate a secure SECRET_KEY_BASE with openssl rand -base64 64 or mix phx.gen.secret.
  2. Run with Docker Compose:
  docker-compose up -d

Ignis will be available at http://localhost:4000.

Monitoring and Administration

Ignis includes a built-in LiveDashboard for real-time monitoring of your instance.

  • URL: http://your-domain.com/dev/dashboard
  • Authentication: Protected by Basic Auth.
  • Configuration: Set DASHBOARD_USERNAME and DASHBOARD_PASSWORD in your .env file or environment variables. Defaults to admin/admin.

Development

For detailed information about the project architecture, directory structure, and development workflow, see the Development Guide.

Prerequisites

  • Elixir 1.19+
  • PostgreSQL 16+
  • Node.js 20+

Setup

  1. Install dependencies:
  mix setup
  1. Start the Phoenix server:
  mix phx.server

Security

  • Encryption: AES-GCM 128-bit (client-side).
  • Storage: Encrypted blob stored in PostgreSQL.
  • Delivery: Decryption key stored in the URL fragment (#), which is never sent to the server.
  • Headers: Strict CSP and security headers enabled.

License

MIT

About

Minimal, self-hosted, zero-knowledge ephemeral secret sharing. Built with Elixir, Phoenix, and client-side AES-GCM encryption.

ignis.locker

Topics

elixir phoenix encryption aes-gcm ephemeral phoenix-framework e2ee zero-knowledge secure-sharing privacy-first tailwind-css phoenix-liveview

Resources

Readme

License

Apache-2.0 license
Activity

Stars

12 stars

Watchers

0 watching

Forks

0 forks
Report repository

Packages

 
 
 

Contributors

Languages