This Keybase app is no longer supported. Active development continues elsewhere.
Upgrade to our new client via our download page.
The keybase-issues repo is a consolidated issue repo for the whole project. We'll organize and tag issues there.
CLI for keybase.io written in/for Node.js
License: BSD 3-Clause "New" or "Revised" License
This Keybase app is no longer supported. Active development continues elsewhere.
Upgrade to our new client via our download page.
The keybase-issues repo is a consolidated issue repo for the whole project. We'll organize and tag issues there.
taco1: bad key: B707AD86 != 96D307BE
This only happens after we've signed a key for inclusion into our keyring. Before inclusion, it spits out the full PGP fingerprint, which is actually better!
Since @km
seems to be uninitialized.
If we download a new link from the server, we never update the parent user object, so it just keeps refreshing again and again.
The solution is simply to update the parent user object when adding chainlinks.
Rather than hack-parsing the human-readable output. This is probably the much more robust solution.
This can wait, but eventually, seems like a good idea.
Check the sqlite3 DB and delete keys accordingly.
Not sure what the plan of attack should be, but for now it's breaking regression testing for #16.
Maybe we should have a way to pick up halfway through. The slowest thing so far is signing up, and proving, and waiting for github/twitter, etc. Slow slow.
Probably need to factor out a lot of decrypt
Sometimes we don't get anything from stdout from gpg. Works fine on Mac but it's fucked on linux. keybase version
is fucking broken.
Chris's idea to keep keys used for verifying in a temporary single-use keyring. That way we don't have to worry about conflicts. It is nice idea but demands a big refactoring. Maybe leave it for Now.
Some issues include:
Look into it!
These errors on my machine.
This user has a twitter proof but not a github proof:
chris vangogh ~/git/keybase/keybase/sql >keybase track chris
warn: Missing track in signature
warn: Missing track in signature
warn: Missing track in signature
warn: Missing track in signature
info: Signature is already revoked: 263bedf900d6e8a2a430bb92b98f3c1ea1fab4e391b1abb9e0caa37264def8ed0f
info: Signature is already revoked: df33e3d366a9f30cb28a413c77b9b4b8900f1a227dae610f4b20204901f561830f
...checking identity proofs
✔ "kbtester1" on twitter: https://twitter.com/kbtester1/status/417699763287379969
/Users/chris/opt/node/lib/node_modules/keybase/node_modules/keybase-proofs/lib/scrapers/github.js:125
return api_url.indexOf("https://gist.github.com/" + username + "/") ===
and then when we tried to track chris1000, who has a key but no proofs:
keybase track chris1000
...checking identity proofs
/Users/chris/opt/node/lib/node_modules/keybase/node_modules/keybase-proofs/lib/scrapers/twitter.js:99
return api_url.indexOf("https://twitter.com/" + username + "/") === 0;
^
TypeError: Cannot call method 'indexOf' of null
at TwitterScraper.exports.TwitterScraper.TwitterScraper._check_api_url (/Users/chris/opt/node/lib/node_modules/keybase/node_modules/keybase-proofs/lib/scrapers/twitter.js:99:22)
at TwitterScraper.BaseScraper.validate (/Users/chris/opt/node/lib/node_modules/keybase/node_modules/keybase-proofs/lib/scrapers/base.js:34:17)
at /Users/chris/opt/node/lib/node_modules/keybase/lib/sigchain.js:450:31
at ok (/Users/chris/opt/node/lib/node_modules/keybase/lib/sigchain.js:465:23)
at Deferrals.runtime.Deferrals.Deferrals._call (/Users/chris/opt/node/lib/node_modules/iced-coffee-script/lib/coffee-script/iced.js:115:18)
at /Users/chris/opt/node/lib/node_modules/iced-coffee-script/lib/coffee-script/iced.js:127:26
at Object.runtime.trampoline (/Users/chris/opt/node/lib/node_modules/iced-coffee-script/lib/coffee-script/iced.js:94:16)
at Deferrals.runtime.Deferrals.Deferrals._fulfill (/Users/chris/opt/node/lib/node_modules/iced-coffee-script/lib/coffee-script/iced.js:126:26)
at iced.Deferrals.parent (/Users/chris/opt/node/lib/node_modules/keybase/lib/sigchain.js:442:38)
at ok (/Users/chris/opt/node/lib/node_modules/keybase/lib/sigchain.js:443:21)
yippee!
Right now we'll blindly allow it
Since we obviously don't need to pull from the server what we've written ourselves.
Right now, they're being imported into the main keyring. We might take the stance that keys are allowed in the main keyring that aren't trusted, but I think that's kind of ugly.
This might need to be solved, if at all, along with issue #29. Alternatively, there could be an obscure GPG option that I'm missing.
Maybe fetch the primary key, and then ask whether it in particular needs to be revoked or not.
Here is the sequence to consider:
keybase track/id A
and sees a failurekeybase track/id A
and still sees a failureThe problem is that chain links aren't strictly speaking immutable. They can change when the proofd process goes through and checks them. We can take the position that the client should do what proofd is doing. But it's nice to have all of that scraping happening on the server. The other alternative is for the client to update chain links for those with dead api_urls. Once the api_url is filled in, it shouldn't change.
This is a really annoying bug that's going to take some time to fix, unfortunately.
I'm not sure who's doing that, is it GPG?
And that slows things down every further.
We can probably be smart about not doing anything much in the case of the key already being in our keyring and signed, and skip the whole key import and signing process.
Don't get the right behavior if you untrack and then retrack. I think compression is broken.
With @fingerprint
and @get_fingerprint()
. It's quite ugly, let's clean it up.
...for users who make a lot of requests. The logged-out limit is 60/minute.
Right now, we just get a GPG failure and no further explanation.
...So maybe still want to run check_remote_proofs
Or maybe repartition the DB so that it can handle multple users?
We're checking every time now it seems, even on repeated keybase track --locals
s. I thought we didn't need to check the remote proofs in that case?
Need some work on this.
First of all, if the key is already imported and signed, then we shouldn't resign it, since it will prompt the user for a password.
Second of all, we probably want to ask the user if he's ok with it, before signing the key? Maybe we're already doing that with approval of remote proofs.
maybe it should be less so.
Ideally we could stick with one, or at the very least, need to be more explicit as to which is being used.
max@somme ~/s/keybase-node-client (master) [8]> make; and ./bin/main.js encrypt -m "hi" taco1
node_modules/.bin/iced -I browserify -c -o `dirname lib/command/encrypt.js` src/command/encrypt.iced
date > build-stamp
warn: Tracking was already revoked for e09d91b0fd45b7da6de3d5783b77d200 (ignoring untrack)
warn: Tracking was already revoked for e09d91b0fd45b7da6de3d5783b77d200 (ignoring untrack)
warn: Tracking was already revoked for e09d91b0fd45b7da6de3d5783b77d200 (ignoring untrack)
...checking identity proofs
✔ "tacovontaco" on twitter: https://twitter.com/tacovontaco/status/414116418955669504
✔ "tacoplusplus" on github:
Permnanently track this user, and write proof to server? [Y/n] n
warn: gpg: B707AD86: There is no assurance this key belongs to the named user
pub 1024R/B707AD86 2013-12-17 keybase.io/taco1 (v0.0.1) <[email protected]>
Primary key fingerprint: C3A1 EE10 4C35 A518 B660 9502 5308 C23E 96D3 07BE
Subkey fingerprint: B51A 5F3E 91DF 7124 2537 04E5 5F86 64C8 B707 AD86
It is NOT certain that the key belongs to the person named
in the user ID. If you *really* know what you are doing,
you may answer the next question with yes.
Use this key anyway? (y/N) y
-----BEGIN PGP MESSAGE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - https://gpgtools.org
hIwDX4ZkyLcHrYYBA/0fycbCVNIhYRes336v+2/WnQtIrfCbROYCzrzaQPVDCUNK
HaH+TD2S9sR+4UbWLaoOh8I4sQAbJT/2iljNLePxCxRJpQ1Ga7rXpSHu8lUSm7yX
zFgS9JVJxqKoINAxIUI21VQuBkpC9UHph9MY+t8S3EE8+a953Rx4oawy31ANFNI3
AcGD1GyAto4cPxmd+dVrRYFP6wqwVplUyWWyeakv78NU86WEpQdCZp9+vQ0FI2FH
/NAGVJcd8Q==
=iIJH
-----END PGP MESSAGE-----
since we're scraping output. I'm not sure of how best to solve this
And subclasses should say whether or not they want it...
http://www.freebsdmadeeasy.com/tutorials/freebsd/create-a-ca-with-openssl.php
Looks like we'll have to create a CA. Eventually the options we need are traced back to here:
http://nodejs.org/api/tls.html#tls_tls_connect_options_callback
Seems like the 'cert' option is just for client certificates. Seems like the ca
option
is the only way to distribute the server public key.
Some possible solutions:
Which is the agreed upon way to change users.
Also, a keybase logout
might be useful.
Will need 3sec to decrypt, of course.
Will list:
Others?
...Especially for scrapars
Rather than the short mofos. This is going to be extremely useful and protect against all sorts of collision attacks that we're now open to. Stil, I'm not stoked about the 64-bit target space, it might be the fundamental weakness of the system.
Move all of the iced-generic stuff like athrow
and bufeq_secure
from the latter to the former.
Need a reg test here.
End-to-end regression testing. We need to figure out how to make PGP keys in batch mode to make this possible. Or potentially, we can you KBPGP to do so, just for testing.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.