x7twCWuRiTP83g1X8wz1KAI94U1584×396 431 KB

The Friends Messenger

A unique completely decentralized messenger that doesn’t use any centralised servers to establish a direct p2p communication between friends.

Features

The Friends Chat Application enables direct peer-to-peer communication between users via WebRTC.
The Handshake to exchange Peer Info doesn’t rely on a classic Server but utilizes the Autonomi Network as handshake server (to be more precise Scratchpads on the autonomi network) for this.

To sign up, create an account and start chatting with a friend you can see the flow in this little demo:

planned Features:

• easier theming
• plugins (through JS Webcomponents loaded from immutable chunks on Autonomi)
• multi-user chat
• optionally persisting chat history
• sending offline messages => encrypted to a friend-specific scratchpad
• more extensive profile pages
• better status (more options even when online)
• App as JS Webcomponent (usable by other Autonomi Apps)
• App as Native App for all OSes and mobile

Security Aspects

The Friends Messenger ensures secure communication through multiple layers:

• End-to-End Encryption: All peer-to-peer communication is secured via WebRTC’s built-in DTLS (Datagram Transport Layer Security) and SRTP (Secure Real-time Transport Protocol)
• Cryptographic Identity: Each user has a unique cryptographic profile ID (96-character hex string) derived from their account creation process
• Decentralized Handshake: No central server stores or has access to user data - the Autonomi Network facilitates the initial peer discovery
• Perfect Forward Secrecy: Each WebRTC session establishes new encryption keys, ensuring past communications remain secure even if keys are compromised
• No Data Persistence: Messages are not stored on any server - they exist only during the active peer-to-peer session

Installation & Start

To start the P2P chat application, you first need to install the dweb command line tool (after installing rustup if you don’t have that; description and link in the troubleshooting section at the bottom):

cargo install --locked dweb-cli

and then you need to make sure to include a private key holding some Eth(Arb) and ANT in your environment variables to enable dweb to pay for the needed Account Setup (one digit USD worth of Eth and 1 ANT are enough for everything needed as of now)

easiest is to include this export in your ~/.bashrc (or other terminal init file)

export SECRET_KEY=0x1111111111111111111111111111111111111111111111111111111111111111

After installation, you can start the dweb server with:
(blocks one terminal session)

dweb serve

and then you can open friends from a 2nd terminal with

dweb open friends

For more detailed instructions regarding dweb, please visit the dweb repository.

Technical Details:

Unique Public Identifier

image343×514 7.28 KB

The Friends Messenger uses a sophisticated cryptographic identity system:

1. Profile ID Generation: When a user creates an account, a unique 96-character hexadecimal Profile ID is generated and used as their cryptographic identity
2. Public Scratchpad: This Profile ID becomes the address of a public scratchpad on the Autonomi Network containing the user’s profile information (display name, profile image, friend request details)
3. Public Identifier (Optional): Users can create human-readable public names (like usernames) that point to their Profile ID via cryptographic pointers
4. Searchable Identity: Friends can find each other either by the full 96-character Profile ID or by the optional public identifier

Friendship Requests

image1668×827 88.1 KB

The friendship system works through a simple scratchpad-based messaging system where the communication partners tell each other where they expect the messages and check that location in intervals:

1. Profile Discovery: Each user’s profile is stored in a public scratchpad at their Profile ID address, containing their display name, profile image, and most importantly, the access credentials for their friend request scratchpad

2. Friend Request Scratchpad: Each user has a private scratchpad where friend requests are received. The profile contains the private key needed to write to this scratchpad. Since the private key to this Friend Request Scratchpad this will be changeable in future upgrades => to mess it up repeatedly would be costly because then the requester would need to pay for it.

3. Request Process: When Alice wants to add Bob as a friend:

   • Alice looks up Bob’s Profile ID (either full 96-char ID or via public identifier)
   • Alice reads Bob’s public profile to get his friend request scratchpad details
   • Alice posts a friend request containing her own response scratchpad address

4. Response Process: Bob periodically checks his friend request scratchpad:

   • When Bob sees Alice’s request, he can choose to approve or deny
   • If approved, Bob posts his response to Alice’s specified response address
   • Alice polls her response scratchpad and receives Bob’s approval

5. Connection Establishment: Once both parties have exchanged scratchpad addresses, they can establish a direct WebRTC connection for real-time communication

This decentralized approach ensures no central server ever sees or stores the friend relationships - everything is mediated through the Autonomi Network’s scratchpad system.

Architecture & Technologies

The Friends Messenger is built using modern web technologies:

• Frontend: Svelte/SvelteKit for reactive user interface
• WebRTC: Direct peer-to-peer communication with automatic NAT traversal
• Autonomi Network: Decentralized storage network for profile and friend request data
• Scratchpads: Autonomi’s mutable storage system for user profiles and to facilitate peer discovery
• Smokesigns Library: WebRTC abstraction layer for simplified peer connections
• Cryptographic Security: SHA256 hashing and hex-based addressing for secure identity management

Development Features

• Multi-language Support: UI available in English and German. Other languages will follow soonish
• File Sharing: Support for sending images, videos, and files through WebRTC data channels
• Theme Support: Customizable UI themes
• Real-time Status: Connection status indicators

Troubleshooting

I recommend installing dweb via cargo after installing rustup (the rust development environment)

e.g. on Linux/MacOS:

curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh

(after that you need to close and open the terminal again)

then the

cargo install --locked dweb-cli

Error scenarios

in case you see errors with the dweb install you may need to:

sudo apt-get update && sudo apt-get install libssl-dev pkg-config

Can’t wait to try this out finally a secure message service with no servers

I fantasize about using Matrix network or Simplex here… is this possible?

Do you plan group chats? video conferences?

Well - it would require a specialised client that connects to the other protocol on one side and the other side to connect to a chat room when wanting to bridge the two - anybody would be free to write this bridge - but for just offering a gate simply relaying messages without switching the protocol (maybe going through a secure websocket on port 443 to not even get blocked by outgoing filters in company firewalls) would be simpler I’d think

Absolutely - the next task I’m tackling since 1:1 is working

Audio/Video mid to long term probably - it always is more work and the path longer than I expect/hope

Nice one @riddim definitely a top contender for me!!

thanks man!

since it didn’t seem obvious to everybody maybe worth stating here clearly

“Yes - this is the birth of a fully decentralized discord that cannot ever be taken down”

just without the nitro stuff because there are no servers/domains/companies/… that need to be paid - everyone is on nitro

(imaginary future scenario)

• with a jams plugin you can show others which songs you’re currently listening to and others can listen to your song right from your jams-enhanced status that comes with a play button

• with a colony plugin you can search + drag&drop things from your data collection in the chat and share it without re-uploading (and possibly failing due to file size limits…)

• and with the [annoying-gif-to-short-description]-plugin all incoming gifs are being sent to a vision AI that captures the content/meaning of them and converts them to e.g. [hugs] - [laughing] - [explosion] - [gif showing a foot dipping its toe into water]

• oh and a shared screen will not be shared from 1 server to anybody else (causing a breakdown when too many people are listening/viewing) but it will be shared from the presenter to e.g. 5 others - those stream it further to the next 5 each - from where it gets streamed to the next group. 5-25-125-625-… Adding a super short lag on hops but making screen share scale instead of break

…it’s not just “another p2p solution nobody will use” it’s connecting to people live … on steroids

another plugin:

image533×800 35.5 KB

learn a new language easily in your daily conversations.

I really like that one I think I need to write that plugin for real now xD - I want to speak spanish!

My request : an SDK for writing plugins

you can get that - we’ll see how much of a real sdk is really needed - for starters a Template (+ some examples) and a description how it’s done should be sufficient for a JS dev to get started.

we’re talking about simple to use standardized Javascript WebComponents loaded as dynamic imports from Autonomi

e.g. Message-Modifiers will at first just get the whole Message Element as input argument and return the modified Message (changed content/changed styling/…) maybe some additional metadata like username, timestamp, context-stuff (since it all runs client-side adding context that is not being processed by the plugin isn’t a real issue … but it’s annoying if you want to enable a plugin just for certain context to not be able to do it …)

I love the way you keep rolling loose balls into the penalty box for me

Any excuse… https://www.youtube.com/watch?v=1A_4t9xsnmg

you are just way too smart for me my friend I’m not sure what you want to tell me here xD

but another day another friends plugin idea

image533×800 50.6 KB

(for those of us who aren’t as smart as @Southside but want to say something smart once in a while - just like me )

okay - in the light of symmetric NAT seeming to be more a thing than I hoped it was

image533×800 37.6 KB

I’ll move up the message-relaying in the priority list. The changes I made to the 1:1 hole-punching library already include an additional layer that is there to inject relayed messages to reduce the needed connection count.

I happen to have ordered a mikrotik router and plan to start using it somewhere within the next week … so for this development I’ll configure it to use the annoying symmetric NAT I’ve personally not experienced in my tests so far … and will therefore be able to implement and test

to break open difficult to establish NAT communications within a few seconds (and to not need for any symmetric nat to try and break open the connection to another symmetric nat the multi-chat will already in its first version be using message-relaying and gossiping to create the network communications)

and messaging DMs via asymmetric encryption through a multi-user room will be prioritized over 1:1 communication where possible to 1. lower connection count 2. decrease the possibility of 2 symmetric NATs needing to talk to each other … breaking symmetric nat <> symmetric nat open does take up to ~30 minutes … which is really not what we want to do unless we need to …

We’ll see how important additional GATEs will be on top of this. I’ll most certainly have them go through wss (secure websocket communication) on port 443 which is open even in company networks and on airports and stuff where outgoing udp might be blocked …

Simply that you never spoke Spanish to me

Y estoy tan decepcionado

Yo soy not very good at español

Das ist kein Problem

Zwei San Miguel bitte!!!

haha - I actually order that every time I see it on the menu xD

Like Efes, its a beer that does better in the sun.
I much prefer it poolside than standing at a bar.

another day another friends plugin

image533×800 49.6 KB

Very nice! Can I request a file-sharing feature? Maybe with a separate interface to allow to easy keep track of files that have been shared with you (as opposed to sharing a file link in a message thread and then having to scroll for miles to find it again).

Cheers

hmhmmm - in telegram you have a separate view where you can see shared pictures / links / files in a chat

i assume you’re right and that would indeed be something useful … i used that one pretty often to get to a picture fast good idea