Not only can you avoid installation, you aren’t locked to a platform like android and iOS.

with the browser based version something similar to signing can be achieved with https://developer.mozilla.org/en-US/docs/Web/Security/Defenses/Subresource_Integrity … the update can be done with the unique hash being updated

i think along with the native build of the app, it should cover the bases for all users depending on their needs.

id like it browser-first, but its isnt limited. the features from the open source version can also be applied to the new version. but only worth doing when it reaches a reasonable level of stability.

https://positive-intentions.com/blog/docker-ios-android-desktop

versions control is especially important for cybersecurity and so details will be investigated for the best way to approach this. it would be particularly important to have locked versions that have a third-party security audit, but the project seems far from that.

in an ideal world where i manage to get the main project to be open source sustainably. it would make things more decentralized we can remove having the statics served from the internet like its possible on the opensource version. its possible to provide a static bundle that can work from running index.html in a browser without the need to run a static server.

the static bundle of the open source version can be seen and tested to work from this directory: https://github.com/positive-intentions/chat/tree/staging/Frontend

not true

care to elaborate for my benefit? i could stand to learn something if you have some insight. ive tried several grants applications and places that provide funding for open source project. im aware they exist… all rejected me. im sure many are inundated with project submissions that have a more professional quality and able to articulate details better than myself.

don’t trust anything else you say

this is the way. i have open source code so i dont have to ask you to trust me. its why its important for the MVP to remain open source.

the key distinction between this project and other is that its presented as a PWA. A key cybersecurity feature of this form-factor is that it can avoid installation and registration.

why are there closed source parts?

because open source wont pay the bills.

the javascript-over-the-internet is indeed a concern that has always been mentioned about this project. to address this, im investigating the to use service workers to cache the file. this is working to some degree, but needs improvement before i fully roll it out… i would like to aim for something like a button on the UI called “Update” that would invalidate the service-worker cache to trigger an update.

as for selhosting, i hope to have something more elegant than selfhosting on localhost or using a dedicated app. the capabilities are demonstrated on the open source version and are transferrable. its possible to provide a static bundle that can work from running index.html in a browser without the need to run a static server.

the static bundle of the open source version can be seen and tested to work from this directory: https://github.com/positive-intentions/chat/tree/staging/Frontend

when i reach a reasonable level of stability on the app, i would like to investigate things like a dedicated app as is possible on the open source version. https://positive-intentions.com/blog/docker-ios-android-desktop

Yes. Im investigating introducing clerk. I hope to use that to create a subscription model. I would like to charge $1 per-month as per the minimum allowed by clerk.

i started off thinking i could avoid charging users entirely given it seems a norm for secure messaging apps to be free. but given the grant rejects and the lack of donations on github sponsors (completely understandable), but its clear that it wont be able to sustain the project.

i also tried google adsense on the website/blog but it was making practically nothing. so i disabled it because it wasnt a good look when it goes against the whole “degoogling” angle.

thats right. the key distinction between this project and other like it like simpleX is that its presented as a PWA. A key cybersecurity feature of this form-factor is that it can avoid installation and registration.

The project is far from finished and it woudnt make sense to create something as clear as a comparison table. Especially because core features like group-messaging isnt working.

If you have features youd like me to compare, feel free to ask and i can tell you how it it compares.

Some technical details can be seen here if your want to draw your own comparison.

• https://positive-intentions.com/docs/projects/chat
• https://positive-intentions.com/docs/category/sparcle

Its important for things like the cryptography module to remain open source for transparency and clarity (kerkhofs principles). Open sourcing things like the p2p framework would only put me at a competative disadvantage.

The open-spource version of the project is fully functional and has always been open source. I keep it open because the project demonstrate a unique concept, which is useful to demonstrate with transparency. After seeking support for that version of the project, it is clear that there is no support for a one-man-band and so i deprecated it (and now call it an MVP). i am proceeding in a close source direction as i improve various details like UX and features.

There are several modules involved in the project. Some key parts are listed below

Open source:

• Cryptography module
• Signal protocol
• MVP version
• Various experiements / blog / website

Close source:

• P2P framework
• PWA boilerplate
• UI Components
• Storage manager

threat model

It’s client side JavaScript. I think a webrtc connections is reasonably audited and encrypted. When using webrtc, ip addresses have to be shared. If the IP address could be hidden, it would improve “privacy” on my app.

It would be ideal if I could find a way to interface with the tor network with Client-Side JavaScript. I’ve come across something interesting here which id like to investigate further. https://github.com/Ayms/node-Tor

Just to be clear, my app is not better than jami (or any other app)… because its unreviewed close-source code.

The key distinction in my approach is that it’s a webapp-first approach. You can avoid registration and installation, which is a feature other apps don’t provide.

There are ways around using a central server to establish a p2p connection. It isn’t well explained or demonstrated, but the concept seems to work here: https://github.com/positive-intentions/chat/issues/6 … I’d like to explore this more with exchanging the required data over QR codes or NFC.

Simplex is a great approach for p2p communication. I can easily recommend it over what I have done so far. At the very least, it’s gone through things like a professional security audits and seem to keep a high standard in their practices.

It’s a webapp hosted on AWS S3. That can be shut down along with the domain. I’d like to improve the functionality I have for the cacheing, so that it doesn’t need to fetch the statics from online if it already previously fetched them.

The open source version has a mirror hosted on GitHub pages. You can fork it and run it yourself there for free: https://positive-intentions.com/blog/docker-ios-android-desktop#github-pages

“private and secure chat app”

I don’t think it’s a solved problem. There are countless nuances to it. So it’s good to have various approaches.

https://positive-intentions.com/blog/docker-ios-android-desktop

this a yet another approach to a “private and secure chat app” because its a unique approach to the same problem which id like to investigate.

its a work in progress and hope to get to a point its comparable to Signal and OnionShare.

for now, the purpose is to present open-source code to demonstrate a concept. like mentioned in the post it isnt ready to replace any existing tools.

sorry for the delay in responding. personal matters required more focus and to reply to you i wanted to set aside some time to write well for clarity.

… Might as well get real-life practice at writing.

im not entirely bad at writing (technical or otherwise) to get to where i am now in the project, i usually write with my own words like now. the blog articles you see on the website are from old reddit posts. questions like your are understandably frequent and so it made sense to create the website and blog to address FAQ’s. i think its important to note how im using AI here. while i can say to AI “here are some bullet points, now turn it into an article…”, i have written the content and details myself and then have AI reword it for clarity. i think the resulting content is better for clarity.

What is the lifetime of each user’s public/private keypair? What is the lifetime of the symmetric key shared between two communicating users?

the implementation sits ontop of a webrtc connections which mandates its own encryption keys. my app adds an additional set of public/private keypair and symmetric keys. these are persisted to browser storage (indexedDB). the keys are cleared if the user performs a logout (its all client-side, so there is no actual “logout”, it clears the local data).

key rotation is a work-in-progress and not testable in the app. while i can have a button that says “rotate keys”, im planning to frame it as something like “block contact”. this is because it makese to keep user ID’s static, so that in future sessions, the app can automatically connect to “known peers”. in the case you want to block someone, it makes sense to abandon that ID so they cannot ping you with it. when you connect to a “know peer” that doesnt know your new ID, it can use the previsously establish keys to verify each other and update the contact details accordingly.

its also possible to export the data to a file to then load from that profile. its currently static and unencrypted. there will be an option to have it all password encrypted. https://www.reddit.com/r/cryptography/comments/1lhjpxk/veracryptlike_functionality_from_a_browser/

I take substantial notice whenever a promise of “true privacy” is made

completely understandable. as mentioned in the post cybersecurity is full of caveats. here is a previsous attempt to outline some details: https://www.reddit.com/r/cryptography/comments/1evdby4/is_this_a_secure_messaging_app/

im also investigate various approaches to exchanging data offline with QR codes.

(written by me): https://www.reddit.com/r/positive_intentions/comments/1b5j424/file_sharing_by_qr_code/ (written by having AI transcribe my wording): https://positive-intentions.com/blog/qr-codes-as-a data-channel

id also like to investigate other things a browsers can do like exchange encryption data over NFC.

it isnt use-friendly yet, but i also have some basic functionality around p2p broker connections to avoid needing the peerjs-server (which acts as the broker.). some unclear details which could do with AI clarification can be seen here: https://github.com/positive-intentions/chat/issues/6

If a secure medium existed, then secure key exchange would already be solved

the existing key exchange should be already secure enough… but users would understandably want to be sure my code doesnt have a critical-bug and validating hashes provides that bit extra.

many others have also tried their hand at secure messaging, with more fails than successes.

i have seem some other myself, and i still believe my approach is unique. there are of course limitations in the webapp form-factor, but it also provides a lot of flexibility in just being able to run on a browser. while many try/succeed/fail, this is my attemp. i have been refining my approach with feedback and there is still much to do. at this point i dont consider it insecure, but the UI is pretty ugly and combined with various UI bugs, is deterring users. with the code being course source, i often try to present some concepts in a more digestable way with code examples as seen:

• https://cryptography.positive-intentions.com/?path=%2Fstory%2Fcryptography-introduction--welcome
• https://github.com/positive-intentions/cryptography

there is a lot to learn but by breaking things into small parts, i can better learn how it can all fit together.

“cryptography engineer” and not a cryptographer

i like that term. its new to me. i normally just call myself a webdeveloper to clarify my expertise. its more so the case than a cryptography engineer. i open sourcemy work for transparency, but also great for my own learning.

thanks for the good wishes. hopefully i get to a stage where its better presented as a product and not just a proof-of-concept.

thanks for taking a look.

firstly i would like to apologise for throwing the following blocks of AI text at you. i often used AI to create documentation for the project. im not much of a writer, im sure its more clear from AI than if i did it myself.

• how the authentication works: https://positive-intentions.com/docs/research/authentication
• how security works: https://positive-intentions.com/blog/security-privacy-authentication

the ID’s are cryptographically random to make it reasonably certain that strangers cannot connect (because its an ungussable ephemental string). this is used with peerjs-server (open source and documented) to connect with a predictable ID. when this ID is shared “through some other trusted channel” (e.g. whatsapp, qrcode), the peers connect and establish encryptions keys (see links above). afer the first connection (expected to be secure!), the previously establish encryption keys can be used to authenticate the user (to prevent MITM).

Was that document crafted for this project specifically?

long story short… this is my sideproject and im trying to get it off the ground. as i post more about the project, i decieded to create a website to “document” the project. there are understandable questions like yours, so made sense to answer them in the website. this includes things like the threat-model… while one-shotting is a thing you can do with AI, the threat model took several days of learning, thinking and consideration. i also posted about it on reddit for feedback and updated it accordingly.

Was it prepared by a cryptographer?

am i a cryptographer yet? having worked on this project i must have picked some stuff up. i still find that i need to learn much more.

And was it generated using an AI/LLM?

i hope admitting i used AI doesnt undermine the effort i put in. i try to communicate details in places like lemmy and the code is open source. AI enables me to demonstrate granular functionality that is easier for me to test as well present to professionals; in contrast to presenting overwhelmingly complicated code on github. for example for my cryptography functionality i created a separate repo to try things out for my learning: https://cryptography.positive-intentions.com/?path=%2Fstory%2Fcryptography-introduction--welcome

there are good and bad ways to using AI and i believe im doing it responsibly. i have been a coder for 15+ years. i can do it myself, i simply cant type as fast as AI making it indespensible when working on a project of this scale. i completely understand your concerns and im all ears for advice on a reddit post i asked: https://www.reddit.com/r/CyberSecurityAdvice/comments/1lekrsx/what_advicebestpractices_are_there_for_creating/

(its why like in all my app, website and posts (like this), i try to strike caution.)