cross-posted from: https://lemmy.ml/post/93192
It’s not finished or anything, but I want potential vulnerabilities brought to my attention as soon as possible.
cross-posted from: https://lemmy.ml/post/93192
It’s not finished or anything, but I want potential vulnerabilities brought to my attention as soon as possible.
Hi, I was thinking about a similar solution and I thought it could be implemented with a kademila DHT so offline-receiving is implemented since I think this is a dealbreaker for many of the FOS private chats I tried. It still shouldn’t need a central server but I was wondering how can a user restore login credentials after losing them. Maybe with 12-word secret?
As for recovering a long-term key with a 12-word secret: yeah, we plan to have a feature like that in the future. My friend already implemented that in her own version (which was made a while ago and based on a pretty different idea of what the protocol would be, but it’s not hard to add)
As for offline receiving: are you suggesting storing messages in a DHT so that the recipient can receive them while you’re offline? That crossed my mind early in planning, but we decided against it because we don’t want to store things on peers that might go down at any time, and I’m not sure how it could work with forward secrecy anyway since every message requires a handshake (well, maybe if we used the axolotl/double rachet thingy, but that’s so much more complicated, I would not trust myself to implement it).
Yes I was thinking about that dht use and I came across bitTorrent’s implementation of kademlia dht for trackerless torrents. You should look it up! More peers that are logically near the recipient keep the information so it is resistant to actors coming on and going off the dht.