toc

Creating a Relay

Encrypting data with Relay.

It’s now time to integrate Relay into your app so that your server does not handle phone numbers in plaintext — but in a way that you can still use the phone numbers.

Creating a Relay

The first step to integrating Relay is creating an Evervault account and team at app.evervault.com.

Once your team is provisioned, you will be able to create a Relay. The target for your Relay should be the link of your Repl, as shown in the video below.

Create a Relay

Once you've created your new Relay, you will be given its domain. If you copy this domain into your browser, you will see your form there.

Now it’s time to select which fields of your form will be encrypted by Relay — and when those fields will be encrypted. There are two options. First, encrypting a field regardless of the route it is sent to (globally). Second, encrypting a field on a specific route.

In this tutorial, we are going to use route-specific encryption to encrypt the phone field. The method used is POST. The route is /submit.

Specifying fields to encrypt

Specify fields to encrypt

If you submit the form hosted at your Relay domain and check your Replit console, you should see a log that looks similar to:

Console
Sending SMS for { name: 'Claude Shannon', phone: 'ev:AqQ=:Q2xhdS2luZw=:$' }

Great! Now you’re using Relay to encrypt the submitted phone number. This means that your server is no longer handling plaintext, readable data. If your server is compromised, the data breached will be encrypted and unreadable.

Initializing the Evervault SDK

The final step related to Relay is to include and initialize the Evervault SDK so that any outbound requests from your server are decrypted as they pass out of your app. To do this, paste the code below at the top of your index.js file:

javascript
// Including the Evervault SDK
const Evervault = require('@evervault/sdk');
// Initializing the Evervault SDK
const evervault = new Evervault(process.env.EVERVAULT_API_KEY);

You will need to create and save a secret in Replit called EVERVAULT_API_KEY. This will be your Evervault Team’s API key which is available in Settings in the Evervault Dashboard.

Fetch your API key

Let’s summarize where you are. You’ve:

  1. Created an Express.js server (index.js),
  2. Created a HTML form for collecting a name and a phone number from a user (index.html),
  3. Connected your form to your server,
  4. Integrated Evervault Relay so that phone numbers submitted to your form are encrypted before they enter your server, and
  5. Included the Evervault SDK so that outbound requests from your server are automatically decrypted.

Next, you’ll deploy some Node.js code as a Cage to verify that the phone number a user submits is valid.


Was this page useful?