What is this repository?
E2EE client-server messaging app proof of concept.
- Accounts are identified by an Ed25519 public key.
- Login using the private key to solve a cryptographic challenge in the browser.
- Ascon inspired AEAD using Keccak sponge construction in the browser.
- Diffie Hellman key exchange using X25519 to establish a new shared secret every 5 messages sent.
- Shared secret derived in 2 secrets using Keccak sponge construction. These secrets are then used in a sending ratchet and a receiving ratchet used to derive encryption keys similar to Signal protocol
how to build and run the app:
using the makefile:
(add a volume in the command creating the database container if you need data persistency)
make
manually:
build
podman build -t e2ee-messaging-service .
run
podman pod create --name=e2ee -p 3333:3333
podman run -d --pod=e2ee \
-e POSTGRES_PASSWORD="password" \
-e POSTGRES_DB="e2ee" \
-e POSTGRES_USER="e2ee" \
-e POSTGRES_INITDB_ARGS="--encoding=UTF-8 --lc-collate=C --lc-ctype=C" \
-v /PATH/TO/DB:/var/lib/postgresql/data:Z \
--name=e2ee-db docker.io/library/postgres:16
podman run -d --pod=e2ee \
-e POSTGRES_PASSWORD="password" \
-e POSTGRES_DB="e2ee" \
-e POSTGRES_USER="e2ee" \
-e SHARED_SECRET="change-me" \
--name=e2ee-app e2ee-messaging-service:latest
notes:
- You can use docker instead of podman provided the e2ee nodejs app can communicate with the database with a network or changing the POSTGRES_HOST env variable accordingly.
- You can use podman secrets instead of writing your secrets in configuration files.
unit tests
npm test
note:
- The makefile automatically runs the unit tests before building the container.