https://github.com/positive-intentions/chat

A webapp for P2P E2EE messaging and file transfer. its a fairly unique approach to secure messaging.

the project isnt ready to replace any existing apps or services, but given the competative market for this kind of project, id like to push it out to get feedback.

i made an attempt to create documentation on the website, but otherwise feel free to reach out with questions about how it works.

Note: this project has NOT been audited. It, along with it’s source code are provided for testing and demo purposes.

  • positive_intentions@lemmy.mlOP
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    8 months ago

    group chat is still a work-in-progress, but it’ll work in a way where asymmetric and symmetric encryption keys are generated in javascript using cryptography tools provided by the browser of your choice.

    when a connection is established over webrtc (which mandates encryption anyway), the asymmetric keys are exchanged using the diffie-helman technique.

    the keys are persisted into browser storage (indexedDB) so in a future reconnection, new keys dont need to be rgenerated. if you connect to a “known-peer”, the keys can be used for a kind-of p2p authentication.

    all the security here depends on the security of the connected devices involved. this approach is in contast to connecting to an api to authenticate and proxy encrypted messages.

    for more info there may be related information/links here: https://positive-intentions.com/blog/security-privacy-authentication