Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Private messages #69

Merged
merged 10 commits into from
Apr 13, 2021
Merged

Private messages #69

merged 10 commits into from
Apr 13, 2021

Conversation

hackergrrl
Copy link
Member

@hackergrrl hackergrrl commented Jan 27, 2020

This is a work-in-progress!

This PR adds private messages, that enable two individual users (feeds) to communicate with each other such that other participants in the cabal will sync their messages, but not be able to read them. The messages are encrypted using private-box, which uses chloride.

The cross-stack implementation is tracked by cabal-club/commons#8

  • Core API for publishing messages to a recipient
  • Kappa View for indexing sent and received private messages
  • Core API for reading private message conversations (via ^ kappa view)
  • Core API for listing PM convos
  • Tests

@hackergrrl hackergrrl changed the title Private (1:1) messages [DRAFT] Private (1:1) messages Jan 27, 2020
@hackergrrl hackergrrl changed the title [DRAFT] Private (1:1) messages [DRAFT] Private messages Jan 27, 2020
@hackergrrl hackergrrl mentioned this pull request Jan 27, 2020
11 tasks
@todrobbins todrobbins added the enhancement New feature or request label May 21, 2020
@hackergrrl hackergrrl mentioned this pull request Jun 20, 2020
@khubo
Copy link
Member

khubo commented Nov 19, 2020

@noffle I could pick this up if you can guide a bit. Only api for fetching pm's by users is remaining?

@Gronis
Copy link

Gronis commented Apr 8, 2021

How would this work if I have multiple devices (with different private keys). Will only a specific device have access to the private message feed? I guess this is the case and it is not ideal.

@cblgh
Copy link
Member

cblgh commented Apr 8, 2021

@Gronis yes you are correct, that's basically the limitation

depending on how we do it, we could support private messages among multiple identities which mitigates this somewhat. the limitation of this approach remains though

@Gronis
Copy link

Gronis commented Apr 8, 2021

Yea. Most p2p systems with a private key as authenticator have this problem. I have yet to see a good solution.

Maybe the user identity and the device key should be separated somehow, and then, different device keys can be added or removed to the user identity by signing from a device which already is associated with the same user identity, while also providing a secret. It would be a p2p 2FA system kind of.

Anyways, I'm kind of off topic here. Good discussion anyways.

@okdistribute
Copy link
Member

Delta chat accomplishes this by transferring private keys across devices with an Autocrypt Setup message

@hackergrrl
Copy link
Member Author

hackergrrl commented Apr 9, 2021

Hey y'all. I reviewed this code and here are the next steps I see:

  • Finish writing the kappa view
    • Decide how we want to store indexed PMs. We could store them in plaintext (faster to fetch), or only store the msgIds and decrypt them on fetch (slower, ensures that the plaintext only exists in memory -- but does this matter?). (The current code that writes to leveldb in this view is old copypasta.)
    • Write kappa view API for fetching private messages. I think an API that mimicks the Messages kappa view API would be best, so that cabal-client can do similar logic. (The current code under api: is just old copypasta.)
    • Emit events as new PMs come in. (You index your own msgs too though, so we'd need to decide if we want to emit for our own messages (does the Message view do this?))
  • Write end-to-end tests that show you can PM someone, and then use the kappa view's API to read that conversation history out.

After the cabal-core implementation is done, we can figure out the API that will be exposed on cabal-client and implement it there, before threading it up into clients. I really like the idea of having an API that mirrors the existing messages API as much as possible, presenting PM convos as much like channels as makes sense.

@okdistribute
Copy link
Member

Awesome @noffle ! Very exciting!

Re:

Decide how we want to store indexed PMs. We could store them in plaintext (faster to fetch), or only store the msgIds and decrypt them on fetch (slower, ensures that the plaintext only exists in memory -- but does this matter?).

I think that on-disk encryption can be useful for some communities, but Cabal isn't billing itself a 'security-first' app to high-risk users. Since it's still very much a beta project I think that storing them as plaintext on the device is sufficient if it's easier to implement (also the better performance is a plus of course!)

@hackergrrl
Copy link
Member Author

@okdistribute: I think that on-disk encryption can be useful for some communities, but Cabal isn't billing itself a 'security-first' app to high-risk users. Since it's still very much a beta project I think that storing them as plaintext on the device is sufficient if it's easier to implement (also the better performance is a plus of course!)

I agree!

@hackergrrl
Copy link
Member Author

Tests are green! I'll merge soon if there's no issues.

Do either of you have spoons to review @cblgh @substack?

@cblgh
Copy link
Member

cblgh commented Apr 12, 2021

@noffle :0 :0 :0 :0

AWESOME!!!!! i'll try to do a review pass rn! gonna get like a pot of chamomille lol

Copy link
Member

@cblgh cblgh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎉 🎉 🎉 🎉 🎉 🎉 🎉 🎉 🎉 🎉 🎉 🎉
image
🎉 🎉 🎉 🎉 🎉 🎉 🎉 🎉 🎉 🎉 🎉 🎉

i have some suggestions adding comments and stuff, github should make it possible to batch the ones you think are good additions & you can discard the rest. also left my lil thought trail cause hey why not

NICE JOB KIRA!!! 🖤 💜

README.md Show resolved Hide resolved
index.js Outdated Show resolved Hide resolved
index.js Outdated Show resolved Hide resolved
index.js Show resolved Hide resolved
index.js Show resolved Hide resolved
views/private-messages.js Show resolved Hide resolved
views/private-messages.js Outdated Show resolved Hide resolved
test/test.js Show resolved Hide resolved
index.js Outdated Show resolved Hide resolved
index.js Outdated Show resolved Hide resolved
noffle and others added 9 commits April 12, 2021 13:19
Co-authored-by: Alexander Cobleigh <cblgh@cblgh.org>
Co-authored-by: Alexander Cobleigh <cblgh@cblgh.org>
Co-authored-by: Alexander Cobleigh <cblgh@cblgh.org>
Co-authored-by: Alexander Cobleigh <cblgh@cblgh.org>
Co-authored-by: Alexander Cobleigh <cblgh@cblgh.org>
Co-authored-by: Alexander Cobleigh <cblgh@cblgh.org>
Co-authored-by: Alexander Cobleigh <cblgh@cblgh.org>
@hackergrrl hackergrrl merged commit 6b07050 into master Apr 13, 2021
@cblgh
Copy link
Member

cblgh commented Apr 13, 2021

WOOOOOOOOOOOOOOOO 🎉 🎉 🎉

@hackergrrl hackergrrl changed the title [DRAFT] Private messages Private messages Apr 13, 2021
@ralphtheninja ralphtheninja deleted the private-messages branch September 20, 2021 13:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

Successfully merging this pull request may close these issues.

7 participants