E2EE RSS Reader
I mentioned in my last Captains Log that I was curious if a web-based privacy focused RSS reader could be built, and I think I'm onto something 👀
User creates an anonymous account with the service; just has to pick a username. Passkey is created and the credential info is stored on the server db
User logs in with the passkey, and using the WebAuthn PRF extension, creates a key that's used for encrypting and decrypting files
User can add RSS feeds client side and it builds a JSON file index that keeps track of the subs, number of posts, read or unread, etc.
The JSON is encrypted and stored in blob storage with the server
User can log back in anytime from multiple devices by using the same username which will prompt the created passkey. This will authenticate them, pull down the encrypted JSON, and decrypt it client side
In the end you get a service that takes advantage of cloud services or self hosted options and the owner of the server has no way to see who the users are or what they're subscribed to. If this sounds like something worth pursuing and building a more robost web app, let me know via email below!