tkanos / twx

Twx is a decentralised microblogging client based on the specs of [twtxt](https://dev.twtxt.net/), used to handle your twtxt file.
Other
2 stars 0 forks source link

Tweet Encryption #30

Open tkanos opened 2 years ago

tkanos commented 2 years ago

We need to be able to send :

date + encryption

And everybody needs to be able to try to decrypt it on timeline.

Using salty encryption https://salty.im/

bkil commented 2 years ago

Are you talking about this?

We have talked about it over IRC/Matrix and some would prefer more if it was done via comments. But also, encrypted content should not be mixed with unencrypted content for various reasons.

prologic commented 2 years ago

I have reservations on a per-Twt encryption scheme too. Encrypted whole feeds however using Salty IM are totally doable 👌

bkil commented 2 years ago

I would love to see a possibility for per-status cryptographic signatures, though. That would also be best done through comments.

prologic commented 2 years ago

The original RFC for Encrypted Feeds which I'm sure you've read? It probably needs re-visiting...

prologic commented 2 years ago

I would love to see a possibility for per-status cryptographic signatures, though. That would also be best done through comments.

I believe we discussed this, and yes, a comment above the Twt in a feed would mark its signature.

Salty IM actually uses the same messaging format (Twtxt + Comments), but uses the comments for a different purpose (although the entire message + comment is encrypted as the payload).

tkanos commented 2 years ago

Hello,

I am far from being on that one, (first I need to beautify the timeline and also use a cache) BUT, I have 2 ideas

  1. One is encrypting a line in the middle of twtxt like :
    2022-09-09TXXXXXXZ  Hello guys
    aukdgailcgelafhergwvdjeafaelufgaelkfulkaegflukaeglaegfaedgilayegd (can begin by a comment # or not, I don't know yet)
    2022-09-09TXXXXXXZ  Good night guys

Everybody will try to decrypt but only one (alice), will be able to decrypt. (Of course everybody should have their public key on their twtxt meta)

2.The second idea I have is to create encrypted feeds like a room, it will be a different twtxt file, that everybody participating to that room will be able to decrypt (and have their own) The first implementation will be without admin (it will be on invitation) The second I will "try" to see if I can put an admin on it.

No, I haven't read that spec : https://git.mills.io/yarnsocial/yarn/issues/770 (but I will)

tkanos commented 2 years ago

Btw guys, when I will be in that step, if you have others idea, we can create some branches with a poc of all ideas we can have, and test it.