Secure cross-device sync without relying on SaaS or self-hosting #1752
Description
I think it'd be cool if Aegis had a cross-device sync mechanism. That would make it a true replacement for Authy. I think it would be ideal if the sync solution was:
- Completely optional
- Free as in beer and in speech
- Cryptographically sound
- Not tied to a specific SaaS platform
- Not requiring users to self-host any server infrastructure
- Standardized so other applications like GNOME's Authenticator can
Via the publicly funded opensource project p2panda I came across Iroh, a Rust library that facilitates connecting two peers over end-to-end encrypted QUIC using both relays and holepunching. I haven't used it myself yet, nor do I know if its cryptography has been audited, but its approach looks promising.
Do you see added value in cross-device sync? What are your thoughts on an Iroh-like approach?