Applications on Peergos

Published: Tue 20 August 2019

They're here - the first apps for Peergos!

The first application we've made available is a read-only viewer for PDF files. This is a super-simple app which adds very useful functionality to Peergos. Now you can securely and privately read PDF files within Peergos.

PDF Viewer
PDF Viewer

The second app we've enabled is an editor for text or code. We support plain text, markdown, and major programming languages like Java, Go, Rust, Javascript, HTML, etc. This is huge! You can use the text editor as a secure password manager, a to do list and more!

Text/Markdown/Code editor

These great new features are made possible by a technique we've recently discovered. The key component is a sandboxed iframe. Browsers now let you lock down code in an iframe so that it can't communicate to the outside world (i.e. can't make AJAX requests) and is totally isolated from the parent web page. The isolation provided by the sandboxed iframe is absolutely critical to us because when you are logged in, your keys are stored in memory and must be protected from any potentially malicious code. We can run untrusted code in a sandboxed iframe which only lets you render HTML, CSS, run Javascript, and send and receive specific messages to and from the parent. This messaging API keeps privileged code and keys separate from the application running inside the iframe.

For the PDF viewer, we simply imported pdf.js from Mozilla and implemented a one-way message from the external context which sends the content of the PDF to render. For the text editor, we used a great library called Codemirror. This app required a slightly more complicated protocol than the one-way message system of the PDF viewer. We just needed a message to send the modified content back to the external context, and the privileged code could then save the modified file contents.

One of our goals has been to enable third party applications inside Peergos. These would be apps which you can choose to install and grant permissions to using the strong authentication, encryption and access control in Peergos, but which run in a strict sandbox. Eventually we want to allow users to edit HTML and Javascript files directly in a folder in Peergos and declare it as an application. This would give users a live editing environment, easy publishing, and auditable proofs of the authorship of apps. You could even host your website directly in Peergos and edit it in place!

Before we open up the sandbox to truly untrusted apps, there is one prerequisite. Currently, browsers don't put sandboxed iframes into a different operating system process, which is necessary to be fully protected from CPU vulnerabilities such as Spectre or Meltdown. Both Firefox and Chrome are in the process of moving iframes to separate processes and once that lands, we can enable 100% safe sandboxes for Peergos applications!

In the meantime we can use it to curate semi-trusted apps like the PDF viewer and text editor. We'd love to hear what you use the text editor for!

Happy Peergossing!

-The Peergos team


Back to Top