A small prototype P2P chat application built using Electron and Dat.
- Encrypt WebRTC signaling communication
- Figure out whether UDP hole punching is needed for discovery-swarm's DHT connections
- Fix profile name resolution in chat
- Add dat.json file to archive
- Move hyperdrive into Electron's main process
- Possibly replace
DatSocialArchive
class with WebDB - Support multiple chat DM threads
- Detect online/offline status of friends
- Don't reuse Dat key pair for authentication (see notes)
npm install # or yarn
npm start
Dat is peer to peer (p2p) protocol for building distributed apps. Hyperdrive, built ontop of Dat, provides a distributed file system which peers use to upload their profile to peers.
A hyperdrive archive provides its own public key which peers can use to find each other. It's a 64-character hex encoded string (e.g. '1899b1f0a006cd0419545cb13c7f2ddc46c650e9512213a0899e5947a6a4d819'
). This means peers are hidden by default unless they distribute their public key.
This file exists in a peer's hyperdrive archive as a way to provide public information about a peer. In this case, a peer's name.
{
"name": "Sam"
}
This file is downloaded by peers to display a more friendly name.
Each peer maintains a list of their friend keys. Currently this is only used locally.
To chat with peers, a WebRTC data channel connection is created to provide low latency, encrypted communication.
Each local peer creates a network swarm, using discovery-swarm, which acts as a lobby for other peers to initiate a connection. A simple challenge-response authentication process is used to verify each peer's identity. Following authentication, peers perform WebRTC signalling to create a WebRTC connection.
When a peer wants to connect to another peer, they need to verify each others' identity so they can be sure they're talking to the right person. This is accomplished using elliptic-curve cryptography via libsodium.
Each peer's hyperdrive key pair is converted from Ed25519 to Curve25519 to perform authenticated encryption.
See network.js for implementation.
When Bob wants to connect to Alice, Bob will know Alice's public key ahead of time.
- Bob sends his public key to Alice encrypted with her public key.
- Alice uses her private key to decrypt Bob's public key. Alice creates a shared key using Bob's public key and her private key to send an encrypted nonce to Bob.
- Bob creates his own shared key using Alice's public key and his private key. Bob uses the shared key to decrypt the nonce and send it back encrypted.
- Alice decrypts the nonce with the shared key and verifies it's the same nonce originally sent. Alice sends an authentication success message to Bob.
Following authentication, Bob performs WebRTC signalling over the same connection using the steps defined in the Simple Peer library.