History

Sameh Abouel-saad beba294054 refactor: migrate extension to TypeScript and add Material-UI components		2025-05-26 23:01:47 +03:00
..
dist	refactor: migrate extension to TypeScript and add Material-UI components	2025-05-26 23:01:47 +03:00
public	refactor: migrate extension to TypeScript and add Material-UI components	2025-05-26 23:01:47 +03:00
scripts	refactor: migrate extension to TypeScript and add Material-UI components	2025-05-26 23:01:47 +03:00
src	refactor: migrate extension to TypeScript and add Material-UI components	2025-05-26 23:01:47 +03:00
index.html	refactor: migrate extension to TypeScript and add Material-UI components	2025-05-26 23:01:47 +03:00
package-lock.json	refactor: migrate extension to TypeScript and add Material-UI components	2025-05-26 23:01:47 +03:00
package.json	refactor: migrate extension to TypeScript and add Material-UI components	2025-05-26 23:01:47 +03:00
README.md	refactor: migrate extension to TypeScript and add Material-UI components	2025-05-26 23:01:47 +03:00
tsconfig.json	refactor: migrate extension to TypeScript and add Material-UI components	2025-05-26 23:01:47 +03:00
tsconfig.node.json	refactor: migrate extension to TypeScript and add Material-UI components	2025-05-26 23:01:47 +03:00
vite.config.ts	refactor: migrate extension to TypeScript and add Material-UI components	2025-05-26 23:01:47 +03:00

README.md

SAL Modular Cryptographic Browser Extension

A modern, secure browser extension for interacting with the SAL modular Rust cryptographic stack, enabling key management, cryptographic operations, and secure Rhai script execution.

Features

Session & Key Management

Create and unlock encrypted keyspaces with password protection
Create, select, and manage multiple keypairs (Ed25519, Secp256k1)
Clear session state visualization and management

Cryptographic Operations

Sign and verify messages using selected keypair
Encrypt and decrypt messages using asymmetric cryptography
Support for symmetric encryption using password-derived keys

Scripting (Rhai)

Execute Rhai scripts securely within the extension
Explicit user approval for all script executions
Script history and audit trail

WebSocket Integration

Connect to WebSocket servers using keypair's public key
Receive, review, and approve/reject incoming scripts
Support for both local and remote script execution

Security

Dark mode UI with modern, responsive design
Session auto-lock after configurable inactivity period
Explicit user approval for all sensitive operations
No persistent storage of passwords or private keys in plaintext

Architecture

The extension is built with a modern tech stack:

Frontend: React with TypeScript, Material-UI
State Management: Zustand
Backend: WebAssembly (WASM) modules compiled from Rust
Storage: Chrome extension storage API with encryption
Networking: WebSocket for server communication

Development Setup

Install dependencies:
```
cd sal_extension
npm install
```
Build the extension:
```
npm run build
```
Load the extension in Chrome/Edge:
- Navigate to chrome://extensions/
- Enable "Developer mode"
- Click "Load unpacked" and select the dist directory
For development with hot-reload:
```
npm run watch
```

Integration with WASM

The extension uses WebAssembly modules compiled from Rust to perform cryptographic operations securely. The WASM modules are loaded in the extension's background script and provide a secure API for the frontend.

Key WASM functions exposed:

init_session - Unlock a keyspace with password
create_keyspace - Create a new keyspace
add_keypair - Create a new keypair
select_keypair - Select a keypair for use
sign - Sign a message with the selected keypair
run_rhai - Execute a Rhai script securely

Security Considerations

The extension follows the principle of least privilege
All sensitive operations require explicit user approval
Passwords are never stored persistently, only kept in memory during an active session
Session state is automatically cleared when the extension is locked
WebSocket connections are authenticated using the user's public key

License

MIT License