I’m really hoping the SAFE Network will offer a solution to the instant messaging problem. Right now, I need so many different messenger clients to keep in touch with people. Most of them are proprietary and walled gardens. When you leave one, you lose all your contacts.
There are “decentralized” solutions like XMPP and Matrix, but these are reliant on “home servers”. I prefer to think of them as polycentric rather than decentralized. When your home server goes down, you lose your account, and unlike with email, there aren’t many large reliable institutions offering service on these networks.
What we need is an open source protocol that’s truly decentralized, encrypted, extensible. I feel like the SAFE Network will make that a possibility.
One way to do it would be simply by PUTing the messages that are intended for a given recipient at an agreed-upon key. However, I don’t think this is ideal. It sounds like there’s going to be a lot of overhead involved with PUTs, so a long series of short, fast messages isn’t the ideal use case.
So maybe a hybrid approach is possible. We would store our identifying information and credentials on the safe network. When we log on, we would connect to a server, but it wouldn’t have to be the same one every time. When we get a message, the client would display it to us, and if it’s configured to save logs it would put several in one batch before making a PUT.
I’m not sure how this would work for offline messages, though. I suppose that might have to use the PUT method. Maybe someone could think of a way to batch them so it wouldn’t be as expensive.
Anyways, what are your thoughts on instant messaging through SAFE?
There is a messaging component to the network for internode communication.
There will be of necessity be a messaging protocol allowing people to send a message to an ID. Needs to be an ID since that is how Safe identifies the recipient. For instance when someone orders off a shop there needs to be a message to inform the shop owner.
Maybe @bochaco can tag the person who knows (if he doesn’t)
So you could write the (large) message to the network as a file and send the datamap to the other person, if only a short message then prob all contained in the message.
As to recipient ID becoming known then the Secure Messaging App could use determinable IDs (like wallets do with BTC addresses) so then the recipient can get the messages but no way for nodes/elders that are compromised to know that the IDs belong to the one recipient.
The Secure Messaging App for the network will actually be simpler to implement as most of the hard stuff (encryption etc) is part of the network.
OffLine: Not sure how one would be able to send message on the network if not connected to it.
OffLine: Not sure how one would be able to send message on the network if not connected to it.
By that I mean where the recipient is offline. Sending a message that will be stored until the intended recipient gets online, even if the sender goes offline in the meantime.
I’m currently using qtox, which as I understand is fully decentralized - no central server. It works fairly well.
I looked into tox a long time ago. Pretty neat, but it looks like it lacks true offline messaging, and ip addresses need to be exchanged when initiating contact with someone. Room for improvement there.
There are a few now, one based on nostr being discussed recently on my twitter.
The tough part is no longer lack of p2p messaging, but twofold I think:
an open protocol so users are not locked into one app or service
adoption, because most people and their contacts are on Facebook and Twitter
I think Safe Network has the best shot at this because it is not just one chat app or protocol that will be driving adoption. Safe Network is a platform which will have many different apps appealing to different people, and so can generate a snowball effect which feeds into and benefits from the viral nature of its social protocols and apps.
Ideally certain Safe Network social protocols or one such protocol will dominate and we’ll have complete user independence and the ability to connect with anyone on Safe Network with freedom to choose the way we each do this that doesn’t depend on anyone else, including the people we want to connect with.
I feel like it’s important to store the backlog of messages. Privacy focused people might not want that, but I think others will appreciate the transparency of being able to jump into a group chat and see the entire backlog, pin the posts they want to remember. People working together on a project will want to be able to cross-reference things.
I think the main obstacle to adoption is there simply isn’t a good decentralized instant messaging system that has these features. People expect some data persistence in this day and age.
Hopefully there will be messaging Apps on Safe early on since the underlying network provides the required essentials. One of their options is for group messaging, one for burning options (life of message), one for whatever the users want out of secure messaging.
If you want things to be truly SAFE, have a different mechanism than the global public URL/email/DNS scheme for messaging people. Consider how much SPAM people get just because their email address is exposed.
People should have private “pairwise” identifiers for each other, rather than global ones. They should also have pairwise keys for authentication, so they could have off the record messaging and deniability / unlinkability. How they get these can vary — it can be in a side channel or with the help of SAFE. It is more a function of the client side.
If you want to VERIFY that the person on the other side is truly who you think it is, you should use a side channel to do so (such as a video call or chat where you ask them to reminisce about something).
Finally, messages should be left in mailboxes on SAFE which the recipient might check, but SAFE doesn’t link the recipient to the mailbox (steganography). It would be a PULL mechanism. Any sort of PUSH notification mechanism can be added by the user on top of SAFE but can expose people thru timing attacks (disconnecting a person’s wifi and seeing them go offline in a chatroom).
If a user does want to share a public inbox, messages to the user should be encrypted with the user’s public key. They can contain, for example, the public key of the sender, as part of a payload containing the current timestamp / recipient’s challenge signed with the sender’s private key that they chose to use.
My concern about that kind of model would be the overhead of making a PUT for a short message.
I don’t know if this is what you meant by “share a public inbox” or not, but maybe that’s actually a solution. Rather than individual mail boxes, one giant mail stack. There can be services that constantly scan it and let the user know if there’s any mail for them, and other services that batch together a large number of messages to reduce overhead. All of these messages would be end-to-end encrypted, of course, with only the public keys visible.
What happens when one of the participants in a group leaves? How do you switch the encryption keys so they don’t get access to future messages ?
The way I see group chat working is that the entire chat will use one key, delivered to their personal public key in an encrypted message when they join the chat.
I suppose there could be a “key-change protocol”, where the organizer of the group sends out a public message declaring the old key invalid and sending out a new one to the remaining members’ public keys.
EDIT: And if extreme security is needed, then the group chat could work more like a mailing list. When someone submits a message, everyone in the chat gets their own copy encoded with their individual public key.
Correct. Determinable keys allow for that too. Only the seed holder knows the keys before revealing them.
So they can use a new key for every interaction if they desire.
That was the idea for mail on Safe. The inter node messaging is not meant for the likes of this sort of messaging.
There are crypto methods to shared keys where you can exclude a removed keyholder. For instance each member of the group has their own (part) key. I am not up with how it is done but is along the lines of key signing with n of m if I am not mistaken. Only those whose key was involved in the group can read the message, thus revoked people cannot read future message since the encryption key is not available to them for that/those new messages. Another way is each member receives a copy of each message encrypted with the public key they provided, but that way is more wasteful.
I’ve always imagined that instant messaging shall be the way we allow mobile farming (i.e. farming on mobile devices), like an overlay lightweight protocol that can be run on mobile devices with the only purpose of creating a mesh network for end user p2p messages. E.g. perhaps implementing the Lightning Network protocol (over DBCs) where a mobile farmer can create channels where messages will be routed through, obtaining tiny fractions of SNT as rewards for it, which would be the mobile farming reward. So all separate from the nodes farmers which take care of Safe persisted data.
If there were an app which covered the most popular protocols (Facebook, Telegram, Instagram, Google Chat, Email, Zoom, etc), it would be widely adopted. It should be possible to make such a thing, but nothing I’ve seen comes close to being usable by the general population.
If there were a good Safe messaging protocol, then on its own it wouldn’t end up widely adopted. If a cross-protocol app became popular though, and had support for Safe messaging, then people would already have a Safe messaging-compatible app installed without needing to know; they wouldn’t have to install anything new to try it out.
The problem with the cross-protocol app is that some protocols are not secure at all and then confuse users who end up leaking info. So we do need to take care.
A valid concern, as with building your own Safe browser, etc. But I do think these new technologies won’t stand a chance at adoption unless they are brought into the current clearnet world.
One solution would be to create an app (maybe not branded as Safe, though really anyone can brand themselves as Safe if they want anyway), but make it clear in the interface which protocols are secure and which aren’t. Like how browsers show green text for HTTPS; it’s non-intrusive but informative.
With this solution, a new Safe protocol could be still be promoted using the app, which would be good overall for privacy, and while people are using other protocols, they would be more aware of their shortcomings and possibly more protected by the behaviour of the messaging app (for example, automatically withholding read-receipts).
So, definitely a need to take care, but better in every way than just adding another app to the mix, and probably necessary for adoption.
Yes, this part is tough for UX, how intrusive for power users compared to others. I like the general idea but it is a question we need to answer. Perhaps it’s very intrusive and power users can switch it down via a config setting? Some way that even your grannie would know when they are safe and when not but also in a way power users can calm it down to just a padlock colour?
Yep, I guess that’s a bit part of taking care. Just a green padlock would be best I think. Most people will know what it means, which is better than nothing (and currently we’re at nothing for clearnet IM security for most people). There’s no way to keep everyone informed because a lot of people don’t have enough of an idea of what internet privacy means.
Tactically speaking, I’d prioritise adoption above all else, because the more people use it, the fewer people are compelled to download the Zoom app or saying they aren’t willing to download the (comparatively private) Session app just to talk to like 2 friends. Maybe a dialog box that says
You’re using {x} protocol for the first time on Safe Multi-protocol Messenger. Safe Multi-protocol Messenger developers have given {x} protocol a security rating of {y}%.
Don’t show these security rating messages anymore
[Ok]
would be the proper solution to that, combined with a reminder in the form of a little green/grey/red padlock. The padlock would serve a more subtle purpose really: to gradually shift public opinion of those protocols, thus encouraging adoption and support for safer ones.
Problem is these companies spend lot of effort to make things incompatible, they dont want 3rd party clients or cross-platform messaging, they are actively fighting it.
I think compatibility with walled-garden IM protocols is not that important. What I see as important is Safe IM protocol to be core part of the network, not just another app on the network.
It may sound as grandpa talk, but I would target primary email, not FB/IG Messanger features. Email is terrible old ugly mess and if Safe Network could offer service that “feels like email” but without all the ugly heritage of email, it would be a killer feature for lot of people. Maybe some sort of email gateway wouldnt be a bad idea?
I’m running a XMPP server myself, but I got no contacts that use XMPP. I’m mostly using Signal and got some friends to move from WhatsApp, but I’m still on Telegram and WhatsApp because I don’t want to loose the friends who aren’t willing to move.
I don’t try to convince anyone to use XMPP, since many clients are incompatible with OMEMO encryption (same as in Signal), and nobody seems to use one of the older encryption protocols like OTR. And then XMPP is not reliable if you use several clients at the same time (on my computers and mobile devices).
A multi-protocol messenger (MPM) that always chooses the most secure protocol as sketched above by @to7m would be nice. I like that Signal can fallback to SMS (unfortunately not on desktop) and tells me it’s insecure. It might be possible to provide a SAFE plugin for existing MPMs, but we’d sacrifice some security/privacy.
We need gateways, at least for Email, other protocols would be nice, but the user must know “this message will leave the SAFEnet and may be insecure and reveal private data“. (Not with annoying popups of course; lock icons might be enough.) It must be my choice to reveal my data.
What makes messengers successful is apparently their anti-privacy features: WhatsApp, Telegram and Signal sync (steal…) your contacts to tell you with whom you can chat. Quicksy does the same for XMPP, and I don’t think that’s a good idea.
So, how would I know that one of my friends is on SAFE?
I don’t understand how SAFE DNS (or how it’s called) works, but maybe the same or a similar mechanism could be used for a “public phonebook” (mapping of public Email-like addresses to internal IDs) on a gateway? I mean public like I can publish my well-known Email address and a SAFEnet address – if I want to. And I could publish a different SAFEnet address for a different contact (other Email, XMPP, phone). Maybe the SAFEnet addresses could even change regularly or be one-time (if that makes sense, while they still map to a known identity).
EDIT (addition):
So SAFE messenger could use my contacts (phone address book, CardDAV…) to check if my friend published a SAFEnet address if I try to send to their Email address.
