The Future of LockBox

Open Privacy has already made significant progress developing the two LockBox applications. The web app supports potentially unlimited numbers of users and forms and has been released open source via our code repositories, making it suitable for self-hosting or easily hosting for others. The desktop companion app runs on Windows, Android, and Linux. Our in-house application stack already supports localisation and we just need to request translations via Lokalise.

In addition to requiring more polish and testing before being ready for full release, there are plenty of features we would like to add to LockBox given adequate time/funding, such as:

  • Automatic download and decryption of submissions
  • Potentially, in-app display of decrypted data (instead of exporting it to a spreadsheet)
  • Forms with multiple pages
  • Infrastructure for installing/updating the apps; possibly Windows code signing?
  • More platform support: Mac and iOS (we have a new Flutter-based stack that theoretically should support this easily)
  • Encrypted submission app: form submitters have the option of using an app to encrypt to the org's public key before submitting it!
  • Server-side privilege separation improvements
  • More field tests like the one described above, with more organizations
  • Cwtch integration for form submission to enable peer-to-peer submission and/or key-sharing
  • Source code security audit
  • Opaque HTML edition (currently Opaque supports QML and Flutter)
  • If we could move the form builder to the app, we could remove the web app's user system entirely... no more passwords!

Timeline

Open Privacy staff are currently focused on our flagship project, Cwtch, as it drives development of our libraries for speeding along other projects, and is near the core of our audience's support. We would welcome additional funding, and would be thrilled to be able to bring on capacity to turn any of the plans and dreams outlined above into reality, sooner. If you'd like to help speed this work along and help bring improved privacy and security to people around the world, please visit https://openprivacy.ca/donate or get in touch with us to discuss other options.