• 19 Posts
  • 48 Comments
Joined 9 months ago
cake
Cake day: June 13th, 2024

help-circle
  • positive_intentions@lemmy.mlOPtoOpen Source@lemmy.mlP2P E2EE Messaging
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    5 days ago

    group chat is still a work-in-progress, but it’ll work in a way where asymmetric and symmetric encryption keys are generated in javascript using cryptography tools provided by the browser of your choice.

    when a connection is established over webrtc (which mandates encryption anyway), the asymmetric keys are exchanged using the diffie-helman technique.

    the keys are persisted into browser storage (indexedDB) so in a future reconnection, new keys dont need to be rgenerated. if you connect to a “known-peer”, the keys can be used for a kind-of p2p authentication.

    all the security here depends on the security of the connected devices involved. this approach is in contast to connecting to an api to authenticate and proxy encrypted messages.

    for more info there may be related information/links here: https://positive-intentions.com/blog/security-privacy-authentication





  • There’s sometimes a bug where you have to have to exchange that ID both ways.

    There a lot of docs to read through so just in case you overlooked it, I hope the video on this page helps: https://positive-intentions.com/docs/basics/peers

    If that doesn’t help, then it’s something I need to fix. I am aware of a few issues with connecting to people when not on the same network. Webrtc should still work, so I chalk it up to some bug I should prioritize.

    Id be interested to hear about the experience of trying to connect with the file app. I added some changes to make things work better, if that works I may have an idea of how to fix it for the chat app.











  • its browser based. it uses webrtc to create p2p connections between browsers. concepts like authentication takes the form of using cryptography capabilities of a typical browser. the storage of data from messages to encryption keys are stored in indexedDB as provided by the browser of your choice. there is an emphesis on client-side browser-based capabilities in all parts of the app.

    matrix is a good peer reviewed and generally reccommended solution. this project isnt intended to replace any existing solution. there are many other similar projects out there, but i notice there arent many presented as webapps. this is my attempt.