DisCrypt

End-to-end encryption for Discord messages and files

如何安裝

您需要先安裝使用者腳本管理器擴展,如 TampermonkeyGreasemonkeyViolentmonkey 之後才能安裝該腳本。

You will need to install an extension such as Tampermonkey to install this script.

您需要先安裝使用者腳本管理器擴充功能,如 TampermonkeyViolentmonkey 後才能安裝該腳本。

您需要先安裝使用者腳本管理器擴充功能,如 TampermonkeyUserscripts 後才能安裝該腳本。

你需要先安裝一款使用者腳本管理器擴展,比如 Tampermonkey,才能安裝此腳本

您需要先安裝使用者腳本管理器擴充功能後才能安裝該腳本。

(我已經安裝了使用者腳本管理器,讓我安裝!)

如何安裝

你需要先安裝一款使用者樣式管理器擴展,比如 Stylus,才能安裝此樣式

你需要先安裝一款使用者樣式管理器擴展,比如 Stylus,才能安裝此樣式

你需要先安裝一款使用者樣式管理器擴展,比如 Stylus,才能安裝此樣式

你需要先安裝一款使用者樣式管理器擴展後才能安裝此樣式

你需要先安裝一款使用者樣式管理器擴展後才能安裝此樣式

你需要先安裝一款使用者樣式管理器擴展後才能安裝此樣式

(我已經安裝了使用者樣式管理器,讓我安裝!)

作者
NotTrueFalse
今日安裝
1
安裝總數
3
評價
0 0 0
版本
1.1
建立日期
2025-11-09
更新日期
2025-11-10
尺寸
69.3 KB
授權條款
MIT
腳本執行於

DisCrypt - End-to-End Encryption for Discord

Secure peer-to-peer messaging on Discord using client-side encryption. Messages and files remain encrypted end-to-end, even if your Discord account is compromised.

How It Works

  1. Add a peer by their Channel ID (DM channel) and public keys
  2. Messages auto-encrypt on send, auto-decrypt on receive, message edition is well handled
  3. Only you and the intended recipient can read your messages
  4. Encryption verified with color coding (blue = sent, green = received)

Features

  • End-to-end encryption using X25519 ECDH + XSalsa20-Poly1305 (TweetNaCl)
  • Automatic message encryption/decryption
  • Encrypted file attachments with Ed25519 signature verification
  • Message editing support
  • Reply handling for encrypted messages
  • Peer management UI with key storage
  • Works in DMs and group channels

Security Model

Threat Model: Protects against message interception if your account is compromised.

Does NOT protect against:

  • Private key compromise (if your computer is compromised)
  • Man-in-the-middle attacks during key exchange (manually exchange keys via secure channel)
  • Message metadata (timestamps, message count, presence)

Implementation Details:

  • Private keys stored in browser localStorage only
  • Uses NaCl.box (X25519 ECDH) for asymmetric encryption
  • Ed25519 signatures for file authenticity verification
  • Sender/recipient public keys included in message format for verification

Limitations

  • No forward secrecy (compromise of keypair compromises all messages)
  • No built-in key exchange protocol (manual key sharing required)
  • Private keys stored in plaintext in localStorage
  • File upload MIME type spoofing (.png wrapper) for CORS bypass

TODO

  • [x] GUI improvements
  • [x] Message editing
  • [x] File encryption/decryption
  • [x] Reply handling
  • [ ] Message authenticity verification (sender signature)
  • [ ] Forward secrecy (keypair rotation)
  • [ ] Key import/export with password protection
  • [ ] Code refactor for maintainability
  • [ ] Link preview support
  • [ ] Better media handling after decryption