Awesome
Dukkhaless Self-Care Client
A safe place to write your thoughts, and track the progress of mental health recovery.
Planned Features
- Secure Diaries
- Configurable Calendars with support for mood/diet logging.
- Secure Tagging of items for searching/filtering. The tags will be stored in a hashed format so they can be queried and searched without recording their text.
- Secure sharing of diaries/calendars with explicitly whitelisted parties.
- Support for creating and visualising timelines of events.
- DBT Template for analysing pros/cons of a possible decision
- CBT ABCD template with saving X. More to come, these are just the initial steps. User feedback and information will play a major role in where we go in the future.
Privacy System
The Dukkhaless Self-Care platform identifies three key security concerns.
- The user must be able to encrypt data for themselves and only themselves to read.
Secretboxalgorithm is used to secure user data for their own viewingSecretboxmakes use of yoursymmetric key.
- The user must be able to send data to a specific individual (ie. their physician such that only that individual can read it.)
Boxalgorithm is used to send data between users.Boxmakes use of yourprivate keyand the recipient'spublic key
- Only the owner of the user data should be able to change it.
- This goal is achieved via typical sign-in credentials, ie username and password.
Technical notes on addressing these concerns
- The program uses the
tweetnacl-jslibrary to handle client-side encryption - The program introduces a concept of a
keyring, a block of text which the user must keep private and secure- The
keyringis used to send data privately to specific individuals (like your physician) AND to encrypt your data so that ONLY you can read it. - Even the Dukkhaless Self-Care servers cannot read the contents of your data except for the minimum metadata to make sure it only gets sent to you. (i.e. the username that goes with a diary entry, and the info needed to sort them by most recent.)
- The
- The
keyringhas three keys within it.- A public key which the server keeps a copy of so that people can encrypt their data for only you to read it. A
public keyis safe to share without reducing privacy. - The
private keythat is paired to the public key. This is used to read messages that are sent to you. - The
symmetric keythat is used to encrypt your data for you to read. This key should be treated as securely as the private key as it represents your personal access to your data.
- A public key which the server keeps a copy of so that people can encrypt their data for only you to read it. A
Problems That Still Require Solving
- User password recovery without invading user privacy (i.e. demanding an email address)
- Risk of user data loss when they key is lost.
Software Licensing
This program is licensed under the GNU General Public License Version 3. For details consult the LICENSE file.
Some source files are special cases and licensed under more permissive licenses such as Apache Version 2. This is done where the code is copied whole or in part from another individual who has licensed the software as such. Licenses are preserved so that authorship and rights do not be confused, and to protect and thank those authors who made this work possible. Such special files will have a license notice at the top of each file clearly demarking them as licensed differently from GPLv3.
Setting Up Your Development Environment
- Download latest stable nodejs from here
npm install --global yarn- From the project directory:
yarn setup - Run the program in dev mode:
yarn dev - Additional scripts for it can be found in
package.json's scripts object. - To create a new feature branch to do development, use
git checkout -b MYBRANCHNAME - To contribute your feature back, please simply create a pull request with a description of its intent.
Getting oriented.
- The project uses purescript-halogen For rendering
- It's important to note that the documentation for halogen on pursuit is not up to date.
Contributing Guidelines
- Cotribution guidelines can be found here
Working with the bulma design stuff
- Once set up, run
yarn devto load the auto-reloading browser. - Edit
styles/styles.scssto define appropriate style sheets to be used in the application, and configure bulma variables - View the work on
localhost:3000/designPage.html