← /work/lynkboard

# case · 02 / 04 · 2024

● betamacOSiOSe2eeswift

Lynkboard — copy on your Mac, paste on your iPhone in under one second.

role

sole engineer · all platforms

stack

swift 5.9 · supabase · cryptokit

timeline

q2 — q4 2024

status

beta · phases 0–5 complete

Lynkboard E2EE clipboard sync app — macOS and iOS

● lynkboard · beta

macOS 13+ · iOS 16+

#01 · the problem

// brief

Universal Clipboard is iCloud-only and sends your clipboard to Apple's servers.

Developers copy API keys, tokens, and sensitive snippets constantly. Routing those through a cloud server — even Apple's — is a non-starter when you care about operational security.

LAN-first sync with E2EE fallback was the only acceptable architecture.

// constraints

< 1s lanclipboard syncs on local network instantly
e2ee alwaysserver stores only opaque ciphertext
qr pairingkey exchange via physical proximity only
offline-okfull history works without internet
share extios share extension reuses same grdb stack

#02 · system design

LAN-first. Cloud fallback. Always encrypted.

clients

· macOS menu bar

· iOS app

· iOS share extension

encrypt · seal

lan transport

· multipeer connectivity

· bonjour discovery

· 200ms timeout

cryptography

· chacha20poly aead

· curve25519 keypairs

· qr key exchange

relay fallback

supabase relay

· postgrest http post

· realtime websocket

· phoenix protocol

storage

· grdb · sqlite

· keychain keypairs

· app group container

layer · 01

transport

MultipeerConnectivity for LAN — symmetric advertise+browse, sub-200ms pairing. Supabase relay as automatic fallback on cellular.

layer · 02

cryptography

ChaChaPoly AEAD seals payloads before leaving the device. Server stores ciphertext+nonce only. Group key never touches the wire in plaintext.

layer · 03

shared core

ClipboardCore Swift Package shared across Mac, iOS app, and Share Extension — zero duplication. Port/adapter pattern behind protocol interfaces.

#03 · engineering highlights

Zero-SDK realtime. Phoenix over URLSession.

SyncCoordinator.swift

1// LAN-first, relay fallback actor

2actor SyncCoordinator {

3 func sync(_ entry: ClipEntry) async {

4 let sealed = try box.seal(entry)

5 if await lan.isReachable {

6 try await lan.send(sealed)

7 } else {

8 try await relay.post(sealed)

9 }

10 }

11}

// what makes it different

phoenix ws — no sdk

Supabase Realtime WebSocket implemented natively over URLSessionWebSocketTask. Zero SDK dependency on the client.

qr pairing

Curve25519 keypair exchange via QR code — secure channel established by physical device proximity alone.

share extension

iOS Share Extension writes directly to the shared SQLite via app group, reusing the same GRDB stack with zero duplication.

menu bar native

macOS LSUIElement process — no Dock icon. NSPasteboard polling at 0.5s, global Shift+Cmd+V hotkey.

#04 · where it stands

<1s

lan sync latency

e2ee

chacha20poly aead

3 targets

mac · ios · share ext

phases 0–5

complete · storekit next