dee: Rust cli for drand
Retrieve public randomness, and encrypt your files to the future. dee provides a drand client, and support for timelock encryption.
Tables of Content
Features
- Retrieve drand randomness
- Manages multiple beacons locally
- Timelock encryption and decryption
- Chain and unchained randomness
- Signatures verification on G1 and G2
- Customizable output format
- Cross platform (Linux, Windows, macOS)
- Interroperability with Go and JS implementation
- wasm32 compatible library
What's next
- P2P randomness retrieval
- Offline timelock decryption
Installation
| Environment | CLI Command |
|---|---|
| Cargo (Rust 1.74+) | cargo install dee --git https://github.com/thibmeu/drand-rs |
On Linux, Windows, or macOS, you can use the pre-built binaries.
Usage
You can use the --help option to get more details about the commands and their options.
Manage remote beacons
Add quicknet remote beacon, and shows details about it.
Retrieve public randomness
Retrieve round 1000 from quicknet.
Timelock encryption
Encrypt Hello dee! string to 30 seconds in the future, using quicknet publickey. If you wait 30 seconds before decrypting, the message is decrypted using the new quicknet signature.
echo 'Hello dee!' | dee crypt -u quicknet -r 30s > data.dee
dee crypt --decrypt data.dee
Hello dee!
Common remotes
| ID | Remote | Timelock encryption |
|---|---|---|
quicknet-cloudflare |
https://drand.cloudflare.com/52db9ba70e0cc0f6eaf7803dd07447a1f5477735fd3f661792ba94600c84e971 |
Yes |
quicknet-pl |
https://api.drand.sh/52db9ba70e0cc0f6eaf7803dd07447a1f5477735fd3f661792ba94600c84e971 |
Yes |
mainnet-cloudflare |
https://drand.cloudflare.com |
No |
mainnet-pl |
https://api.drand.sh |
No |
dee does not come with a default remote beacon. You should decide whichever suit your needs.
More beacons origin are available on drand website.
Security Considerations
This software has not been audited. Please use at your sole discretion. With this in mind, dee security relies on the following:
- tlock: Practical Timelock Encryption from Threshold BLS by Nicolas Gailly, Kelsey Melissaris, and Yolan Romailler, and its implementation in thibmeu/tlock-rs,
- Identity-Based Encryption by Dan Boneh, and Matthew Franklin, and its implementation in thibmeu/tlock-rs,
- The League of Entropy to remain honest,
- age encryption protocol, and its implementation in str4d/rage,
FAQ
Default configuration path
dee configuration file is available at the following
| OS | Path |
|---|---|
| Linux | /home/alice/.config/dee/default.toml |
| Windows | C:\Users\Alice\AppData\Roaming\dee\config\default.toml |
| macOS | /Users/Alice/Library/Application Support/rs.dee/default.toml |
Other implementations
drand API specification is at drand.love/docs/specification. drand is based on Scalable Bias-Resistant Distributed Randomness by Ewa Syta, Philipp Jovanovic, Eleftherios Kokoris Kogias, Nicolas Gailly, Linus Gasser, Ismail Khoffi, Michael J. Fischer, and Bryan Ford. The reference interroperable Go implementation is available at drand/drand.
timelock encryption was published in tlock: Practical Timelock Encryption from Threshold BLS by Nicolas Gailly, Kelsey Melissaris, and Yolan Romailler. The reference interroperable Go implementation is available at drand/tlock.
Rust libraries
dee focuses on building a cli. It relies on Rust libraries to use drand or perform timelock encryption.
If you're looking to implement your own Rust application on top of drand and/or timelock encryption, you can use the following:
- drand_core: drand client,
- tlock: raw tlock implementation, allowing messages up to 16 bytes,
- tlock_age: hybrid encryption, age phassphrase is encrypted using tlock,
License
This project is under the MIT license.
Contribution
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you shall be MIT licensed as above, without any additional terms or conditions.