[prophesi]

Any chance of opening the source? I'm a bit confused how it could be E2E-encrypted if the URL doesn't have a URI fragment. This is usually where the key would be located, as the URI fragment isn't sent to the server unless there's malicious code doing otherwise.

[bdominy]

For card links, I'm using a one time key to protect the information stored on my server. The end-to-end encryption works when you exchange cards using the Neucards app with another Neucards user. It's a tricky situation because people won't use it if it isn't able to quickly exchange contact info like a vcard or other digital cards. The goal was to make sure nothing could be read by a third party without the user giving them access. As for opening the source, I'm going to wait and see. I understand the need for verification, but it is also difficult to make a living doing that.

[pfg_]

It looks like the web interface is not E2E encrypted, the server decrypts the card info and sends that decrypted info to you.