keyoxide-blue

What is Keyoxide?

Keyoxide is a decentralized platform for online identity verification based on the Ariadne Identity specification.

How do I find a profile?

To find someone's profile, you must know their key's fingerprint (something that looks like 5DC026DDD293736A3B305F42B6558943003E6A70) or their email address, which you will put in the search field above and press enter.

How do I create my own profile?

The following steps are a good way to create a profile, but it's only a way. Read up on the Keyoxide documentation for more details or use your own process if you know what you are doing.

Note: this process will get a lot simpler within a few months! Stay tuned via the Keyoxide blog.

  1. Install gpg: Linux users usually already have it or can easily install it through package managers, Gpg4win for Windows users, GPGTools for Mac users.

  2. In a terminal, run gpg --full-gen-key --expert.

  3. Select (10) ECC (sign only) and then (1) Curve 25519.

  4. Set the key to expire in 2y and then confirm that this is correct with y. Using a calendar, set a reminder to renew your key in one year.

  5. Enter your real-or-fake name and a valid email address (you will receive a confirmation email). Confirm with O as in Okay.

  6. Enter a password to protect your key. Optionally use a password manager to store it.

  7. Run gpg -K, find the key you have just created and copy the 40-character fingerprint (looks something like 5DC026DDD293736A3B305F42B6558943003E6A70 but with different characters).

  8. Run gpg --edit-key FPR where you have replaced FPR with the fingerprint from the previous step.

  9. Run notation.

  10. Assuming you wish to verify a Fediverse (ActivityPub) account like Mastodon/Pleroma/Pixelfed/etc, run proof@ariadne.id=https://fosstodon.org/@yarmo — of course, replace with the URL to your own profile!

  11. Enter your password and confirm. Save and quit by running save.

  12. Run gpg --armor --output public.asc --export FPR (replace FPR with your own key's fingerprint).

  13. In your browser, go to keys.openpgp.org/upload and upload the public.asc you have created in the previous step.

  14. You will receive a verification email in which you will need to click on a link.

  15. Log in to your Fediverse account and edit your profile. Add your fingerprint to your bio or, if your account is on a Mastodon instance, add it as the content to a Profile metadata item.

  16. You are now done! Search for your fingerprint above and you should see your profile.

If you'd like to add more/other identity claims, go to the Keyoxide documentation and click on the Service providers section.

How is this different from keyoxide.org?

While made by the same developer, this is more of an experimental playground version, different design, perhaps different features. Some things might get ported over to keyoxide.org, some might not. Expect things to work, be prepared for things to be broken.

This page's logic is fully client-side, has no JS frameworks for minimalism and only depends on the openpgp.js and doip.js libraries for the identity verification.