Secret messages (PoC)

I’ve been thinking of some use cases where it could be useful to be able to send secret messages on-chain (and off-chain) in such a way that only the intended recipient could decrypt the message.

Cryptography isn’t exactly my area of expertise but I’m interested in the possibilities cryptography can offer us so I dipped my toes in and made a simple proof-of-concept implementation of sending encrypted on-chain messages using the Sodium cryptography library. This PoC allows you to send an encrypted message to a NoM address that can only be decrypted by the address’ owner.

Since NoM uses the Ed25519 signature scheme we can convert a keypair into X25519 and then encrypt a message for a public key so that the message can only be decrypted with the corresponding private key.
This allows us to send an encrypted message to a recipient who can decrypt the message using their keypair.

The modified CLI wallet can be found here: GitHub - vilkris4/znn_cli_dart at secret_messages

The wallet requires the libsodium library to work.

On Windows it’s easiest to download the pre-built DLL and copy it to the CLI’s folder: Installation - Libsodium documentation (I used libsodium-1.0.18-stable-msvc.zip)
On Mac you can use Homebrew to install libsodium: libsodium — Homebrew Formulae

Example

I added two commands to the wallet: sendEncryptedMessage and decryptMessage

An example of sending an encrypted message to address z1qrgnzs4jh2yfldarepysqgsukgdmwmqw5v0t7c:

.\znn-cli.exe sendEncryptedMessage z1qrgnzs4jh2yfldarepysqgsukgdmwmqw5v0t7c “This is top secret information.”

An example of the recipient decrypting the message:

.\znn-cli.exe decryptMessage CTZYfOLO1j4ZeMhL4MEgnJ1FRbpcBfpPDwRWE/rvyA9gL0AAmAI91jcWY/IhkH/ExeTUW76Zs8fLr8/6bk3NNHN98b/Pl+YzSoaNc9BgDw==

Output:

This is top secret information.

In this example the recipient has to get the encrypted message from the explorer by viewing the transaction that has the message and then copying the contents of the data property into the terminal:

It’s worth noting that these encrypted messages can be sent off-chain as well but for this PoC I wanted to make it on-chain.

If someone wants to try it out, DM me your address and I can send you an encrypted message.

5 Likes

I’m going to try this out. How does the recipient know they received a message? Does it show as received 0 ZNN?

Great, let me know if you need help. There’s no “standard” for sending these messages so specifically informing the user of a new encrypted message isn’t really possible now. The messages are sent with 0 value and with the empty token standard zts1qqqqqqqqqqqqqqqqtq587y.

1 Like

I wasn’t aware that you could send an AccountBlock with emptyTokenStandard.
Thank you for sharing!

Vilkris, do you have a plan for these new functions?
I suspect there is low usage of znn-cli within the community; did you want to make this more accessible to users?

It seems any address can generate/send these messages… I fear this functionality will be abused.

Not really any immediate plans. Like I mentioned on Discord these could be used to allow delegators access to services for example but that needs work to turn it into a reality. I’m thinking that some type of messaging system in Syrius would be very nice but I’m not sure if this approach would be the best for that.

You mean like spam messages? Yeah that could cause some headache.

1 Like

I think we should really look into a Dart based implementation of the Signal protocol. Afaik Mr. Kaine proposed an off-chain messaging layer based on it. Mixin desktop app uses it and I also found this social media app using it. I’ll need to check what Mr. Kaine was proposing a while back. I see that there is a Rust based implementation that’s actively maintained by Signal.

Also I don’t think on-chain messages are a good idea right now.

Further reading:

2 Likes

Thanks for the links. I’ll do some reading on the protocol.

3 Likes

I found a very nice explanation of the Signal Protocol worth reading @vilkris

I think leveraging a robust messaging protocol that has stood the test of time and uses state-of-the-art cryptography can extend the capabilities of NoM greatly in the future.

2 Likes