this post was submitted on 21 May 2025
6 points (100.0% liked)

Experienced Devs

4339 readers
2 users here now

A community for discussion amongst professional software developers.

Posts should be relevant to those well into their careers.

For those looking to break into the industry, are hustling for their first job, or have just started their career and are looking for advice, check out:

founded 2 years ago
MODERATORS
snowe@programming.dev
jmk1ng@programming.dev
drewsiferr@programming.dev
6
I have a fairly unique architecture where i have actively tried to make it as "browser-based" as possible. (positive-intentions.com)
submitted 1 week ago by xoron@programming.dev to c/experienced_devs@programming.dev
2 comments fedilink hide all child comments
 

https://positive-intentions.com/blog/decentralised-architecture

Creating webapps is easy enough, but in my app, im kinda going against the "best-practices".

For example, im using browser-based cryptography exclusively. while it can be easy advice to suggest to consider using a server to generate keys, i want to contrast it against a webapp that would be sandboxed within the browser.

I'd appriciate if you would be interested to share your thoughts on the approach. I'm aiming for this project to be the foundation towards the most frickin' secure messaging app in the universe. It might be too ambitious, but I'd like to set the bar high.

top 2 comments
sorted by: hot top controversial new old
[โ€“] Lodra@programming.dev 1 points 6 days ago (1 children)

If you want client side security and trust, then you may want to consider wasm.

[โ€“] xoron@programming.dev 1 points 6 days ago* (last edited 6 days ago)

Thanks!

https://www.reddit.com/r/cryptography/comments/1cint8h/what_are_your_thoughts_on_subtlecrypto_vs_wasm/

Tldr; I had that question before myself. It doesn't seem to introduce any improvement over WebCrypto API which itself should have gone through peer-review and auditing. ("Choose your browser wisely" could be considered the advice here.)

I'd like to still look into wasm for several other details of the project, but it seems the built-in browser cryptography functions are performant and generally pretty good if used correctly.