Brian: PodRocket is sponsored by LogRocket, a frontend monitoring and product analytics solution. Don't know what that is? Go to logrocket.com. Thanks. Ben: Hey everyone. Welcome to PodRocket. Today, I'm here with Feross Aboukhadijeh. Hey Feross, can you introduce yourself? Feross Aboukhadijeh: Hey Ben. Sure. Yeah. So I'm Feross, I'm working on this product called Wormhole, which is the fastest way to send files. And I also do a lot of source software maintenance. So if you build a JavaScript app, you probably use some of my code somewhere in your stack, somewhere in that giant node modules folder sitting on your computer. So yeah. Ben: Nice. Your code along with the picture of Guy Fieri, right? Feross Aboukhadijeh: I don't have anything like that hidden away, but yeah, no, I do like to do open source and I've been doing it for about six years now. Ben: I'll put a link in the episode description too, if anyone hasn't seen the famous medium post about that one, because it'd be like a weird joke if someone didn't get it. But anyway, I'm excited to hear about Wormhole and maybe at the end we'll talk about some of the open source work you do. So you mentioned sharing files, maybe tell us a bit more about what Wormhole does. Yeah. Feross Aboukhadijeh: So Wormhole is a reboot of Firefox Send, which was a product from Mozilla from a few years ago that they tragically shut down. So Wormhole, it lets you share files with end-to-end encryption and a link that automatically expires. So that means that you can keep the files that you share private and you can make sure that your stuff doesn't stay online forever. So beyond just being very secure because of that end to end encryption, it's also super fast and it's possible to send files within a couple of seconds. So you just drop them on the page and you get a link. And even before the files are finished uploading, you can copy that link and send it to your recipient. And they can even begin to start downloading the files while they're still uploading on your end. So it's just like the fastest possible way to get files across the web. Ben: Got it. Well, it's funny after every podcast episode we record, I take the audio file that we recorded locally, I stick it in my Dropbox. I do copy Dropbox link and send it to Kate. So I think I will be trying Wormhole after this episode, but curious, like, there's a bunch of ways to send files, which is surprisingly not a completely solved problem in 2021, but there are a bunch of ways to send files. As I mentioned, I just stick it in my Dropbox. There's WeTransfer. I've seen that one. So there are a bunch of ways to send files. So you mentioned encryption, but curious to hear a bit more like what's the pitch for why you use wormhole? Yeah. Feross Aboukhadijeh: Yeah. The main reason is security and privacy. So I can talk a little bit about why we built Wormholes. So one of the reasons is we were asking ourselves this question, why don't more web services, end-to-end encrypt your data? And one of the things we thought about was like, I mean, there's not really a good reason, actually. If you think about let's take a service like Dropbox or WeTransfer, right? So they transfer your files over an encrypted connection and that prevents eavesdroppers from seeing your files as it goes across the internet. And then once your data arrives at the Dropbox data center, they promise to store it in an encrypted form as well. But the key thing to ask yourself, whenever you're hearing a company tell you about encryption is you have to ask yourself who has the keys to unlock your files. Feross Aboukhadijeh: So it's not enough if your files are encrypted, the question to ask is who can actually unlock them. And in the case of Dropbox and WeTransfer, they have the keys to unlock your files. And so it's great that they're encrypting it. It will help in the case that those files are stolen or if someone breaks in steal some servers or someone gets their hands on some data, but fundamentally, if you think of encryption like a lock, it's not enough that your data is locked up. You have to know who has that key. And every major website is designed in this way where the service provider has the key to access your data. If you think about like all the things we use, Dropbox is not the only thing. Feross Aboukhadijeh: If almost all Google services, Slack, all of our documents, all this stuff is just sitting there and the provider can unlock the data and use it whenever they want. And they can give it to the government, a rogue employee could poke around and you'd never know. So this isn't theoretical anymore in this day and age. There's actually some examples of this, just as a crazy example, a few years ago, Dropbox actually accidentally, they had a bug where they let anyone log into your account using any password. So if there's like this four hour period where like you could just type in any username and any password, and then it would just log you in. And so that's the kind of thing where it's like, okay, it's your files are encrypted, but they basically unlocked your files in that case and gave them to whoever happened to be there, whoever happened to log in during that period. Feross Aboukhadijeh: So the real lesson is just you need to think about who has the key. And so that's where end to end encryption comes in. And the key idea of end-to-end encryption is that only you have the key to unlock your files. And then you control who you give that key to. Ben: From a security perspective, when you're sending a link that basically grants access to the file. Obviously the fact that Wormhole servers that file is not available in a viewable format there even if someone comprises a server, that's a certain level of security, but at the same time, when you're sending a link, anyone who has that link could technically download and decrypt the file because the private key, as you mentioned, is in the link. When you compare that with some other services like Dropbox, where you can restrict access to a file to someone who is logged in with a username and password or verified their email, that is a kind of a different type of security, because you can ensure that only the verified recipient can actually view the file. So I'm curious, is there a potential in the future for Wormhole to add like some sort of account system or prove you own this email address or something like that as an additional layer of security beyond the end-to-end encryption? Feross Aboukhadijeh: Yeah. That's a great point. Yeah. I mean, it's all about the threat model. Like what are you worried about? So this current design is very much about like, I want to get my files to a particular person and I don't want anyone in the middle to see it. And it's sort of assumes that you're going to like protect this link and ensure that only the people that you want to access the files can see the link. So if you accidentally share the link with anyone else, then you're in trouble. But I mean, it does help that the files are deleted after 24 hours. Ben: Right. Feross Aboukhadijeh: So the link can't just like stick around for a really long time, but no, you're totally right. You're talking about a completely different threat. Ben: Yes, yeah. Feross Aboukhadijeh: You're basically worried about like how do I make sure that I'm confirming that like the person on the other end of my phone or my computer is actually who I think they are. And can identify themselves by being able to log in as a certain user. That's a thing we don't support right now, but we totally would need to. We're actually going down that path because we were going to need to have accounts, to be able to do the pro plan and to be able to charge. So that's on our roadmap for sure. Ben: Right. And then you can kind of have the best of both worlds and protect from both threat models, the threat model of making sure you send to the right user on the other end and a threat model of your database gets hacked, or your Wormhole itself is a nefarious actor. And both of those threat models are covered by the end-to-end encryption. Feross Aboukhadijeh: Mm-hmm (affirmative). Yep. That's the idea. Ben: So as a user, like how does Wormhole work? I go to https://wormhole.app, I'm presented with a kind of like the drag, your file here, dialogue. When I drag my file to Wormhole, how does the encryption process work? How is the file transferred and then how has it decrypted on the other end? Feross Aboukhadijeh: Yeah. So when you're doing end to end encryption the key idea is that the data has to be encrypted and decrypted only at the end points. So that means that we have to encrypt your files before they leave your browser. So it has to happen completely on your device and our servers have to have no involvement in that process or else the whole point of the end-to-end encryption is defeated. So the way it works is you drop the files onto the page and your browser generates a secret key, which is basically just, you can think of it like a random set of characters and numbers, and that's used to encrypt the files. So basically scramble them, turn them into a form in which you need that same key to undo that. And so then once you've done that, you upload that encrypted version to our servers, and then that key remains in your browser. Feross Aboukhadijeh: And when you actually want to go to share the files now, you copy this link that we give you, and what's really cool about this link is, it contains the key in it. And so the process of actually sending somebody a Wormhole link is like no different than sending somebody like a Google docs link or something. It's like, the link is kind of the password in a sense, you just copy it to your clipboard and you paste it in whichever type of communication app that you trust. Or you can even read it over the phone, or you can write it on a piece of paper. The point is that the link is itself the password. And so you have to protect that, but the recipient just has to click on it. And we've designed the link in a way where the link actually, so it contains that password, but it's also not sent to our server when you go to visit it in your browser. Feross Aboukhadijeh: So your browser, actually the recipient, they download the encrypted files, and then they decrypt it in their browser. And our server is almost like you could think of it like it's just a dumb storage system that just takes whatever random blobs of data that it can't understand and just stores them for you for 24 hours. Ben: Got it. But at the end of the day, I do have to trust that when I use wormhole.app website, it's not sending my secret key to your servers. And I know I could read the JavaScript code. I could look at the network requests that it's making and kind of make sure that that's not happening, but realistically, since you could update your code at any time, I do have to trust Wormhole that you're not going to ever send the decryption key to your backend, right? Feross Aboukhadijeh: Yeah, that's correct. Yeah. I wish there was something more we could do there other than tell you, like you have to trust that we're trying to do the right thing. And so one of the main things that you can do to try to solve this problem is you can give people an installed version of the app. So I could give you like a Wormhole app that you could put on your computer. And then the idea is that we wouldn't be able to sort of like randomly at any time go and change that program. It would be sort of like a version that you could audit and you could trust. But the thing is even if we did do that, like the number of users that are going to audit that, and that are going to check that is so low, it's really a hard problem. Feross Aboukhadijeh: Like how do you actually ensure trust in the code that's running on the server? And it's something that we really actually care a lot about and would love to have a way to solve in a more convincing way, in a way that like the security community could feel more comfortable with. But fundamentally, the problem is we're trying to make this accessible to people and we're trying to bring end to end encryption to people in a practical way. And so if we were to go for the perfect security design, we end up like making it so hard to use. And so unusable that it's not going to help us in a day-to-day situation where I just want to send some tax documents to like an accountant or something, and I'm going to end up sending it over an email. Feross Aboukhadijeh: And then it's going to sit in their inbox for like five years and then their email is going to get hacked. And then my social security number is going to get taken away and used by hackers for whatever purpose. So basically I'd say Wormhole sits in this middle ground where you are trusting the service somewhat and the design of the code. And it is a little bit less auditable than an app you would install, but it's also a lot easier to use than something you would install. You don't have to have your recipient have some special software on their computer to use it because it's just a website. And the web is like designed to be accessible and easy, you click a link and it just loads and it just works. Feross Aboukhadijeh: So, yeah. So I would say like, I wish there was a better way to... A new web standards would probably help us here, but right now, the best we can do is we've opened source the cryptography code. It's on our GitHub. You can search wormhole-crypto, it's on NPM and it's on our GitHub. And you can look at that code and we're currently considering sort of how to open source the rest of the app so people could audit it and look at it. So, yeah, I think stay tuned there for more improvements. Ben: I'm curious, when I think about just a general trend, like I do find myself using less and less files nowadays as more and more of the documents I work on are in cloud apps. So I'm curious, like long-term, what do you think is the future of files? Like, will our kids know what a file is. I guess maybe I'm not sure, like you look at iOS they kind of try to push you away from using files. Recently they have added more of ability to download and have think there's like a Finder app or something on iOS now, but there wasn't for a long time. So I'm curious, like what you see as the future of files and, or can Wormhole evolve to share cloud documents in some secure way more so than the cloud native sharing that's built into each cloud app. Feross Aboukhadijeh: That's a really great question. I like it a lot. I hadn't thought too much about the future of files specifically, but as far as cloud documents using end to end encryption, I think there's actually no real reason why you couldn't do something like Google Docs, Google Sheets, and just the whole suite, the whole productivity suite, and even more consumer apps like photos. There's no reason why I have to give all my photos up to like... If you think about it, there's this kind of a weird unchallenged assumption that we've had for all these years with all of our web services, which is I want to send you a document, but the document is actually being shared with three people, not just me and you, but it's like, we implicitly have to add this like third person to the conversation, which is like Google or like Facebook or whatever service is being used to facilitate that connection. Feross Aboukhadijeh: And there was a time when, say you want to do Google Photos as an example, where it makes sense to give the server the photos so that it can do analysis of the photos using AI and a bunch of stuff on their servers. And Dropbox is another example where the server actually, they argue that it could play an important role in the sense of generating thumbnails for your photos and encoding your videos into different formats so that when you view them on your phone or versus your desktop, it'll give it to you in a different format and that kind of thing, but that's all stuff that we can do in the client now. So I don't see a reason why my browser can't just encode a couple of thumbnails of my photo before it uploads it to the service. There's no reason why it can't be designed that way. Feross Aboukhadijeh: And so I think part of the thing that we want to explore with Wormhole is what if we just decided it's unacceptable that web services work in the old way, and we just are going to make it so that everything is end to end encrypted. Like how far can we push the browser? And how far can we push the technology? And what can we build and what can we bring end-to-end encryption to? So files are just the start, I mean, I don't see a reason why we couldn't do more than that, but we just started with files because files are kind of the fundamental unit of how stuff works underneath the hood. Even if users don't know what they are. So it was good v1 product for us. Ben: Yeah. And I guess, thinking about it more of like, there's probably no reason why you couldn't have a collaborative, real time document editor that is antenna encrypted. And as long as you have some mechanism to have two parties have the same private key, you could encrypt all the data going over the network and the cloud service, could support real time document editing or any of the kind of web apps we use on a daily basis could probably be done in a similar manner. Feross Aboukhadijeh: Yeah. Another example is if you look at 1Password, they've switched to a fully browser version now. So you can even you go to 1password.com and you log into your vault and they're doing all the crypto in the browser there. So I know some people still prefer to use the apps because that's sort of the way they've always done it. But as a company 1Password is comfortable shipping, like a version of their software that just completely works in a browser. And all the keys are managed directly in the browser and the crypto done in the client side. So yeah, I mean, if the password manager can do it, that's like basically the highest bar for security, as far as I'm concerned, all your passwords go in it, then we can certainly do it for other things. Ben: Yeah. No, that's a really good example. I still do the old method where I have the encrypted password file in my Dropbox and decrypt in the app locally, but I- Feross Aboukhadijeh: Not on the password manager bandwagon yet? Ben: We'll, no, I use one password, but years ago when I set it up, the way it worked is you basically, you have one password store, the encrypted blob of all your passwords in Dropbox, so that way I can synchronize them to my phone and my laptop. And then I have the 1Password app. It decrypts the file from that is synchronized via the Dropbox synchronization mechanism. I think later they launched the cloud service so they could handle the synchronization. But I guess I kind of liked the idea also that it is more distributed. So theoretically, if someone hacked one password and was able to ship arbitrary code to their web app and steal people's private keys, I would maybe not be subject to that, but maybe I'm fooling myself. Feross Aboukhadijeh: No, I think you're right. I mean, security is all about multiple layers of defense and depth. If one layer fails, you have a backup layer and so on. So it makes sense. Ben: Yes. I'm curious to hear a bit about your roadmap. What are you building next and what are you excited about for the future of Wormhole? Feross Aboukhadijeh: So we're trying to be the best way to send files. So we started with this goal to not just provide security for Wormhole end to end encryption, but beyond that, to be the fastest way to send files, because if you think about like normal users, I mean, I don't know what a normal user is. We always say normal users, but what I mean is like a person who doesn't wake up in the morning and think like, Oh, how am I going to improve my security and privacy today. Normal people don't think about that, but they do value that. And so if you just make a product that sells itself as being the more private version or the more secure version, you're only going to attract users who are kind of ideologically interested in that. Feross Aboukhadijeh: And I think that the number of people who feel that way is increasing as more and more companies abuse their power. And you read about more and more things in the news about the implications of that. But I still think that if you're building a product that's about providing security and privacy to people that the right way to think about it is to start with the assumption that, okay, sure, we're going to make everything end-to-end encrypted, and we're going to build it in a really secure way, but like, no one's going to care about that. So what are we actually going to provide beyond that to people? And so we started with this idea of speed. Like, you should be able to get a link immediately, and we do this instant file streaming thing where the downloader can start to download, even before you're finished uploading. Feross Aboukhadijeh: We, we also added peer to peer transfer. So that means like if you're sitting next to somebody and you're trying to just get a file from one computer to another, like one phone to another, that we can do it over the local network, which is a lot of the times faster than going out to some server somewhere. And then back to the phone, that's like a foot from you, we can do like a direct transfer. That's really nice. But yeah, so beyond that, we're looking at adding more options for how long we store the files for. So in the cases where you can't do that peer to peer transfer, we do store the files so that, that link keeps working for 24 hours. But our users have asked us for like, Hey, I want to store my files there for a week or for a month, or for a certain number of downloads. Feross Aboukhadijeh: So they could say, "I only want this file to be downloaded one time, and then I want it to self-destruct." So we're adding stuff like that. And we're working on like a pro version that's going to have larger file limits. So right now you can send like 10 gigabytes using the app, but we want to offer even larger file transfers, but that costs us more money. So we need to have some kind of business model. So that's the plan there. And then we want to do like a mobile app because an iPhone in particular, the Safari web browser is, I don't want to hate too much on this on, on Apple, but it's just the most under-invested browser. Apple just doesn't put enough people on it. Feross Aboukhadijeh: And it's probably because they want to push people toward the app store and so there's sort of like more bugs that we face with our web app running in Safari on iOS. And so we probably have to make a mobile app just to make it work a little bit better to our standards. So that's on our road map. And then we're also, like I said before, interested in looking at like, what are the other types of apps that we can build with end-to-end encryption. So we're still in the pretty early stages there, but looking at what would be a good next step besides files to work on? Ben: Yeah. One of my questions was going to be like building a business and monetization. And so it sounds like large file transfers, that's a clear thing people could pay for just because they kind of have to, because it makes your costs go up when people send huge files, but. Feross Aboukhadijeh: Yeah. And it's very natural to charge for that. Ben: Right. And long-term, you also mentioned thinking about kind of other use cases for end-to-end encrypted file transfer, other things you could build. So is that kind of your thinking around monetization, like future features you would charge for? Feross Aboukhadijeh: Yeah. I mean, it remains to be seen how much people are willing to pay for just this file sending service. If they're not then something like a more traditional file storage in the cloud type thing like Dropbox or Google Drive would probably be more natural way to charge because people are used to like, Oh yeah, you're going to store my files for me. And I'm going to pay for this much space and so on and so forth. So that's a very natural next step. But I think probably the more interesting stuff is in different more valuable cloud services, like documents and other types of collaboration. Ben: So you mentioned at the beginning that you were inspired to build this, or maybe not inspired by the fact that Firefox killed Send, but you mentioned that was a previous tool that was able and I had heard of that tool let people send end-to-end encrypted files, but was that getting sunsetted? What inspired you to start building this or anything else in your background that kind of led you to want to spend your time building Wormhole? Feross Aboukhadijeh: Yeah. I mean, a whole bunch of things led me to want to build Wormhole. The first was like you said, Firefox shut down this thing they had called Send, which was a really useful way to send files. They claimed that it was because they were having a lot of abuse on the service, which I don't doubt, but they were also kind of in a mode of shutting down things at that period of time and firing people, unfortunately. So I think that was probably just one of the casualties of that period, but yeah, so that was one reason that I just wanted a thing to use that I could trust. And I wanted to build an even more security from the very beginning than even was in Firefox then. And so we use a similar security design to them, but we also went beyond that and try to improve it even further. For people who are interested there's a page on our website. If you go to wormhole.app/security, you can read about the security design, but so that's one reason. Feross Aboukhadijeh: But then beyond that, I still think it's crazy that in 2021, sometimes you just still can't figure out how to get a file from like one device to another, it's just shocking to me how much that still happens. AirDrop is pretty good, but if you're trying to get it to something that's a non-Apple device, then you're kind of completely out of luck and it just goes downhill really fast. So it's still a real problem. That's part of it. But then also I also worked on a project called WebTorrent for many, many years. That was like one of the main open source projects that I created and I've been the maintainer of for the last like five years or even, I guess more than that at this point. Yeah. I started it in 2013, so my God, yeah. Time really flies. Feross Aboukhadijeh: But anyway, yeah. So that's a project for making the BitTorrent peer to peer protocol work on the web and it's a really kind of mad science project is what I like to call it because it's a thing that you don't think should work, like taking this very intense networking kind of protocol and then making it run in a web browser. And at the time, especially when I started it back in 2013, it was completely just like a crazy idea. And so that's the kind of thing I like to do is push web browsers to their limits and see what can you what kind of app can you build that people don't think is possible? And so this is like pushing in that direction, doing a lot of decryption, doing a lot of like heavy computation, having like a cool design that's really intense, just pushing the security to the absolute limit of what we can accomplish in a browser. Just trying to basically just see what can we do that no one's done before. So that's always been my interest. Ben: If folks are out there interested in building this kind of product, are you hiring or can people contribute? You mentioned some of the things were open source, or are you looking for contributors? How can people get involved? Feross Aboukhadijeh: Yeah. So like I said, our crypto code is open source. If you want to take a look it, and if you find a bug in it, we are offering a bug bounty up to a thousand dollars for any bugs found. So far no one's found anything, but it'd be awesome if you were the first, but beyond that, we also started a company called Socket to work on Wormhole and to bring end-to-end encryption to more consumer and enterprise apps. So like I said, we're planning to explore the limits of what browsers can do and to improve the security and privacy of web apps. So if you're interested in that, we're totally we're hiring, we're interested in hearing from you. So definitely reach out to me. My name is Feross. You can find me on Twitter, Feross so F-E-R-O-S-S or you can find the website just by searching for that. Feross Aboukhadijeh: And yeah, definitely interested. We're having mainly for people who are either front end or people who are more like into the crypto or into like the service side stuff. So just sort of all the things that you think would be involved in building an app like Wormhole, we're hiring for all of it. Ben: Crypto like cryptography, I'm guessing. Feross Aboukhadijeh: Yeah. Ben: Because there's cryptocurrency, maybe even cryptocurrency too, but yeah. Feross Aboukhadijeh: No, the original meaning of crypto, which is cryptography. Yeah. The only meaning that we should refer to. And I'm just kidding. Cryptocurrency is cool too. But no, we're talking about cryptography here. Ben: Cool. Well, thanks so much for joining us and for anyone out there, we'll put some links in the episode description to Wormhole and yeah. Feross Aboukhadijeh: Well, yeah. Thanks for having me on. And I just wanted to thank you for all your awesome guides that I always find on Google, when I'm looking for things, random React things, I always find a LogRocket guides. So thanks for that. Ben: Well, don't think me, thank our awesome content team, but yeah, thanks again. And it was great talking to you. Feross Aboukhadijeh: Cool, thanks Ben. Brian: Hi. Thanks for listening. Please remember to like, subscribe, email me if you want, even though none of you do. Go to LogRocket.com and try it out, it's free to try then it costs money, but yeah, we'll see you next time. Thanks.