dashfiles v0.2.1
DashFiles CLI
DashFiles is a data storage app that features strong privacy, so you encrypt files locally before storing.
This project is experimental and should not be used for production yet.
Your DashFile Profile
Locally, DashFiles uses the file .dashfile to manage your profile. Most CLI commands require your profile. If it cannot be found in your working directory or its ancestors, one is automatically generated. DashFiles maintains a remote directory of your files with directory containing .dashfile serving as the remote root. Your .dashfile is a YAML file structured like this:
.dashfile
profile:
publicKey: 6ovGwDUSNRgV2RvTONsw6JBU2kCZA379ELrsS3/ojQo=
device:
privateKey: Q8kehMPhEWxyoP3MlbX9LAIMCeO9YRSekzTdFWRQqsY=
publicKey: a5xasUsJTcQ5w0UwERNb98TOUHw5e+grUVym+jq1aD4=Your profile public-key serves to anonymously identify and reference your profile. Files are encrypted using the corresponding private-key, but it is not stored directly.
To safely make your profile private-key available to multiple devices, each device is assigned a device key-pair. The device public-key is used to identify the device and authorize requests to the DashFiles API, while the device private-key is used to encrypt the profile private key before storing it with the API.
Using this scheme, the device private-key never leaves your device, and the profile private-key is only ever stored in an encrypted form. Therefore, if you delete .dashfile, you lose access to your profile private key and your files.
Installation
npm install dashfiles -gThis gives you the command-line executable dash.
Command-Line Usage
Files
DashFiles maintains a remote tree mirroring local storage, with the directory containing your .dashfile serving as the remote root. These commands allow you to manipulate files in the remote tree.
These commands all accept file specifications as shell expressions. You may input a single file, multiple files, a directory (which will be acted upon recursively), or an expression containing a wildcard to be expanded.
push
dash push file file2 file3...
This updates the remote tree to be identical to the local files. This is a destructive operation: remote files are added, updated, or removed to make remote storage conform to the local tree. push requires an input, allowing you to limit the update to a single file or directory (causes a recursive update), or you may use a wildcard expression to act more broadly. If the remote files are identical to the local ones, no action is taken.
get
dash get file file2 file3...
This retrieves a target file or directory (acts recursively) from remote storage - if available - decrypts it, and saves it to local storage. This operation is non-destructive and insensitive to versioning. If the target filename already exists, it is appended with a file count. ex foobar-1.txt
put
dash put file file2 file3...
This takes a specified file or directory (acts recursively), encrypts it, and uploads it to your profile's remote storage. This operation is destructive and insensitive to versioning. The local file is taken as authoritative and overwrites the remote file, if it exists.
delete
dash delete file file2 file3...
This removes a target file or directory (acts recursively) from remote storage. This operation is destructive and insensitive to versioning, but has NO EFFECT locally.
list
dash list
This provides an alphabetical listing of all available remote files relative to your current working directory. If there are remote files in the ancestor to your working directory, they are not printed. list fully lists the contents of directories and their descendants.
Contacts
DashFiles supports storing contact information in your profile to allow you to register additional devices via multi-factor authentication. However, this feature is entirely optional. No contact information is required to use DashFiles on a single device.
contact add
dash contact add --phone country-code --email email-address
This adds a piece of contact info to your profile. You may specify either an email address, a phone number, or multiple of either. Adding a new contact will cause DashFiles to issue a validation message with a six-digit code. You have three minutes to retrieve that code and input it with dash contact validate.
contact validate
dash contact validate code
This is allows you to submit the validation code issued to the address you specified with dash contact add. DashFiles looks up the contact attached to the code and validates the contact. Afterwards, that contact is fully empowered to authorize new devices.
contact delete
dash contact delete phone-number OR email-address
This allows you to delete a contact (validated or not) from your profile. This operation can only be issued by an authorized device, but does not require additional authentication. This operation is destructive. You will have to go through the validation flow if you wish to use the contact again.
contact list
dash contact list
This provides a list of the contacts associated with this profile and whether they are validated.
Devices
DashFiles supports functioning across multiple devices. Provided you have a validated contact, you can go through a registration flow to safely add a new device and gain access to remote files.
device add
dash device add profile-public-key--contact email-address OR phone-number]
This allows you to register a new device with your profile. You need the public profile key in the original device's .dashfile and a validated contact already in your profile. If you have more than one, you may specified your desired authorization method with the --contact flag. DashFiles provisionally attaches the new device to your profile. You will then receive a six-digit validation code at that contact and have three minutes to use it with dash device validate on the original device.
device validate
dash device validate code
This accepts the six-digit validation code generated with dash device add. You use this command from an authorized device to validate a request to register a new device. If the code is valid, the client then encrypts the profile private key for the new device (with the new device's public device key). dash device complete is a final step required on the new device.
device complete
dash device complete
This is the final step in the new device registration flow. The new device needs to decrypt the profile private key that the original device prepared and then store a new copy encrypted with the new device's private-key. After this command, the new device is fully registered. It now has a .dashfile file and full rights to access the remote file tree.