Keyzy is a desktop OpenPGP utility built with Electron that provides a guided interface for day-to-day GnuPG operations. It is designed for users who want practical PGP workflows (key management, encryption, decryption, export, and trust updates) without relying on command-line usage for every task.
- Desktop app for Linux/macOS/Windows via Electron
- Uses the local GnuPG installation (no custom crypto implementation)
- Security-focused architecture using Electron preload bridging and IPC sender validation
- Built-in workflows for key creation/import, encryption/decryption, and key lifecycle management
- List private (secret) and public keys
- Create a new personal key pair
- Name + email identity
- Optional passphrase
- Configurable expiry (for example
1y,6m, or a date)
- Import armored public keys
- Export public keys (armored)
- Export secret keys (armored)
- Remove keys from local keyring
- Removes secret key by fingerprint
- Attempts matching public-key cleanup
- Open a dedicated Edit Key window for advanced properties
- View key metadata
- User ID
- Fingerprint
- Creation date
- Expiry date
- Update primary key expiry
- Update owner trust level
- Unknown, None, Marginal, Full, Ultimate
- Add encryption subkeys
- Update subkey expiry
- Encrypt plaintext into armored PGP ciphertext
- Select sender private key
- Select recipient public key
- Optional trust override for recipient key
- Decrypt armored ciphertext into plaintext
- Uses GPG/pinentry path first
- Includes passphrase fallback prompt flow when needed
- Subkey revoke and subkey delete actions are present in the UI but not implemented in backend logic yet.
- Electron
- Node.js
- Bootstrap 5
- GnuPG (
gpgCLI)
index.js: Electron main process, app windows, IPC handlers, sender validationpreload.js: secure bridge exposing a narrowwindow.gpgAPIgpg.js: GPG process wrapper and key/message operationsviews/index.html: main app UI (Manage Keys, Encrypt, Decrypt)views/editKey.html: key editing UIrenderers/renderer.js: main window interaction logicrenderers/renderer_editKey.js: edit window interaction logicrenderers/shared.js: shared alert/notification helper
Keyzy follows common Electron security controls in the current implementation:
- No direct Node.js integration in renderer pages
- Preload-only API surface
- Sender-frame validation on IPC handlers
- Restricted content security policy in UI pages
- Navigation and new-window restrictions in the main process
Note: private key material remains sensitive. Keep device access controls and GnuPG environment security in place.
- Node.js 16+
- npm
- GnuPG (
gpg) available on PATH
Linux example:
sudo apt install gnupggit clone <repository-url>
cd Keyzy
npm install
npm startYou can also launch via VS Code tasks or debugger profiles if configured in your local workspace.
- Open Manage Keys and create a personal key or import a public key.
- Use Encrypt Message to select sender/recipient and encrypt plaintext.
- Use Decrypt Message to decrypt armored ciphertext.
- Use Edit on a secret key to adjust expiry, trust, and subkeys.
- This project shells out to
gpg; behavior can vary slightly across GnuPG versions and local pinentry configuration. - Keep UI claims aligned with implemented backend handlers in
gpg.jsandindex.js.
Contributions are welcome. For significant changes, open an issue first to discuss scope, behavior, and acceptance criteria.
ISC (as defined in package.json).