What makes this release even more amazing is it was created from scratch and developed using new languages and techniques most of our team never used before.
Almost everything you can name we did in a new way: from team organization, programming languages and toolkits, design language and processes, all the way through to new deployment and packaging and testing procedures. In fact more than half of the team that contributed to 1Password for Linux joined our family within the last 18 months.
I thought it would be fun to go through a high-level overview of how 1Password for Linux was architected, how we came to fall in love with Rust, and highlight some of the incredible things our team has been doing to make our new Linux app a reality.
1Password for Linux is our first hybrid app.
The backend is written in Rust, a true systems programming language known for its safety and performance. Rust compiles directly to native code and avoids the overhead associated with runtimes or garbage collection.
On the frontend side of things we used web technologies to allow us to create an entirely new design language for 1Password. Not only does it look great but it allows us to be incredibly agile and iterate quickly.
We had a lot of success with TypeScript and React when developing the web interface for 1Password.com as well as our browser extension so these were natural choices here.
To tie everything together we used Neon along with a home-grown TypeShare tool for generating types on both sides of the FFI layer. Finally we bundled everything using Electron to allow us to integrate deeply with the operating system.
Here’s a quick sketch on how everything fits together.
It took us a while to realize how great Rust is and how it could solve many of the problems we had. To understand how we got here we first need to take a step back to see how we developed apps over the last 15 years.
Before our new approach for building hybrid applications existed all of our apps were written with a completely different backend on every platform. While they all connected to the same 1Password.com service, they each did so with their own hand-written code.
Every platform was responsible for syncing, conflict resolution, data storage, creating view models for the UI, and everything else you can imagine.
This may seem surprising in today’s day and age when Rust exists and has mostly matured, but these apps were developed over the course of 15 years and back then there weren’t any languages that we could use to write software across operating systems in a safe and secure fashion.
Of course there was C and C++ but neither Roustem nor myself were fans of C++ and even if we were, the thought of writing a multi-platform library in an unsafe language scared the hell out of us. And in the case of crypto we just flat out refused.
So each team used the best languages and libraries that were available on each platform at the time they were written.
As you can imagine we did our best to keep feature parity (and bug parity!) consistent across every platform but it was incredibly difficult to do with so many code bases.
We all wanted to find a way to write the the backend code in a safe and performant way and share across all the platforms that we supported. This was a noble and exciting endeavour, but how?
Our Windows team was the first to experiment with Rust back in 2017. They quickly fell in love and on May 2018 1Password for Windows 7.0.558 was released with a lot of the heavy lifting performed using Rust.
The number of crashes and bug reports on Windows quickly fell.
As great as this was, it took the rest of the team longer to see the brilliance of using Rust. At the time a lot of the team was using Go lang to create a shared backend to be used by 1Password.Next (our code name at the time for 1Password core) and they were seeing enough success that they weren’t eager to switch languages.
Over time we outgrew GopherJS. When we started experimenting with WASM we discovered that Rust compiles to WASM incredibly well and has a solid toolchain we had to try it out.
So we started an experiment porting the brain from Go to Rust at NSNorth 2019 and then things really took off during a conference at Roustem’s house a few weeks later.
Very quickly we went from not knowing Rust to a prototype of filling within the browser and this marked a huge turning point for 1Password development as a whole.
At this point we realized what our Windows team had been trying to tell us all along: Rust was the real deal. It was fast, safe, and able to compile to every platform including WASM.
To make sure our enthusiasm of Rust would survive the real world we made a small library for deriving time-based one-time passwords (TOTP) and shipped it in all our desktop and mobile apps. We also shipped the new WASM brain in our browser extensions.
The results were wonderfully uneventful. There were no surprises other than how smooth the rollout was.
Rust had proven itself so it was time to see if we could create a full blown 1Password core for all our apps to use. By the end of the fall we had seen enough internal successes that we wanted to find a way to start sharing our progress with our users.
Linux was the perfect playground so in late 2019 at a conference at my house we started creating a Linux app to focus our efforts. Disney had just premiered The Mandalorian so naturally this was our choice for movie time and Project Mando was born. 🤩
It was a fun proof of concept and since most of our code wasn’t in Rust yet it used the 1Password CLI as the backend (Secrets Automation didn’t exist at the time).
Things went so well that we decided to pull in more of the team and in January 2020 we held a larger conference at Roustem’s house to build it out. One month later an early prototype of 1Password for Linux was demoed to the whole company on Navigator of the Seas during our annual conference.
- Many companies and institutions are offering these certificates and among these companies Palo Alto Networks is the most famous company who is known for its pro