A reference implementation for a Public Key Directory server is now available, implementing a Key Transparency specification designed to enable secure end-to-end encryption for the Fediverse. The system uses an immutable transparency log to publish public keys, allowing users to verify they're communicating with the intended recipient. The PHP-based server and client SDK are open source but still in v0.1.0 (not production-ready). The project aims to solve key management challenges that have prevented E2EE adoption in ActivityPub-based platforms like Mastodon, where direct messages are currently visible to instance administrators. Future work includes writing SDKs in multiple languages, creating a FASP specification, and eventually implementing full E2EE for Fediverse communications.
Table of contents
Why Should I Care About This?What is Key Transparency?Project ArchitectureA Brief RetrospectiveThe Path ForwardTowards E2EE for the FedvierseSort: