Introducing a Decentralized End-to-End Encrypted Messaging App

zensh · September 16, 2024, 7:30am

ICPanda Message is a decentralized end-to-end encrypted messaging application fully running on the Internet Computer blockchain.

Key features

End-to-end encryption: All user messages are encrypted using the RFC 9052 (COSE) standard on the client side and stored on the ICP blockchain. These messages can only be decrypted on the client side.
Multi-user chats: Message channels support one-to-many chats, where a manager can add or remove members and exchange encryption keys. If the last manager leaves the channel, all messages in the channel are deleted.
On-chain: It operates entirely as a smart contract on the ICP blockchain, controlled by ICPanda DAO, with fully open-source code. It is a trustworthy, secure, verifiable, and unstoppable Web3 application.

How does E2EE messages work?

We use envelope encryption, where messages in a channel are encrypted with the same Data Encryption Key (DEK). When a new member joins the channel, they need to obtain the Key Encryption Key (KEK) from managers to decrypt the DEK.

Costs

Creating a new channel costs 1000 PANDA.
Registering a username costs 5000 ~ 1,000,000 PANDA, it is optional but recommended.

We will adjust the costs based on the actual usage and feedback from the community.

Getting started

Visit https://panda.fans/_/messages and click the “Get started” button to enter the app.
Set up your username and password.
Transfer some PANDA to your account.
Create a new channel or invited to join a channel by others.
If you encounter any issues, please contact us at https://panda.fans/PANDA

Get PANDA tokens from ICPSwap and start using the app now!

zensh · September 16, 2024, 8:58am

We’re excited for @dominicwilliams to try out this E2EE App, which should be the world’s first end-to-end encrypted messaging app running on-chain.

romulusp · September 16, 2024, 9:30am

I can’t explore Chanel, I can see mine but I can’t see other Chanel

zensh · September 16, 2024, 10:38am

That’s right, there are no public message channels because it’s not a social or community-based communication app.
Our mission is to protect users’ confidential information.

zensh · September 16, 2024, 3:52pm

In addition to encrypted chats, you can also store confidential information.
It’s encrypted on-chain and synced across devices, with only you able to read and decrypt it.

I rarely need encrypted chats in my daily life, but I often use messaging apps (WeChat) to sync information, including confidential information, across devices. Now I can finally sync confidential information securely with encryption through the “WhoAmI” channel shown in the screenshot.

KOS · September 16, 2024, 4:12pm

will it become a standalone product? likes openchat or sth， I’m very optimistic about it

timo · September 16, 2024, 6:09pm

How does the key management work?

In a 1-on-1 chat is the message stored twice on chain, once encrypted for A and once encrypted for B?

zensh · September 17, 2024, 12:33pm

I have updated a diagram.
We use envelope encryption, where messages in a channel are encrypted with the same Data Encryption Key (DEK). When a new member joins the channel, they need to obtain the Key Encryption Key (KEK) from managers to decrypt the DEK.

zensh · September 17, 2024, 12:36pm

We have a product upgrade plan that will be implemented in the future (the domain name has already been registered).

jennifertran · September 23, 2024, 7:50pm

Would you ever want to replace it with vetKeys (when it is ready on mainnet)?

zensh · September 23, 2024, 10:14pm

We are waiting for the vetKey.
The master key in the front-end application is upgradeable. For example, after users register a username, the master key automatically upgrades from Type I to Type II.
Additionally, the COSE service already includes some vetKey logic.

github.com

ldclabs/ic-cose/blob/main/src/ic_cose_canister/src/api_cose.rs#L145


      
                      Err("no permission".to_string())?;
                  }
                  Ok(())
              })?;
          
              let pk = store::ns::inner_vetkd_public_key(&spk).await?;
              Ok(ByteBuf::from(pk))
          }
          
          #[ic_cdk::update(guard = "is_authenticated")]
          async fn vetkd_encrypted_key(
              path: SettingPath,
              public_key: ByteArray<48>,
          ) -> Result<ByteBuf, String> {
              store::state::allowed_api("vetkd_encrypted_key")?;
              path.validate()?;
          
              let caller = ic_cdk::caller();
              let key_id = path.key.clone();
              let spk = store::SettingPathKey::from_path(path, caller);
              store::ns::with(&spk.0, |ns| {

Topic		Replies	Views
NNS Proposal to create an SNS named 'ICPanda DAO' SNS Project Governance sns	36	2314	March 25, 2024
Diode Message Storage coming to Difinity Getting Started	9	273	January 29, 2025
Introducing Proof of Link (PoL) Mining and $DMSG Showcase	2	109	December 3, 2024
Is there an elegant mathematical formula that meets our new SFT minting model's algorithm? Programs & Applications	2	292	March 10, 2024
VETKeys - Privacy on the IC Education Discussing	2	1058	October 10, 2023

Introducing a Decentralized End-to-End Encrypted Messaging App

Key features

How does E2EE messages work?

Costs

Getting started

Related topics