Hacker News new | comments | ask | show | jobs | submit login
Show HN: Decentralized P2P Messaging with Blockchain Verified Identities (stealthy.im)
95 points by prabhaav 10 months ago | hide | past | web | favorite | 43 comments

Greetings, I develop Stealthy with the OP. After reading a lot of the HN dApp posts, I want to address two frequently occurring topics from the comments:

1. How decentralized is this dAPP? Stealthy is decentralized in two main ways. The first is that it does not require a centralized signaling server to establish connections, when two people have added each other as contacts. That of course requires that they initially co-ordinate outside of stealthy (though we do however have a convenience mode that does a one-time centralized introduction / discovery service if both users have that enabled). The second is our storage, which is built atop Blockstack's GAIA storage system (more info here: https://github.com/blockstack/gaia).

2. How secure is Clientside javascript crypto? In other HN posts, I've seen quotes like: 'Nobody who's serious about security is going to use an app that does crypto in javascript. Why not make browser plugins to avoid this complication?' and posted the classic Javascript cryptography being considered harmful article. Blockstack gets around this in a way similar to being a plug-in with their one-time browser download (which is essentially a node process that also has your crypto keys/generation capabilities so you're not transmitting those back and forth for acquisition purposes). You can find more information on that subject in this forum post: https://forum.blockstack.org/t/blockstack-vs-clientside-js-e...

I don't understand what a blockchain is needed for. Resolving registered identities to a public key? Because I can't seem to sign up without an e-mail address, which seems... weird to me.

What is the centralized storage used for? Offline messages and history sync between devices? edit: i didn't see the dAPP part, is it also used in P2P messaging?

How does your decentralized lookup avoid leaking friend requests out into the open?

On your website it also sais you use WebRTC for P2P communication. Am I correct in my assumption then that the STUN/TURN/ICE server at least knows who started talking to whom and when?

I really miss a detailed architecture/protocol overview. It doesn't have to be as detailed as for example the signal docs[0], but just something to be able to understand your architecture and the choices you made on a high level.

[0] https://signal.org/docs/specifications/doubleratchet/

Good questions lawl. I'll try to address them in order:

1. "A blockchain, implemented using virtualchains [6], is used to bind digital property, like domain names, to public keys. Blockstack’s blockchain solves the problem of bootstrapping trust in a decentralized way i.e., a new node on the network can independently verify all data bindings." [https://blockstack.org/whitepaper.pdf]

2. I believe collecting an email is required in case you need to recover your 12 word pass phrase.

3. The default storage that comes with a Blockstack account is a Microsoft Azure Blob. If you implement your own GAIA hub, you can circumvent that with a number of other options, but conventionally you would refer to the other options as 'centralized' too. Consider this though: "We decentralize data storage with relationship to trusted 3rd parties - remove control from app developers, cloud storage providers, etc and give it to users." [https://forum.blockstack.org/t/gaia-decentralisation/4275/2].

Anyway, each user's storage is used for the following things: - contact lists - conversations - offline messaging - initiating WebRTC connections

It is all encrypted client side.

4. We have two forms of discovering users.

The first is where the users coordinate outside of Stealthy to add eachother as contacts--at this point communication is established only between the two chat clients with no third party, consequently there is not traditional leakage that may occur in this mode.

The second (which can be disabled from options) uses a centralized DB and listeners to simply exchange the notion that someone wishes to talk to you. If that centralized DB were to be hacked, that request could theoretically be leaked. The invitation to talk only occurs initially when both parties are not within eachother's contact lists.

5. We do use WebRTC for P2P communication and it can be disabled from the options or during initial configuration. The STUN/TURN/ICE server could certainly acquire some of the information that you mention.

6. We agree with your notion of an architecture / protocol overview and are currently considering precisely how we will proceed with that. Earlier this month we spoke with a representative from the EFF and their advice was to publish a paper on the subject and then commence with formal review of our work, similar to Signal.

Hopefully this helps.

Thanks, you answered some questions, but I still have some question marks. I've bookmarked the website and will check back for the (white)paper.

Curious about the choice to use cloud storage vs. IPFS or something similar. What was behind that?

With Stealthy, everything is encrypted client side. Therefore, cloud storage acts as a 'dumb' storage for all your encrypted files.

You can store your files redundantly on S3, Azure, Google Cloud, Dropbox, and even IPFS. We just have to enable all those drivers :)

I think these are more questions about Gaia than Stealthy, but apply to any multi-user application on Blockstack:

- How are my messages to another user retrieved from my encrypted storage? - Does sending you a message push the message into your storage? - Do I (i.e., my Blockstack node) have to be online for my message to you to be retrieved later (say, the next time you're online)?

All the messages user A sends to user B is stored in user A's storage. User B poll's user A's storage for the messages.

We have offline messaging (file polling) and online messaging via WebRTC.

You don't have to be online, your contacts are polling your storage and as long as your storage is online, the messages will be sent.

Once User B receives the message, it is also stored in User B’s storage too.

We're also considering ephemeral messages so the messages aren't stored at all.

I'm curious if you all could implement some sort of "mixing service" so as to minimize metadata?

18pfsmt, that's an interesting question. Do you have any specific examples you can point us to? When I think about a network drawn atop of say WebRTC connections, it's possible for a message to travel realtime via hops from person A to person B via persons C, D & E even though persons A & B have no direct connection, obfuscating the path and connection information that lawl alluded to with STUN/TURN/ICE servers. A similar situation exists for offline messaging polling between data storage where we could obfuscate that transaction via another user's client (i.e get person C to poll for messages from Person B to Person A offline). I'm not sure if this is what you had imagined or if you were thinking of something else?

Not sure if it's helpful for your specific case, but that's pretty much what Tox is doing. They have a DHT and to 'avoid' leaking connection information they implemented onion routing[0]

> Tox generates a temporary public/private key pair used to make connections to peers in the DHT. Onion routing is used to store and locate Tox IDs, to make it more difficult to, for example, associate Alice and Bob together by who they are looking for in the network.

Again, I'm not sure if that'd be all that helpful in a case where e.g. Azure sees all the edits, I think timing attacks are pretty simple when you see the entire network. But then again, I'm not an expert and I also have no clue how your software works, so i don't want to go out on a limb.

[0] https://wiki.tox.chat/users/techfaq

Yes, that's similar to what I had in mind. Have you all looked at https://en.wikipedia.org/wiki/Zerocoin ? My understanding is that Zerocoin eventually developed their own protocol/ blockchain, but originally they operated a mixing service on top of Bitcoin.

I admit to being out of my element on this, so I may not be phrasing things correctly, but reading through this discussion it seemed like there would be lots of public metadata for a would-be attacker to work with.

Indeed if one was observing the entire network, they might be able to piece together useful metadata as you both suggest. The kind of thing you might do with a NarusInsight. Tox and Zerocoin have done some interesting work towards this end and it's definitely something for us to consider going forward.

Thank you lawl & 18pfsmt for highlighting protection of metadata vs. content. At this time protecting content seems like the minimum bar by which one should measure, with metadata protection being the ultimate goal without sacrificing performance or convenience.

I totally get security/privacy vs. usability. I'm not trying to shoot you down btw. I just think we need to openly talk about these trade-offs or rather, make them clear to people who care about them (me).

Signal for example is great when it comes to confidentiality and actually easy enough to use so my mom messages me on signal, not so great when it comes to not leaking metadata. Nobody else I know uses Tox. But I know that when I use Signal it's a trade-off I'm fine with, but I'm aware of it.

Absolutely agree with you. Transparency in a messaging platform is important (it's sort of captured in EFFs criteria for a messenger too as regards open sourcing and inspection--not sure if you saw their recent 4 part series on messaging or earlier piece on all available messaging tools).

Your comments and 18pfsmts got me thinking about metadata from a different angle than I had been considering prior--that of a state actor's capability to observe the entire network. Your comments never came across as negative.

So this is like a decentralized keybase? Are the identities and associated public keys stored in a decentralized manner? It wasn't clear to me when I registered an identity, because I figured if it's decentralized, then I would have to pay for it in some manner with a cryptotoken. I always thought this would be a good use case for Ethereum (and indeed, there seem to be a few projects working on it). It would be extra cool if it could integrate into existing wallet/dapp software so you don't need to juggle extra keys. Anyway, cool stuff. I'm hoping more people adopt end to end encryption

edit* looks like the identities are stored in a decentralized manner, and that all of this should integrate with blockstack's keychain and browser

Yes, the blockstack node package running on your machine generates the key pairs for you and thus the keys are stored on your local machine, not a centralized authority.

The reason you need an .id is because we have to register your identity on the blockchain and propagate your zonefiles.

We can help you register a .stealthy.id that gives you access to the tool if you create an account today :)

Pardon my Blockstack ignorance, but are keys deterministically created via some kind of KDF w/ some factors I provide or are the users expected to handle key management? IMO the latter significantly restricts adoption, especially in a multi-device-same-identity world.

Users have to back up a 12-word mnemonic phrase, a la BIP39. We also email users an encrypted copy of their phrase (where their password is the key)

I think email is a reasonable place to do this since it's one of the few storage places people keep around across devices (sadly, other services with no centralization at all can't easily send SMTP). Could also consider a printable QR code I guess. I assume the Blockstack browser or whatever makes it easy to enter your clear text 12 word phrase or the encrypted one w/ the password when using a new device. I also assume that there is no way to revoke access by device (e.g. per-device keys but still same identity and some revocation list, I dunno). These are definitely tough problems.

Another decentralized app, https://keys.casa/, is solving a similar problem.

Are you running IPFS nodes for unloaders to keep data persisting? From what I understand, as soon as the last available node stops broadcasting, the pinned object is gone.

How do you deal with illegal content? Aka people using this service to host bad content.

The message data is encrypted client side and stored in a cloud service of your choice (dropbox, s3, google, azure: default).

We don't host any data, it's stored in the users data store; the user controls all their data.

Would it be possible to shard the encrypted data across multiple backends (e.g. across multiple providers or across multiple accounts on a single service)? It might be useful/interesting/fun to use erasure coding to increase redundancy and availibiliy.

Yes, people can redundantly shard their data to multiple cloud storage services. We plan on offering such a service if there is demand for it.

When Prabhaav mentions it's encrypted client side, we should elaborate and also mention that it's encrypted such that we can't see it, so we have no way of knowing if you are transacting illegal content.

An interesting architectural point is that because you as the user choose your storage provider, you are essentially hosting bad content along with your storage provider. We and Blockstack simply provide you with a means of transporting your data to others without getting in the middle.

It's a nice looking product. My main concern with apps like these are that they use very green looking projects. https://github.com/blockstack/gaia has 154 total commits and 6 contributors. The rest of blockstack's stuff has more, but still hardly a lot. I guess my point is, I'd be weary of anything that appears this early on in development - whether it's a dAPP or not

Thank you. I appreciate your concern. My understanding is that the Blockstack team has more development planned for GAIA, but to date have been focused more in other areas, as you discovered. We've been working on their platform since December of '2017 and so far their GAIA storage system has been reasonably reliable for us.

*Edit: Though recently I've been considering the system and Stealthy's use of it for scaling purposes and it's likely that we'll be looking into running our own hub(s). A brief discussion on throttling of the free hubs, best practices, and performance here: https://forum.blockstack.org/t/gaia-read-write-and-throttlin...

The diagram at the bottom of this link, 'How Blockstack Works', has proven helpful to me for discussing and understanding Blockstack and dApps built upon it: https://blockstack.org/intro

I looked at blockchain and couldn't find information on how identity management works. I assume identities are stored on centralized blockstack servers. And how do I recover if I lose my passphrase or password?

How does stealthy address this issue?

Answering your question to my satisfaction is difficult from a single source, but here are some key points and source links that may help:

* "Can Blockstack control my data or ID when I use it? No. When you're using a Blockstack client you control your data and ID with a private key. This private key never leaves your device and is meant to stay on your laptop/phone. As long as no one gets access to your private key, no one can control your data or ID. When you use Blockstack, by design, your private keys are never sent to any remote servers." [https://blockstack.org/faq]

* "The main difference between blockchain identities and accounts on any other service is that blockchain-based systems have strong ownership. Blockchain identities can't be confiscated by any service because the system defines ownership according to ownership of public-private keypairs, just like ownership of coins on Bitcoin. This is in direct contrast to Twitter or Facebook usernames, which could be confiscated or censored at any time by the respective companies that they belong to." [https://blockstack.org/posts/blockchain-identity]

* "Identity is user-controlled and utilizes the blockchain for secure management of keys, devices and usernames. When users login with apps, they are anonymous by default and use an app-specific key, but their full identity can be revealed and proven at any time. Keys are for signing and encryption and can be changed as devices need to be added or removed." [https://blockstack.org/intro]

Stealthy uses Blockstack to authenticate users.

"Your identity wallet and master private key are controlled by a locally-running node.js process. The Blockstack Browser code is served locally, so none of the concerns about remote code injection apply. The crypto code for this is downloaded once when you install it."

More information in the thread here: https://forum.blockstack.org/t/blockstack-vs-clientside-js-e...

Identity is the key differentiator between centralized applications and decentralized apps like Stealthy. Because Blockstack authentication allows you to create an identity on the blockchain, that identity is owned by you, immutable, and verifiable by anyone. It is neither controlled by Blockstack nor is it technically limited to Blockstack applications.

The types of apps we're seeing on the decentralized market are pretty damn impressive.

The thing I've been wondering is how this works without a Blockstack ID? What does someone do if they don't have an ID?

A Blockstack ID is required for chat to work in a decentralized manner and for people to look you up.

Good news is we can register you for a .stealthy.id when you create your account and thus you don't have to pay for a Blockstack ID.

Could an internationally-distributed, loosely-affiliated group of people use this to orchestrate tipping an election for some quid pro quo without leaving a paper trail? Asking for a friend.

Haha maybe one day! We have no visibility into the messages that are sent on Stealthy.

If you have an id or have registered for an id, you can fill out this app feedback survey and earn a 100 stacks: https://contribute.blockstack.org/b/mpktxj/view

We need more stuff like that

Thanks Dale! If you have an id you can fill out app survey and get a 100 stacks! Here's the link: https://contribute.blockstack.org/b/mpktxj/view

Thanks mate

Great value mate!

Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact