Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Encrypt messages with team key #2631

Open
adrastaea opened this issue Oct 8, 2024 · 1 comment
Open

Encrypt messages with team key #2631

adrastaea opened this issue Oct 8, 2024 · 1 comment
Labels
5.X v5.X e2ee end-to-end encryption lfa Features related to local-first-web/auth implementation

Comments

@adrastaea
Copy link
Collaborator

adrastaea commented Oct 8, 2024
edited by holmesworcester
Loading

Description

As a first step before having tiered message encryption, we should encrypt every message with the team key. In storage.service:sendMessage, encrypt the message before adding it to the channel db.

Acceptance Criteria

  1. Encryption mechanism / libraries pass review by e.g. Alishah or some other expert
  2. Message model includes key name and generation
  3. Messages get encrypted before being added to channel db
  4. (maybe) Differentiate public and private channels, keep the publicChannelsRepo infrastructure as a way to send unencrypted messages, and add a privateChannelsRepo which gets encryption Just use the team key
  5. (maybe, up to implementer) Pull channels functions out of StorageService, create a Channels module, and move all the message sending, receiving, encrypting, and decrypting logic there

The key question on 4 is: can we do this in a very quick and minimal way that is also clean and likely to not introduce bugs? If so, we should do that. If not, we should do as much as necessary to make sure it's going to be clean and bug free.
@adrastaea adrastaea added e2ee end-to-end encryption lfa Features related to local-first-web/auth implementation labels Oct 8, 2024
@adrastaea adrastaea moved this to Backlog - Desktop & Backend in Quiet Oct 8, 2024
@adrastaea adrastaea added this to Quiet Oct 8, 2024
@holmesworcester holmesworcester moved this from Backlog - Desktop & Backend to "Next next" sprint in Quiet Dec 3, 2024
@holmesworcester
Copy link
Contributor

Note: have a look at how background notifications are working on Android before tackling this.

@islathehut islathehut added the 5.X v5.X label Dec 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
5.X v5.X e2ee end-to-end encryption lfa Features related to local-first-web/auth implementation
Projects
Quiet
Status: Encryption sprint
Milestone
No milestone
Development

No branches or pull requests
3 participants
@holmesworcester @islathehut @adrastaea