{
"$type": "site.standard.document",
"bskyPostRef": {
"cid": "bafyreiccwu6sibokycyxaakwt2xea55ab6gn2qf6d5q5ghkmy6brfh3f3m",
"uri": "at://did:plc:haakkg7y3xdghcdmprxeexso/app.bsky.feed.post/3mpha74zgeqs2"
},
"path": "/t/which-live-location-sharing-service-is-recommended/37533#post_21",
"publishedAt": "2026-06-29T18:07:31.000Z",
"site": "https://discuss.privacyguides.net",
"tags": [
"architecture",
"Authenticated encryption in libsodium",
"Key derivation | Libsodium documentation",
"in here",
"in the chart"
],
"textContent": "dm:\n\n> It wasn’t clear to me from your doc how key rotation interacts with location keys, so I might be missing something, but I think you are storing location keys on the server encrypted with a key derived from the MK or IK. If so, rotating keys does not provide any PCS if the MK or IK are compromised (obviously).\n\nTo clarify it shortly (as in the architecture):\n\n * None of the keys are derived from user’s MK or IK\n * Base location key (i.e. sender key) is generated randomly on every device\n * Those are exchanged between each member using their exchange public key pairs, more specifically with Authenticated encryption in libsodium\n * From that base location key, new ephemeral key is derived which is used for encryption of actual live location data with Key derivation | Libsodium documentation\n * Other members then can decrypt base location key with their private exchange keys, derive same ephemeral key from it and decrypt location data\n * Key rotation fully recreates exchange key pairs, actual location key, group master key (encrypts group name and image, member names etc) as in here.\n * Master key (also randomly generated, not derived from a password) is only used to encrypt currently active private exchange keys. And that encrypted blob is stored on the server (as in the chart). That is the only part that undermines PCS because you can eventually get to the location key with the master key. And this is also not required for actual location sharing process. Switching to local only private exchange keys is completely doable, although it would break current account based access.\n\n",
"title": "Which live location sharing service is recommended?"
}