Decentralization is not really a feasible option when you have more than one actors. Either you embed the centralization from beginning with some good and verifiable contracts or a certain majority is going to hijack the platform and act as centralized controllers.
I understand the vision, but I would still have to rotate keys through different groups. It doesn't solve anything, it just gives the illusion of a clean group delete-then-rebuild
This is a nice little write up and I kinda feel like the author (sensibly) chose centralization just on a smaller scale. I also think that the algorithm is pretty similar to the og textsecure2[1] protocol signal used (and still uses?) in terms of key generation. It's different in that messages are in a distributed hash table instead of sent through a server and also that there's less cross-verification by chat members, but I'm not sure the author would lose any of their goals by using the signal approach (with distributed storage).
The issue with that is that when there is no "leader", there is also no way to guarantee kicking someone out. Signal didn't have the kick option for years, and they only added it once they moved the group state management to the server. Now, is "kicking" a good enough justification to go with the leadership route? That is up for debate...
I agree, and since there is no mobile version, this won't replace your whatsapp, and it was never designed for that. The actual people I see using this:
- People who want anonymous messaging (I realize that there are already Tor messengers, so the idea was to make this one much more feature rich)
- Friend groups that want private group chats without any central dependencies or accounts
- security, self-hosting, decentralization and open-source enthusiasts
Decentralization is not really a feasible option when you have more than one actors. Either you embed the centralization from beginning with some good and verifiable contracts or a certain majority is going to hijack the platform and act as centralized controllers.
One option that you sort-of mentioned but missed: go with the static groups, but don’t let the users feel that.
In other words, show the kick/invite options to users when it does happen, but destroy and create a new group behind the scenes.
I understand the vision, but I would still have to rotate keys through different groups. It doesn't solve anything, it just gives the illusion of a clean group delete-then-rebuild
This is a nice little write up and I kinda feel like the author (sensibly) chose centralization just on a smaller scale. I also think that the algorithm is pretty similar to the og textsecure2[1] protocol signal used (and still uses?) in terms of key generation. It's different in that messages are in a distributed hash table instead of sent through a server and also that there's less cross-verification by chat members, but I'm not sure the author would lose any of their goals by using the signal approach (with distributed storage).
[1] https://signal.org/blog/private-groups/
The issue with that is that when there is no "leader", there is also no way to guarantee kicking someone out. Signal didn't have the kick option for years, and they only added it once they moved the group state management to the server. Now, is "kicking" a good enough justification to go with the leadership route? That is up for debate...
The hardest problem is social. Who is going to use this?
I agree, and since there is no mobile version, this won't replace your whatsapp, and it was never designed for that. The actual people I see using this: - People who want anonymous messaging (I realize that there are already Tor messengers, so the idea was to make this one much more feature rich) - Friend groups that want private group chats without any central dependencies or accounts - security, self-hosting, decentralization and open-source enthusiasts