> Agreed, 1P and some others are known-and-trusted, but we hope to earn this trust over time
I thought of another question about this: did you roll your own crypto, or just re-use a proven player like Hashicorp Vault, Bitwarden, Vaultwarden, or similar?
we built on the principles of zero-knowledge cloud which means decentralizing identity + crypto on the client side. Keeping passwordless in context, we wanted to eliminate passwords completely which means not even a master password. we rolled out our own crypto for mobile, browser and desktop app.
To "roll your own crypto" is to develop your own cryptographic primitives/constructions, versus using known-good, well-vetted, best-practice standard tools like NaCl / libsodium.
> we rolled out our own crypto
"roll out" means to deploy, so to "roll out your own crypto" could mean either one. Did you mean that you developed your own crypto? If so, that could be a not insurmountable, but large, impediment to gaining trust.
I apologize for not being clear. we have developed crypto using well-vetted and best practice crypto apis from android, iOS and web crypto apis available in the browser. some of the algos used for crypto operations involve ECC_NIST_P256, AES-GCM with HMAC-based KDF, RSA-OAEP, Shamir's secret sharing...
I thought of another question about this: did you roll your own crypto, or just re-use a proven player like Hashicorp Vault, Bitwarden, Vaultwarden, or similar?