Distributing notes via Keybase

What is Keybase?

Keybase is a very interesting service which provides a distributed filesystem that’s fully encrypted. From their website:

“Keybase aims to provide public keys that can be trusted without any backchannel communication. If you need someone’s public key, you should be able to get it, and know it’s the right one, without talking to them in person.”

The encrypted filesystem they provide is named kbfs and has some very innovative properties. Say I want to save an encrypted file that only I can read/write:

vim /keybase/private/jmcfarlane/notes.txt

Boom, I have a file that I can read/write from any computer where I have Keybase installed, no one else has access to it, and it’s encrypted so if someone hacks the data it’s unreadable to them 👍

What is Notable?

Notable is a little program I wrote to solve the lack of encrypted notes (on Linux) without requiring a service outside of my control. From it’s website:

“A very simple note taking application. It has no dependencies and ships as a static binary.”

Why are they interesting together?

When I first created Notable it nicely solved the one problem that I had. However I wanted access from multiple computers. As of 2d71d70 Notable has had support for writable -secondary nodes. This means that when Notable saves it’s data to a distributed filesystem (separation of concerns) all nodes have write access, and one of the nodes is designated as the primary. Since Keybase has a POSIX compliant filesystem we can combine it with Notable for distributed notes!

Run a primary node

Because Keybase has support for public access, you can run the latest version without even installing it (if you want to install it yourself see the releases, or Docker or build it yourself).

# From computer A
/keybase/public/jmcfarlane/notable/linux/notable \
    -db=/keybase/private/jmcfarlane/notable/notes.db \
    -daemon=false

Navigate to http://localhost:8080 and create a note!

Run a secondary node

Secondary nodes have write access, but not directly to the database. They write to journal files that get merged at runtime. Once they exist the primary node writes the changes to the database and the secondary nodes reload. It’s not perfect, but it works (on a crude level).

# From computer B
/keybase/public/jmcfarlane/notable/linux/notable \
    -db=/keybase/private/jmcfarlane/notable/notes.db \
    -daemon=false \
    -secondary

Navigate to http://localhost:8080 and modify the same note!

Words of caution

  1. This support is very new. The API seems to be working on a basic level.
  2. The Web UI is extremely rudimentary. Secondary nodes do a DOM reload when upstream changes are detected, without any consideration for any notes currently open for edit.
  3. You can mix and match platforms. For example you can run the primary on Linux and secondaries on Macos and FreeBSD.
  4. Much work is needed to better handle client side state (state is hard).

Other filesystems

Notable should work with any POSIX compliant filesystem. For example it’s also known to work with Syncthing. Syncthing does not actually provide a filesystem, but a synchronization mechanism on top of your native filesystem. This has the added benefit that primary or secondary nodes can operate without an internet connection. Additional detail will be written about these in time.

Bug reports welcome: https://github.com/jmcfarlane/notable