Hi Go community,
We are Confident Security, and we’re thrilled to announce the open-sourcing of twoway, a Go library for encrypted request-response messaging using Hybrid Public Key Encryption (HPKE). The repository is now available on GitHub: https://github.com/confidentsecurity/twoway.
What is twoway?
twoway is a Go package designed to enable secure, encrypted request-response messaging. Built on top of Cloudflare’s circl library, it leverages HPKE to provide robust encryption for both one-to-one and one-to-many messaging scenarios. Whether you’re building secure HTTP-based applications or need flexible, chunked messaging, twoway has you covered.
Why does this exist?
We’ve made a provably private AI inference engine called CONFSEC, twoway is how we ensure nobody can ever see a submitted prompt.
Key Features
We built twoway on Cloudflare’s circl/hpke, it uses Hybrid Public key Encryption to implement two flows:
- A one-to-one flow where a sender communicates with a single receiver. This flow is fully compatible with RFC 9458 Oblivious HTTP (OHTTP), and the chunked OHTTP draft RFC.
- A one-to-many flow where a sender communicates with one or more receivers. Similar to the design of Apple’s PCC.
Other features include:
- Compatibility with any transport, twoway deals with just the messages.
- Chunked messages.
- Custom HPKE suites implementation for specialized needs like cryptographic hardware modules.
We’d love for you to check out twoway, try it in your projects, and share your feedback! If you find any issues or have ideas for improvements, feel free to open an issue or PR on GitHub. For more details, including setup instructions and advanced usage, check out our technical breakdown. Looking forward to your thoughts and contributions!
Best,
The Confident Security Team