group chat draft

[Miguel Freitas]

Hi! 

I will need some help with this... the twister-core seems to be working, but twister-html is not yet aware of the new feature.

here is the drafts document i'm about to commit to repository:

twister group chat draft

========================

group chat is a private and encrypted timeline shared among some users

which define a specific topic (or description).

it is tempting to use a new torrent where members would subscribe in

order to post their chat messages. however this idea does work as it is

impossible (very difficult?) to implement a distributed torrent with

multiple writers. (a clash occurs when two writers try to send the 

same piece number)

therefore, twister's group chat is a special case of direct messages

using a private key pair (outside of the blockchain). non-members do not

know about group chat creation as public key is never published.

members are invited to group using a special (bencoded) group_invite DM:

group_invite {

  desc: "free text description",

  key: "secret of the private key",

}

after sending the group_invite DM to a given user, another DM is sent

to the group itself to notify all existing members about the new

member list. this is another special DM:

group_members {

  [xxx,yyy,...]

}

it is true that, since every member knows both private/public keys of

the group, symmetric-key could have been used for group chat's messages.

however we reuse the same twister infrastructure of original DMs.

any group chats, invites and messages are indistinguible from normal 

DMs to non-members.

because all members have access to private key, there is no concept of

administrator. any member may invite new members and change group's 

description. it is not possible to exclude a member, so frontends may

offer an option to clone/create a new group excluding whoever they

want.

---

new RPCs for group chat:

- creategroup <description>

  returns groupalias (which is added to wallet).

  

  group aliases are prepended with "*" so they are not valid usernames

  and may not be propagated accidentaly to the network.

  

  group aliases are only valid locally, each twisterd instance will

  create its own alias upon receiving an invitation.

- listgroups

  [ groupalias1, groupalias2, ... ]

  

- getgroupinfo

  {alias:xxx,description:xxx,members:[xxx,yyy,...]}

- newgroupinvite <username> <k> <groupalias> [<newmember1>,<newmember2>,...]

  DM(group_invite) => newmember

  DM(group_members) => groupalias

  

- newgroupdescription <username> <k> <groupalias> <description>

  DM(group_invite) => groupalias

  

- leavegroup <username> <groupalias>

  not yet implemented

  

note: use getdirectmsgs/newdirectmsgto to obtain/post new messages 

      to group chats.

[Miguel Freitas]

On Thu, Apr 23, 2015 at 8:26 PM, 'Erkan Yüksel' via twister-dev <twist...@googlegroups.com> wrote:

> it is tempting to use a new torrent where members would subscribe in
> order to post their chat messages. however this idea does work as it is
> impossible (very difficult?) to implement a distributed torrent with
> multiple writers. (a clash occurs when two writers try to send the
> same piece number)

it can be possible to reserve different regions to all users, like user1 uses parts from 0 to 100, user2 uses from 101 to 200... (unused piece numbers can be used retroactively, that was tested...)

well, yes... but what if user1 runs out of 100 allowed slots? he changes to 201-300?

and what happens when we add the third user?

i'd definitely prefer to move away from such mess...

regards,

Miguel

 

[Arco Mul]

Hi,

I don't claim to fully understand direct messages, but is it right that these group direct messages are posts which can only be decrypted by the users with the right private key (in this case the private key of the group)? So an outsider can only see that a user send a direct message, but the outsider doesn't now to who and neither if it is in a group or not?

Also, wouldn't having a new torrent cause issues with syncing the messages? Since only the people in the group would be 'seeding' that torrent?

Next to that, looks good to me :-) Pretty cool feature

Arco

--
You received this message because you are subscribed to the Google Groups "twister-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to twister-dev...@googlegroups.com.
To post to this group, send email to twist...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Miguel Freitas]

On Fri, Apr 24, 2015 at 5:16 AM, Arco Mul <m...@arcomul.nl> wrote:

I don't claim to fully understand direct messages, but is it right that these group direct messages are posts which can only be decrypted by the users with the right private key (in this case the private key of the group)? So an outsider can only see that a user send a direct message, but the outsider doesn't now to who and neither if it is in a group or not?

Exactly!

 

Also, wouldn't having a new torrent cause issues with syncing the messages? Since only the people in the group would be 'seeding' that torrent?

Good point. Yes, that would be another issue we would have to deal with (if we tried a separate torrent approach). And also the setting up the trackers which would leak the information that a group had been created etc.

 

Next to that, looks good to me :-) Pretty cool feature

thanks! :-)

regards,

Miguel

[Keith Erskine]

Miguel -

If group aliases are only valid to a local twisterd, what happens if I'm running Twister on two devices running two separate twisterd's (My Mac and Android phone, for example) but each using my private key. Would I have to invite myself again?

- Keith

[Miguel Freitas]

On Fri, Apr 24, 2015 at 12:56 PM, Keith Erskine <keith....@gmail.com> wrote:

Miguel -

If group aliases are only valid to a local twisterd, what happens if I'm running Twister on two devices running two separate twisterd's (My Mac and Android phone, for example) but each using my private key. Would I have to invite myself again?

Keith, you should always invite yourself to start (at least from the API perspective, by calling newgroupinvite after creategroup - UI will probably make creation + self invite a single operation). So invitation will be stored on your own torrent, encrypted with your own key.

Each device will decrypt this invitation and will create a local group alias for it. Alias is just a string starting with * and followed by 8 random letters, like "*ifmqyhsn".

So your Mac and Android will have different local group aliases referring to the same group.

Alias is only used for twisterd-frontend communication. User should be presented with "group description" which is the same string.

regards,

Miguel

[Julian Steinwachs]

Hey, i don't know how much this feature is going to be used in the end. But since twitter has it, it is going to be asked for anyway... I see a problem with the draft, though. These group chats will probably have a long live time in some cases. When now one of the participants looses or his or her wallet or simply imports the privatekey at a different client, every direct message of every following along way back must be decrypted to look for invitation messages. Otherwise the client won't be able to receive new group messages from these groups.

A possible solution would be that the clients save the group keys in the profile (encrypted of course). For that we would need to specify the exact form in which they are saved. Maybe a new field called "private" which is encypted and in that a field called "group_invites" which holds an array of the group invitations that are still active in decrypted form.

Greetings!

[Miguel Freitas]

Julian,

On Sat, Apr 25, 2015 at 3:53 AM, Julian Steinwachs <julian.s...@fau.de> wrote:

Hey, i don't know how much this feature is going to be used in the end. But since twitter has it, it is going to be asked for anyway...

Really? I never heard about Twitter group chat! I thought more of whatsapp.

 

I see a problem with the draft, though. These group chats will probably have a long live time in some cases. When now one of the participants looses or his or her wallet or simply imports the privatekey at a different client, every direct message of every following along way back must be decrypted to look for invitation messages. Otherwise the client won't be able to receive new group messages from these groups.

Yes, but the invitation is still there (in user's torrent of whoever invited to the chat). So nothing is lost, we just need to reevaluate the DMs. In fact, we have an API for this job already: rescandirectmsgs

 

A possible solution would be that the clients save the group keys in the profile (encrypted of course). For that we would need to specify the exact form in which they are saved. Maybe a new field called "private" which is encypted and in that a field called "group_invites" which holds an array of the group invitations that are still active in decrypted form.

It wouldn't scale. You might have unlimited group chats and your profile has limited space...

regards,

Miguel

[Arco Mul]

Twitter implemented group chats a few weeks ago. I was actually thinking you got the idea because of that ;-)

And regarding checking all the posts of all the people you follow. How expensive is that process? At the moment there is no reason to scan all posts of all the people you follow right? Because posts are only needed when checking out a profile, and message only when checking out a chat.

In this case, to discover which group chats are available, ALL the posts have to be scanned, otherwise not all the group chats can be displayed? When will this scanning / decrypting happen? Or does it already happen when a post is downloaded?

And no idea if this will ever be considered, but a possible feature is that not all posts of a user are downloaded (to reduce data size). Such a feature won't be possible in combination with this group chat, because to find all the group chats, every message _has_ to be downloaded?

I am playing devils advocate, but might be something to take in consideration ;-)

Arco

[Miguel Freitas]

On Sat, Apr 25, 2015 at 9:01 AM, Arco Mul <m...@arcomul.nl> wrote:

Twitter implemented group chats a few weeks ago. I was actually thinking you got the idea because of that ;-)

Not at all! funny coincidence... :-)

 

In this case, to discover which group chats are available, ALL the posts have to be scanned, otherwise not all the group chats can be displayed? When will this scanning / decrypting happen? Or does it already happen when a post is downloaded?

It does already happen when a post is downloaded. That's the standard DM mechanism.

 

And no idea if this will ever be considered, but a possible feature is that not all posts of a user are downloaded (to reduce data size). Such a feature won't be possible in combination with this group chat, because to find all the group chats, every message _has_ to be downloaded?

I mentioned that in the paper, but currently all posts from users you follow are downloaded. You join their torrent swarm to help replicating their posts to other followers.

regards,

Miguel

[Arco Mul]

I reread the draft and I think I get it now. Is this the correct flow:

- A user invites me for a group chat by sending a DM

- I sent a DM to the group to announce I join the group

- From on this moment I join

So to get someone to join a group there are two 'invisible' DMs send?

I was under the impression that to find which groups you are part of, you would have to scan every DM message you ever have received. (So all posts of all the users you follow)

But if the above flow is correct, then you only have to 'scan' your own posts to find which groups you belong to :-)

Arco

[Miguel Freitas]

Arco,

On Sat, Apr 25, 2015 at 10:34 AM, Arco Mul <m...@arcomul.nl> wrote:

I reread the draft and I think I get it now. Is this the correct flow:

- A user invites me for a group chat by sending a DM

- I sent a DM to the group to announce I join the group

No, the same user that invited you sends another DM to the group to announce that you've joined.

 

- From on this moment I join

As soon as you get the private key by DM you will be able to read and post.

 

So to get someone to join a group there are two 'invisible' DMs send?

Yes, but both are sent by the inviter.

 

I was under the impression that to find which groups you are part of, you would have to scan every DM message you ever have received. (So all posts of all the users you follow)

That's true. But that's normal, you shouldn't be surprised. You have to scan every DM message you ever received anyway to know if you are the recipient or not.

You never know if you are the recipient until you try decrypting it.

 

regards,

Miguel