this post was submitted on 21 May 2025
8 points (100.0% liked)

Experienced Devs

4341 readers
1 users here now

A community for discussion amongst professional software developers.

Posts should be relevant to those well into their careers.

For those looking to break into the industry, are hustling for their first job, or have just started their career and are looking for advice, check out:

founded 2 years ago
MODERATORS
snowe
jmk1ng
drewsiferr
8
I have a fairly unique architecture where i have actively tried to make it as "browser-based" as possible. (positive-intentions.com)
submitted 2 days ago by xoron to c/experienced_devs
2 comments fedilink hide all child comments
 

https://positive-intentions.com/blog/decentralised-architecture

Creating webapps is easy enough, but in my app, im kinda going against the "best-practices".

For example, im using browser-based cryptography exclusively. while it can be easy advice to suggest to consider using a server to generate keys, i want to contrast it against a webapp that would be sandboxed within the browser.

I'd appriciate if you would be interested to share your thoughts on the approach. I'm aiming for this project to be the foundation towards the most frickin' secure messaging app in the universe. It might be too ambitious, but I'd like to set the bar high.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] Lodra 1 points 1 day ago (1 children)

If you want client side security and trust, then you may want to consider wasm.

[โ€“] xoron 1 points 1 day ago* (last edited 1 day ago)

Thanks!

https://www.reddit.com/r/cryptography/comments/1cint8h/what_are_your_thoughts_on_subtlecrypto_vs_wasm/

Tldr; I had that question before myself. It doesn't seem to introduce any improvement over WebCrypto API which itself should have gone through peer-review and auditing. ("Choose your browser wisely" could be considered the advice here.)

I'd like to still look into wasm for several other details of the project, but it seems the built-in browser cryptography functions are performant and generally pretty good if used correctly.