4thTech’s HolaChain, Web3 Secured W2W Communication Infrastructure (Tron hackathon winner 2022)

4thTech
/4thtech
Published in
7 min readJul 16, 2022

--

Send, receive Tron dMails or exchange on-chain messages with no ads, no data mining & no tracking. 4thTech’s HolaChain secures your E2EE communication and enables white-label SDKs for Web3 projects.

Tron Grand Hackathon 2022 Web3 track Winner ➡️ 4thTech’s HolaChain, Web3 Secured W2W dMail & dChat Communication Infrastructure

Inspiration

Whenever we speak about online security we consider it a topic important to us. We give away our privacy on a daily basis and as the saying goes “if you are not paying for the product, then you are the product”. Securing your digital communications should be your highest priority when going online. There are too many threats to trust any company with your private data. Blockchain has always offered the promise of enabling secure, immutable W2W communication while retaining data and identity ownership, it is by design the perfect security tool. However, it could never really take off due to early-generation blockchains’ scalability and cost constraints. We believe that Tron more than meets all the main parameters (i.e. network decentralization, stable performance, low transaction cost, fast transaction finality) to support private on-chain communication. At the same time, its thriving ecosystem would benefit from the social dMail & dChat communication layers.

Background key points:

  • The right to online security should be above all and provided for all online communications
  • Secure online communication has remained an elusive goal
  • Blockchain protocols offered great promise but scalability, throughput and cost were always an issue
  • Web3 projects & DAOs all use Web2 communication tools, which goes against the decentralization ethos
  • Immutable on-chain W2W email & messaging are prime to become the future of secure communication

Solution key points:

  • Establishing a Web3 communication Tron Mainnet or DAppChain framework that is web, desktop & mobile interoperable
  • Bringing social communication to the Web3 Ecosystem
  • E2EE secure, immutable, censorship-resistant, scalable & accessible »on-chain« email & messaging
  • Web3 wallet login, no signup or personal information
  • Resistant to data mining, data tracking, email spoofing & identity theft
  • Private, group & community messaging
  • Curated chat groups
  • File & media sharing via decentralized storage
  • Stand-alone app or White labelled (SDK)
  • Interoperable with all major Tron wallets

What it does

HolaChain is a next-gen Web3 framework that enables users to send, receive dMails or exchange on-chain messages with no ads, no data mining & no tracking, while SDKs & white labelling enable direct dMail & dChat integration into Web3 partner UIs or wallets.

How we built it

HolaChain is an application-specific brand spin-off built on the 4thTech framework, that has been in the making since 2018. There are two TRON deployment possibilities. The deployment on TRON MainChain or the deployment on DAppChain, the sidechain of TRON.

Security by design was our guiding approach, which simply means that we put into consideration how we could preserve privacy, guarantee protection, and obfuscate metadata to the largest possible degree at the forefront of all our Architectural decisions. At the same time, no personal data whatsoever is collected by the protocol.

The framework consists of six main parts. Due to the sheer size of the project, the TRON dMail was developed for the hackathon. The dMail is fully developed, deployed on TRON Nile & Shasta TestNets and ready for TRON MainChain. Other solutions are in development and a part of the project roadmap.

(1) dMail Protocol (EVM SC): Solidity-based E2EE email protocol resilient to data mining & spoofing, that enables users to share content, files and media from wallet to wallet.

  1. dMails are encrypted with AES encryption
  2. All encrypted attachments are stored on cloud storage or permanent decentralized storage
  3. A JSON metadata file is created that includes sender and recipient details, dMail subject, content, and attachment details (i.e. name, stored location, and checksum).
  4. A JSON metadata file is encrypted with AES encryption and stored in storage.
  5. A JSON metadata file URL & checksum are sent to TRON Smart Contract.
  6. After transaction finality, the recipient Client B load and decrypt a JSON metadata file and loads and decrypt all the attachments.

File encryption example:

// Symmetric encrypt
const symKey = crypto.randomBytes(32);
const iv = crypto.randomBytes(16);
const cipher = crypto.createCipheriv('aes-256-cbc', symKey, iv);
const symEncrypted = Buffer.concat([cipher.update(fileData), cipher.final()]).toString(
'base64',
);
// Asymmetric encrypt - encrypt just symmetric key & iv
const key = new NodeRSA();
key.importKey(publicKey, 'pkcs8-public');
const symPrefix = `${symKey.toString('base64')}:${iv.toString('base64')}`;
const encrypted = key.encrypt(symPrefix, 'base64');
// Join asymmetric and symmetric part
const data = Buffer.from(`${encrypted}:${symEncrypted}`);

Save to blockchain:

// Save data to blockcahin
const txDetails: TransactionDetails = await blockchainService.sendDocument(
envelope.sender.account,
envelope.recipient.account.address,
envelopePath,
);

Smart Contract link: SC

(2) dChat Protocol (EVM SC): Solidity-based W2W messaging protocol that enables on-chain E2EE private messaging, group chat & curated community chats.

(3) dID Protocol (Typescript, Vue.js): Serves as a public key exchange point between users and connects wallets during the dMail & dChat data exchange process.

(4) UI platform (Typescript, Vue.js): Written with TypeScript, a superset of JavaScript and utilises Vue 3 framework. Serves as HolaChat native UI and White-label GUI framework.

(5) SDK framework (Typescript): EVM-compatible dMail & dChat SDK framework enables back-end partner integration into their UIs or Wallets.

(6) Encryption (AES, ECDH): While the message or email is encrypted with Advanced Encryption Standard (i.e. AES), the Elliptic-Curve Diffie-Hellman (i.e. ECDH) key agreement protocol is used for generating a secret key (i.e. used in AES encryption). The implementation of the Elliptic-Curve Diffie-Hellman protocol will enable the interoperability of HolaChain communication protocols with popular TRON Web3 wallets.

Tokenomics:

There are two approaches to project tokenomics;

  • In the case of TRON MainChain deployment fees are charged in TRX (i.e. one, email or one message = one transaction), while the protocol charges an additional service fee. The service fee is charged on-chain and represents a small % of the transaction cost.
  • In the case of HolaChain AppChain the Hola token utility is quite straightforward. The token would be used as gas while also having governance functions.

Challenges we ran into

We spent over four years developing the 4thTech multi-chain communication building blocks, which are built around privacy and ecosystem integrations deployed on various Layer 1s. As time passed, some of the chosen L1s did not pan out due to interoperability or scalability issues. So the main challenge is to find the most suitable underlying network that would fit all the main requirements and make on-chain private communication usable at scale.

E2EE group messaging was always difficult to achieve, this goes for Web2 and especially for Web3. Developing the tech to support on-chain E2EE group messaging was a challenge in itself. We solve it by random generation of the secret key, that is used to encrypt/decrypt messages. The secret key is distributed to all group members and separately encrypted with Advanced Encryption Standard (i.e. AES) over the Elliptic-Curve Diffie-Hellman (i.e. ECDH) key agreement protocol.

This opens a whole new chapter in Web3 on-chain communication and could disrupt traditional Web2 communication platforms.

Accomplishments that we’re proud of:

  • 2018: Ethereum dID, dMail, dNotary mainnet deployment (EVM, Solidity)
  • 2020: SI-Chain dID, dMail, dNotary deployment (EVM, Solidity)
  • 2020: Tolar HashNet, dID, dMail, dNotary (EVM, Solidity)
  • 2021: Edgeware, dID, dMail, dNotary (Substrate, Rust)
  • 2021: Solana, dID, dChat, dMail, dNotary (Rust)
  • 2022: Moonbeam, dID, dMail, dNotary (EVM, Solidity)2022: TRON, dID, dChat, dMail, dNotary (EVM, Solidity)
  • 2022: EVMOS, dID, dMail, dNotary (EVM, Solidity)
  • 2022: TRON, dID, dChat, dMail, dNotary (EVM, Solidity)

What we learned

  • Blockchain has always offered the promise of enabling private, immutable W2W communication while retaining data and identity ownership, it is by design the perfect privacy tool.
  • Due to stability and scalability issues, early-generation blockchains can not sustain the on-chain communication infrastructure.
  • User migration from “free” but not private Web2 communication platforms to payable but private Web3 infrastructure will be challenging, so new incentive onboarding models will have to be introduced.
  • With the rise of privacy awareness and Web3 adoption in general, the on-chain W2W email & messaging could become the dominant communication and as such can become the future of private online communication. The privacy and security of Web3 native features are just too good to be overlooked.

Built With

How to test?

Step 1: DL & setup FOURwaL (follow the link below)
Step 2: Login to the 4thTech staging UI or login to TRON White-label TestNet (follow the links below)
Step 3: Airdrop TRON TestNet tokens to the FOURwaL account (address available in the accounts tab)
Step 4: Click the “dMail” TAB
Step 5: Add new contact by pasting the FOURwaL TRON TestNet recipient address
Step 6: Start sending dMails
Step 7: Check your transactions by clicking on the Explorer links available in the UI

All content provided herein, including but not limited to text, graphics, logos, and images (the “Content”), is the property of Block Labs Luxembourg S.a r.l., a legal entity established under the laws of the Grand Duchy of Luxembourg, registered with R.C.S. Luxembourg under N B263508 at the following address: 41, rue du Puits Romain, z.a. Bourmicht (Atrium Business Park), L-8070 Bertrange, Luxembourg (the “Company” or “we”). It is protected by copyright and other laws that protect intellectual property and proprietary rights. You are granted a non-exclusive, non-transferable, revocable license to access and use the Content for the sole purpose of obtaining information about the 4thTech technology and other educational purposes. We have done our best to ensure that the Content is accurate, updated, complete, and provides valuable information, but neither do we guarantee nor take any responsibility for its accuracy and/or completeness. The Content is not intended as, and shall not be understood or construed as legal, financial, tax, or any other professional advice, sale or offer for sale of any securities, and/or crypto-assets. The Company is not engaged in rending of and/or is not licensed to render any of the crypto-asset services and/or financial services, such as investment or brokerage services, capital raising, fund management, or investment advice.

--

--

4thTech
/4thtech

L1 Secured W2W E2EE Immutable dMail & dChat Technology