GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → darkwire → Darkwire.io

darkwire / Darkwire.io

Licence: mit
End-to-end encrypted instant web chat

Programming Languages

javascript
184084 projects - #8 most used programming language

Labels

cryptographychatprivacyencryptionsocket-iochat-applicationend-to-end-encryptionchatroom

Projects that are alternatives of or similar to Darkwire.io

0fc
Anonymous web chat server, built on top of Themis/WebThemis
Stars: ✭ 98 (-83.5%)
Mutual labels:  chat, cryptography, privacy, encryption
Demo Twilio Backend Nodejs
A sample backend that demonstrates how to generate a Virgil JWT and Twilio token used for authentication with the Virgil and Twilio services
Stars: ✭ 128 (-78.45%)
Mutual labels:  chat, cryptography, encryption, end-to-end-encryption
Basic Vue Chat
Easy to use Vue chat.
Stars: ✭ 64 (-89.23%)
Mutual labels:  chatroom, chat, chat-application
Syntaxmeets
Syntaxmeets. Create rooms 🏠 Call your friends 👬🏼 Sip Chai, ☕ Chat, Create, and Code👨‍💻. A coding platform to code simultaneously 🚀 with your friends and design your algorithms on SyntaxPad.💫✨
Stars: ✭ 110 (-81.48%)
Mutual labels:  chatroom, chat, socket-io
Capillary
Capillary is a library to simplify the sending of end-to-end encrypted push messages from Java-based application servers to Android clients.
Stars: ✭ 445 (-25.08%)
Mutual labels:  cryptography, privacy, end-to-end-encryption
Vuvuzela
Private messaging system that hides metadata
Stars: ✭ 2,423 (+307.91%)
Mutual labels:  chat, cryptography, privacy
Chattt
❯❯❯ Chat without leaving your terminal
Stars: ✭ 239 (-59.76%)
Mutual labels:  chat, chat-application, socket-io
Vue Advanced Chat
A beautiful chat rooms component made with Vue.js - compatible with Vue, React & Angular
Stars: ✭ 351 (-40.91%)
Mutual labels:  chatroom, chat, chat-application
Megachat
MEGA C++ SDK for chat-enabled apps
Stars: ✭ 61 (-89.73%)
Mutual labels:  chat, privacy, end-to-end-encryption
bubbly
Full stack chat application created w/ Next.js, Socket.IO, Express, React and TypeScript
Stars: ✭ 24 (-95.96%)
Mutual labels:  chatroom, socket-io, chat-application
darkwire-client
Encrypted web socket chat - Darkwire.io client
Stars: ✭ 23 (-96.13%)
Mutual labels:  socket-io, chat-application, end-to-end-encryption
SocketIO Chat APP
This is the simple Chat Application in which user can join the room and continue chatting with others.
Stars: ✭ 50 (-91.58%)
Mutual labels:  chat, socket-io, chat-application
Emberclear
Encrypted Chat. No History. No Logs.
Stars: ✭ 157 (-73.57%)
Mutual labels:  chat, privacy, encryption
Swiftychat
SwiftUI Chat UI (Client) Framework & Documentation to get started!
Stars: ✭ 50 (-91.58%)
Mutual labels:  chatroom, chat, chat-application
Enigma
A full-fledged one-to-one chat app developed entirely in Flutter
Stars: ✭ 316 (-46.8%)
Mutual labels:  chat, chat-application, privacy
node-vue-chat
🚀 🌠 Real Time Chat Application created with MEVN Stack
Stars: ✭ 89 (-85.02%)
Mutual labels:  chatroom, socket-io, chat-application
Magicpad
MagicPad is an encryption suite for beginners. It is designed to be run standalone via the browser or executable (Electron).
Stars: ✭ 174 (-70.71%)
Mutual labels:  cryptography, privacy, encryption
Cryptag
Encrypted, taggable, searchable cloud storage
Stars: ✭ 178 (-70.03%)
Mutual labels:  cryptography, privacy, encryption
darkwire-server
Encrypted web socket chat - Darkwire.io Chat Server
Stars: ✭ 18 (-96.97%)
Mutual labels:  socket-io, chat-application, end-to-end-encryption
virgil-sdk-cpp
Virgil Core SDK allows developers to get up and running with Virgil Cards Service API quickly and add end-to-end security to their new or existing digital solutions to become HIPAA and GDPR compliant and more.
Stars: ✭ 18 (-96.97%)
Mutual labels:  cryptography, encryption, end-to-end-encryption
View All Similar Projects ➔

Darkwire.io

CircleCI

Simple encrypted web chat. Powered by socket.io, the web cryptography API. This project is an example of how client side encryption works and how you can integrate it as a chat service.

Deploy

Darkwire Server

Darkwire server is a Node.js application that requires redis.

Darkwire Web Client

The Darkwire.io web client is written in JavaScript with React JS and Redux.

Development

Prerequisites

Copy .env.dist files in server/ and client/ directories without the .dist extensions and adapt them to your needs.

You need Redis in order to make the server works. A simple way to achieve this, if you have docker, is to execute the following command:

docker run --name darkwire-redis --rm -p 6379:6379 -d redis redis-server --appendonly yes

Alternatively, you can select the memory STORE_BACKEND instead of redis in your server .env file to avoid Redis use.

Setup

Install dependencies

$ yarn

Start server and client

$ yarn setup
$ yarn dev

Using docker-compose

Just run the following:

$ docker-compose up

This will automatically create the default .env files, and run redis for you.

Production

Create server and client production builds

$ yarn build

Start server

$ yarn start

Using Docker

Build it.

$ docker build --tag darkwire.io:latest .

Then run it. Example:

$ docker run --name darkwire.io --env STORE_HOST=redis://redis.host:6379 darkwire.io

You are able to use any of the enviroment variables available in server/.env.dist and client/.env.dist. The defaults are available in Dockerfile

Security

Please report any security issues to [email protected].

How it works

Darkwire uses a combination of asymmetric encryption (RSA-OAEP), symmetric session keys (AES-CBC) and signing keys (HMAC) for security.

Here's an overview of a chat between Alice and Bob (also applies to group chats):

  1. Bob creates a room and immediately creates a public/private key pair (RSA-OAEP).
  2. Alice joins the room and also creates a public/private key pair. She is sent Bob's public key and she sends Bob her public key.
  3. When Bob goes to send a message, three things are created: a session key (AES-CBC), a signing key (HMAC SHA-256) and an initialization vector (used in the encryption process).
  4. Bob's message is encrypted with the session key and initialization vector, and a signature is created using the signing key.
  5. The session key and signing key are encrypted with each recipient's public key (in this case only Alice, but in a group chat multiple).
  6. The encrypted message, initialization vector, signature, encrypted session key and encrypted signing key are sent to all recipients (in this case just Alice) as a package.
  7. Alice receives the package and decrypts the session key and signing key using her private key. She decrypts the message with the decrypted session key and vector, and verifies the signature with the decrypted signing key.

Group chats work the same way because in step 5 we encrypt keys with everyone's public key. When a message is sent out, it includes encrypted keys for everyone in the room, and the recipients then pick out the ones for them based on their user ID.

Man-in-the-middle attacks

Darkwire does not provide any guarantee that the person you're communicating with is who you think they are. Authentication functionality may be incorporated in future versions.

File Transfer

Darkwire encodes documents into base64 using btoa and is encrypted the same way chat messages are.

  1. When a file is "uploaded", the document is encoded on the client and the server recieves the encrypted base64 string.
  2. The server sends the encrypted base64 string to clients in the same chat room.
  3. Clients recieving the encrypted base64 string then decrypts and decodes the base64 string using atob.

The default transferable file size limit is 4MB, but can be changed in .env file with the REACT_APP_MAX_FILE_SIZE variable.

Sockets & Server

Darkwire uses socket.io to transmit encrypted information using secure WebSockets (WSS).

Rooms are stored in memory on the server until all participants have left, at which point the room is destroyed. Only public keys are stored in server memory for the duration of the room's life.

Chat history is stored in each participant's browser, so it is effectively erased (for that user) when their window is closed.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].