Steem Messenger V0.0.3 : Private Beta Session, Image encryption, and many more !

in #utopian-io3 years ago (edited)


Chat securely with the power of Steem blockchain !

Github repository
Pull request

The Steem Messenger


What is the project about?

Steem Messenger is about convenience, security, and privacy. Many Steem users decided to use chats mediums like Discord, and Steemit.chat. Steem Messenger enable a secure and fast instant messaging interface between users on the Steem blockchain, without the need to trust your recipient, or any third party. This is a Proof of Concept. The project is still in developpement stage, and this release is not yet hosted on our servers.

Technology Stack

We use a combination of Javascript, and of course, HTML and CSS for the frontend. We also implemented the require function in our client side with Browserify. We use socket.io , socket.io-client and MongoDB. express was added to dependencies, and will be used for the public release.

Features


For now, the features included are :

  • Login screen with client sided authority
    With the power of the Steem blockchain, and a little bit of clever thinking, we created a login form that is both secure and trustless. Your login information is loaded in the browser, meaning that your private memo key is safe.

  • Instant private end-to-end encrypted messaging, based on your account's keys
    With a clever use of the function steem.memo.encode included in steemjs, we made a chat system where only you and your recipient can read them. In case there is a data leak, your content will be safe, as long as you keep your private memo key in a safe place.

  • Share encrypted images and files with others
    We added the possibility to encrypt images and files and to send them to your recipient. Note that it can take quite a lot of time to encrypt a large size image, so we restricted the size limit to 100 Kb. Files are not stored on our database for the moment, which means your receiver will only receive them if he is connected. It also means when you disconnect from the app, or refresh the page, the image will disappear from the chat.

  • Keep the control on your data
    With all the controversy about data leaks lately, we decided to give you full rights to your data. We believe your messages belongs to you. So we integrated a function to delete every message at once between you and your recipient. The clear discussion button gives you the ability to delete all the messages you own on the database in just one click, making this chat legal-proof, wich means it can't be used as a legal material. We believe a chat session should be just like talking to somebody in real life. We know words fly, and writing remains, so we decided to make the writing as volatil as speach.

  • Secure database
    All your messages are encrypted in your browser before they are sent to the server, providing you an E2EE (End to End Encryption). Meaning that only you and your recipient can read your messages, as it would take 10,000 centuries to successfully brute force your memo key with a regular computer. No institutional agency can actually decode your messages without your memo key, wich make Steem Messenger a great medium of communication.

  • Widget interface
    Steem Messenger is designed for convenience, and modularity. As we want to extend the usage of this application to all the Steem ecosystem, we need to make a unique interface, that can fit in an extension for example.

  • User-friendly interface
    We believe mass adoption is achievable if the interface is easy to understand, and without complicated concepts. Any person can use this application, given the fact that they have a Steem account.

How does it work?


Client side

We heavily upgraded the user interface, and added a lot of small functionnalities that adds up, and gives you this powerful communication tool. Here's the welcome page :

Now, the page is just here to present the project. Everythings happen when you click on the "+" button on the bottom right.


SM.gif

You can connect to the interface by entering your personnal informations. Please remember you need exclusively your private memo key, as other keys would not work with the encryption feature.

It will check the public memo key associated with your username (pubWif = result[0]["memo_key"];) and verify if the private key you specified is valid with steem.auth.wifIsValid(privWif, pubWif);. If everything is ok, your private key is then stored on a local var with var privateMemoKey = privWif;.

Once you've logged in, you can then set your recipient name and your message in the specified form, and start messaging with your recipient.

Once you've chose your recipient, it will fetch automatically your recipient public memo key (publicMemoReceiver = result[0]["memo_key"];), and encrypt your message with var encoded = steem.memo.encode(privateMemoKey, publicMemoReceiver, texte);.

Here is how the function works :

Your input is transmitted to the server with socket.emit, and you can see your message is encrypted before it goes to the server.

The data is then saved in the database.

Same thing when you receive a message, this is what happen :

The raw variable is the encrypted message received from the server. It is decoded with var decoded = steem.memo.decode(ind.key, raw);, and then, inserted in the chat box. Without your private Memo Key, nobody should be able to decode your message but you.

Server side

The server now has a new function. It automaticaly retrieves all the messages related to you from the database with chat.find({tags: { $all: [user, receiver]}}).

The server is now hosted on one of our domain, and we are starting our first private Beta testing session. More on this below.

Installation guide


To test this release, you need Node.js, and MongoDB.

Simply use npm install into the directory, start mongod, and then run type npm start. You can now launch index.html !

Private Beta Session


We are searching for a few people to test the messenger for a given period of time. Every person selected will have to choose one friend to test the application. If you are interested in testing one of the most exciting project on this blockchain, please feel free to submit your application in the comments section.

Roadmap


We aim to be the most secure, fast, and reliable way to interact and chat with people/groups/guilds on the Steem blockchain. For now, we are working with the goal of delivering the first public release. Here are our next steps :

  • Add previous conversations list
  • Improve graphic style
  • Add many features

Changelogs


0.0.3 :
  • Widget interface
  • Total rework of the code
  • Added images and files encryption (restricted to < 100 Kb files)
  • Added a "return" button to return to receiver selection
  • Application deployed successfully !
  • Various tweaks and optimizations
  • Private Beta Testing session
0.0.2 :
  • Improved user interface
  • Added functions to client.js to interact with the index.html
  • Added login interface
  • Now you receive only messages that are related to you
  • The clear function now delete only the data related to you
  • Preparing the code to be deployed online with express
  • A process.env variable was added, the mongo database is now ready to deploy safely
0.0.1 :
  • Encode/decode function created
  • Using socket.io and mongodb to build the chat
  • Verifies authority localy on your browser
  • As a first release, you received every encoded messages from the database
  • clear all messages function
  • Simple UI
  • Proof of concept released

Contribution


If you would like to contribute to this project, or have any question about it, feel free to contact me on Discord @Kingswisdom#7650, or on github



Posted on Utopian.io - Rewarding Open Source Contributors

Sort:  

I would like to beta test, and possibly contribute! I can't seem to dm you on discord, but you could join my discord server.

Hi.

I'a very interested to beta test your app :)

Could you add the repository link and the pull request link ?

Repository and pull request link added ! Thanks for noticing this ! Your request to the beta test has been noted ;)

Thank you for your contribution. Since you are not keeping the encrypted message on the blockchain, do you really need Private memo Key? If you are just creating for some sense of authentication then its better to create that directly in your app.


Need help? Write a ticket on https://support.utopian.io.
Chat with us on Discord.

[utopian-moderator]

Someone already asked me this question for the V0.0.1 of this project. In fact, we need to use the private memo key to be absolutely certain that your recipient is who he claims he is.

If we do this with another encryption system, anybody could create an account with the name of a powerful account, and start to scam people. This problem already happened on other mediums like Steem.chat and Discord.

interesting point of view. thx

Hey @kingswisdom! Thank you for the great work you've done!

We're already looking forward to your next contribution!

Fully Decentralized Rewards

We hope you will take the time to share your expertise and knowledge by rating contributions made by others on Utopian.io to help us reward the best contributions together.

Utopian Witness!

Vote for Utopian Witness! We are made of developers, system administrators, entrepreneurs, artists, content creators, thinkers. We embrace every nationality, mindset and belief.

Want to chat? Join us on Discord https://discord.me/utopian-io

Loading...

Hi @kingswisdom! You have received 1.0 SBD tip from @cardboard!

@tipU is looking for SP delegators: pays out 100% of profit to all investors - more info here.

I’d be down for a beta test if you are still searching people !

Hello :)

I want to make a new logo ?

Congratulations! Your post has been selected as a daily Steemit truffle! It is listed on rank 1 of all contributions awarded today. You can find the TOP DAILY TRUFFLE PICKS HERE.

I upvoted your contribution because to my mind your post is at least 36 SBD worth and should receive 150 votes. It's now up to the lovely Steemit community to make this come true.

I am TrufflePig, an Artificial Intelligence Bot that helps minnows and content curators using Machine Learning. If you are curious how I select content, you can find an explanation here!

Have a nice day and sincerely yours,
trufflepig
TrufflePig

This is a pretty cool use of the memo pub/priv tech available on steem there was something in the early days of steem that was sort of worked like a twitter page each day the app would post a new blog then all posts from that day by users where simply comments on the blog. it would be interesting to combine the memo key encryption method with a chat stream like this and have the app be able to encrypt for each user in the chat stream using their pub/priv keys pair. Thanks for posting about this man.