- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
https://github.com/positive-intentions/chat
I’m excited to share with you an instant messaging application I’ve been working on that might interest you. This is a chat app designed to work within your browser, with a focus on browser-based security and decentralization.
What makes this app unique is that it doesn’t rely on messaging servers to function. Instead, it works based on your browser’s javascript capabilities, so even low-end devices should work.
Here are some features of the app:
- Encrypted messaging: Your messages are encrypted, making them more secure.
- File sharing: Easily share files using WebRTC technology and QR codes.
- Voice and video calls: Connect with others through voice and video calls.
- Shared virtual space: Explore a shared mixed-reality space.
- Image board: Browse and share images in a scrollable format.
Your security is a top priority. Here’s how the app keeps you safe:
- Decentralized authentication: No central server is required for login, making it harder for anyone to gain unauthorized access.
- Unique IDs: Your ID is cryptographically random, adding an extra layer of security.
- End-to-end encryption: Your messages are encrypted from your device to the recipient’s device, ensuring only you and the recipient can read them.
- Local data storage: Your data is stored only on your device, not on any external servers.
- Self-hostable: You have the option to host the app on your own server if you prefer.
The app is still in the early stages and I’m exploring what’s possible with this technology. I’d love to hear your feedback on the idea and the current state of the app. If you have any feature requests or ideas, I’m all ears in the comments below!
Looking forward to hearing your thoughts!
But we already have decentralized encypted chat, it’s XMPP.
Is yours truly P2P? What about clients behind NAT? Does it use STUN/TURN servers?
I’m using peerjs-server. I’m also investigating other ways to achieve peer discovery which itself could be quite a discussion.
Maybe look at how syncthing works
Thanks. I want to also investigate if YJS could also fit into the app.
Can users self host that and set up clients to use their own servers?
Users can selfhost the frontend and backend independently. When creating a profile, you can set it to use your own peerjs-server (set preferences)
The frontend is only run as client-side JavaScript. There isn’t a step to “set up clients”.
Interesting project, cool to see that you are passionate about this. Nostr does much of this and can do it entirely in-browser without having to trust any particular relay like AP/Lemmy/Mastodon does. It has encrypted DMs. Might want to check out the protocol.
Thanks. It’s been mentioned before and I’d like to take a look at it when I can make the time.
What encryption protocol u using? I wpuld strongly recommend using signal protocol but i dont exactly know how the implementation of that in js would work
The project it’s in its early stages. There isn’t anything as formal as a protocol yet. That is also why there isn’t good documentation about it… The best I have for your question is:
https://positive-intentions.com/docs/research/authentication
Where is the crypto documented? I’m immediately dubious of messengers that do not provide LENGTHY documentation about the crypto. Did you roll your own? Are you using libraries? Which ones? Etc… It’s not s good start to see that you have the self signed certs hard-coded in the repo…
Sounds to me that it would have been easier to create a web-based client for an existing messaging system with such features (like Briar).
perhaps.
it started of very vanillajs, but i found that users didnt like the appearance. so i added a faily basic implementation of material ui.
existing frameworks were not compatible with the look, feel and funtionality i was after. i still havent achieved it, but im happy with the progress.
Nothing against this, but isn’t this basically Matrix?
It’s similar to matrix in many ways. The key difference is with mine it’s is purely browser based. Unlike traditional solutions like matrix where you have a (self)hosted server, mine does not require things like registration or installation.