Skiff is Open Sourcing

Transparency is a core component of Skiff's philosophy

Jason GinsbergApril 16, 2021
Skiff open source component library and AEAD encryption library on github

We believe that open sourcing is an essential part of building trust around secure products. As a first step to completely open sourcing Skiff, we're sharing two key components of the Skiff codebase: our typed-AEAD envelope and UI component libraries.

Typed-AEAD Envelopes

As we scaled out our platform, it became important to be able to inspect metadata without having to decrypt objects. This would both save compute and prevent decryption of badly-formatted data.

Our authenticated encryption with associated data (AEAD) envelopes library allows us to embed additional information in the output of encryption functions. While the nacl family of envelope functions (e.g. secretbox) only support encryption-related metadata (e.g. nonces), our library is more extensible. We currently use our AEAD library at Skiff to validate data versions and types.

Skiff UI

Skiff UI is a react components library for the Skiff UI Design System. It's currently in-use almost everywhere on our app. Over time we plan to continue adding more security and privacy-focused components to the library. Our hope is that Skiff UI will be able to spread usability to security products more widely.

The two libraries can be accessed at the following links: Typed Envelopes and Skiff-UI. We're releasing them under the GNU AGPLv3 license.

Getting Involved

We look forward to having more eyes on our codebase, and appreciate any feedback. If you have any questions or ideas, feel free to reach out to us at [email protected]


Get access to Skiff

Become a part of our 100,000+ community.

We care about protecting your data. Here’s our Privacy Policy.