TL;DR - treat this as you would home-made beer from someone you don't know. You'd probably hold it at arms length, have a smell, and maybe try the taste...but you wouldn't start selling it in your hip bar without knowing anything about it!
Anyway, hope others interested in crypto can enjoy this. I am not a crypto-expert, just a moderately-talented-at-crypto-hobbyist, or somethin. Code: https://github.com/dosyago-coder-0/dosycrypt
In the latter case you trust the server to discard the keys after them being used. In the former case you trust the server to not transiently serving you javascript that exfiltrates the keys. In both cases this trust has not just to be extended once (which would make things auditable) but during every single transaction.
True in this case, but not necessarily true. IPFS[0] allows you to ensure that the content you're receiving is correct (if you run a local gateway, which you should), because the URL is basically a content hash.
Therefore if you know the code is secure in the first place, you can always visit the same URL and know that you're getting "safe" code that doesn't exfiltrate the keys or plaintext. This then presents the same trust model as running code locally, except you don't need to install anything: you just visit the correct URL, and the code is running, with all the same trust as it would have if you downloaded it and kept it safe from modification.
[0] https://ipfs.io/
This means that if a website uses this and generates a key through the Web Crypto API on the first access, the user only needs to trust the site on the first access (to serve javascript that actually uses the Web Crypto API) in order to trust that the key material stays safe. (However, if the website admin turns evil and wants one of the user's files to be decrypted, they could serve javascript to the user that silently makes them decrypt the file for the admin, so the problem isn't completely solved.)
The site operator can of course nefariously and randomly serve JS that exfiltrates keys, but users at least have the _ability_ to audit every single transaction.
I'm planning on making a library to make it easy to make a web app trust-on-first-use. The main blocker is https://github.com/w3c/ServiceWorker/issues/1208 (which would fix the non-critical but less-than-ideal issue described under "Service Worker lifecycle" in the blog post).
https://github.com/Spark-Innovations/SC4
SC4 has undergone a security audit.
Not true. And if there something you don't like about the licensing, it would be more constructive to begin by asking the author privately if they'd be willing to change the license terms rather than complain about it on a public forum.
