NHacker Next
  • new
  • past
  • show
  • ask
  • show
  • jobs
  • submit
Show HN: Ellipticc Drive – open-source cloud drive with E2E and PQ encryption (ellipticc.com)
19 points by iliasabs 1 days ago | 10 comments
pixel_popping 12 hours ago [-]
I don't understand the Github repo, it shows some sort of drafted/vibe-coded frontend, but the actual program isn't open-source?
iliasabs 7 hours ago [-]
[dead]
QuiCasseRien 18 hours ago [-]
Nice, but please stop with the words "forever" when it's about costs, ie: "free forever". It harms your message.
iliasabs 14 hours ago [-]
Thanks for your advice!
foxylad 1 days ago [-]
Your "About" links seem not to work. In my case I was interested in where data is hosted, and the only information I see (from your HN post) is that you are from Paris. Does this mean EU hosting (which is good)?
iliasabs 13 hours ago [-]
Yes, sorry — I’ve focused more on the actual logic of the dashboard rather than the landing page, which still lacks polish. Regarding the data, all your files are stored on Backblaze B2 servers (EU-central), with their data centers located in Amsterdam, Netherlands. I hope I’ve answered your question correctly.
some_furry 1 days ago [-]
Your post here says ML-KEM768 but the website says Kyber512.

Also, this SRP implementation seems a bit... sus.

https://github.com/ellipticc/drive-frontend/blob/main/lib/sr...

iliasabs 13 hours ago [-]
Thanks for pointing that out! Could you elaborate on what specifically looks off about the SRP implementation? I tried to follow RFC 5054 with some minor adjustments for the frontend (using hash-wasm and fixed-length encoding to match the server), but I’d really appreciate feedback if something looks wrong or insecure.
some_furry 13 hours ago [-]
Side-channels. Also, N and G matter a lot to security; not making those hard-coded and transparent is sus. You can't just use a normal DH group.

I would recommend OPAQUE instead.

iliasabs 12 hours ago [-]
[dead]
groby_b 1 days ago [-]
"Open Source" is a pretty clear case of lying by omission.

You open sourced the frontend. Without a clear license.

That's not an "open-source cloud drive"

iliasabs 13 hours ago [-]
Thanks for the feedback — to clarify, only the frontend is open-sourced at the moment, sorry for any confusion. I’ve also just added an MIT License to make that explicit. The backend isn’t public yet, but we may open parts of it later.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact
Rendered at 02:31:01 GMT+0000 (Coordinated Universal Time) with Vercel.