Roadmap

Suggesting a new feature

If you'd like to suggest a new feature, feel free to open a feature request on GitHub. However, please read the Goals section first.

v4.1.1

  • Update to .NET 8.

  • Update the dependencies.

  • Fix the trimming issues with CommandLineUtils.

  • Support ConsoleKey.Delete deleting characters in the passphrase entry.

  • Hide the vcruntime140.dll file from the user on Windows.

  • Investigate better erasure of secrets (e.g. the passphrase) using Monocypher.

  • Add a warning when the user enters a password containing Unicode characters.

v4.2.0

  • Add a -b|--batch option for automated use cases that rejects interactive input and terminates the program when an error/exception occurs?

  • Consider -q|--quiet to hide output.

  • Investigate globbing.

  • Investigate stdin support.

  • Display -h|--help with no user input if possible.

Long run

Breaking

  • Consider AEGIS-256 for encryption. Much faster, well analysed, and fully committing (assuming the associated data is hashed).

  • Consider switching the KDF from salted BLAKE2b. Unfortunately, there's basically nothing except HKDF-SHA-2, which is needlessly inefficient. Could use BLAKE3, but that would require another dependency.

  • v2 of the signature format should use Ed25519ph for prehashing. It wasn't available in the previous libsodium binding.

  • Reconsider hedged signatures.

  • Reconsider random nonces (e.g. for private key encryption).

  • Could switch to libsodium's secretstream API for file encryption. This wasn't available in the previous libsodium binding. One may be coming for AEGIS. Or just write a STREAM library, which I should do anyway.

  • Support more recipients/change the key wrap header approach.

  • Remove free space from the file metadata header.

  • Consider ASCII armour/Minisign style detached signature files.

  • Will need to eventually switch to post-quantum asymmetric primitives - KEM and signing. This requires waiting for further analysis and library support (likely years). The UX will be terrible.

  • Consider supporting unencrypted private keys for non-interactive use cases.

Non-breaking

  • Support non-detached signatures?

  • Confirm y/n before -o|--overwrite?

  • Do a progress bar like Docker?

  • Consider supporting YubiKeys via the .NET YubiKey SDK. A decision needs to be made whether to use PIV, which requires the 5.7 firmware for X25519/Ed25519, or challenge-response, which is symmetric, allows backups, and works with older YubiKeys.

  • Have a trusted folder for public keys, with separate files or folders for encryption/signing? No idea what the UX would be.

  • Add support for generating vanity address public keys?

Last updated