Introducing Decentralized Chat

5 min readMay 9, 2024

Introduction

The following is a technical crash-introduction to a decentralized chat app. This app has so far been exclusively discussed on Reddit, but we believe it is time to venture out.

This chat app is an investigation into a unique take on decentralized communication. A chat app that operates in the browser without a backend (kind-of). A decentralized chat application implemented as a Progressive Web App (PWA) built in JavaScript. The project has been recently open-sourced. This decision marks a significant step forward for the project, aiming to embrace the ethos of transparency, collaboration and community feedback.

https://chat.positive-intentions.com

Here’s a brief rundown of what this app brings to the table:

Encrypted Messaging: Utilizing end-to-end encryption to ensure that your messages remain private.
File Sharing: Leverage WebRTC technology and QR codes for easy and secure file transfers.
Voice and Video Calls: Connect with friends, family, or colleagues through seamless voice and video calls.
Shared Virtual Space: Explore a shared mixed-reality space, offering an experience akin to other mainstream products.

Augmented Reality

Demo: https://chat.positive-intentions.com/verse

www.youtube.com

Image Board: An intuitive, scrollable format for browsing and sharing images, inspired by platforms like Instagram.
https://chat.positive-intentions.com/#/feed

What is it?

The aim is to give users more control over their data, privacy and security. In the interest of transparency, the following are some high-level technical details on how the app works.

Self-Generated and Managed Encryption

With a standard browser, you can create encryption keys and store them on your device, similar to cookies. This is made possible by using tools provided by all modern browsers for cryptography. Check out the code here.

Decentralized Authentication

Our app uses WebRTC to create a secure peer-to-peer connection between two browsers. This connection can persist if the browsers remain connected without a server. With WebRTC, you can send encryption keys between users securely. When you connect to a peer you’ve previously shared encryption keys with, you can validate their identity by checking if they have the same encryption keys you sent in a previous session. Here is a sequence diagram.

Decentralized Profile

With a JavaScript implementation of symmetric encryption, you can encrypt larger payloads of data. This can be used to encrypt a user’s profile, including their username and avatar image.

Decentralized Encrypted Messaging

Our app allows you to store data in the browser, similar to cookies. This can be used to store messages from peers. Browser storage can remain until you decide to clear the site data. Using previously shared encryption keys, you can encrypt messages between peers, with WebRTC providing a redundant layer of encryption.

Decentralized Chat

Using Material UI, a popular UI framework with a lot of components, you can create a chat interface. A better UI allows for a more interactive and intuitive app experience.

Decentralized File Transfer

With IndexedDB, you can store large files on your device directly from the browser. The capacity is larger than that used for typical cookies. Symmetric encryption can be used to encrypt these large files, and WebRTC can be used to send files between peers.

Decentralized Virtual Reality

With a standard browser, you can create 3D graphics in the browser with WebGL/WebGPU. This can be used to create a virtual reality environment. You can use WebRTC to share your 3D-position in the virtual environment and to share a live video stream with a peer. This video stream can be used to texture a 3D model in the virtual environment.

Safety and security

The app is an unstable proof-of-concept and a work-in-progress. Its important to understand at this early stage in the project, there will be breaking changes. It is not ready to replace any existing apps or services. While the app is aiming to be a encrypted and secure chat system, the project is not mature enough to have been reviewed by security professionals and should not be considered encrypted or secure. The app is presented for testing and demo purposes only. You can see an initial version of a threat-model document here. It is expected to take a while before the app is ready for production.

Roadmap

There are many features to be introduced and explored.

Distributed Profile — By sharing data between your own devices, it would be possible to create multi-platform chat experience as seen on mainstream messagnger apps.
WebLLM — Initial investigations show that it would be possible to introduce browser-based LLM’s. Initial thoughts are that it takes a lot of storage which most people might not want on their devices.
P2P group chat — Some basic functionality exists for this, but it is unstable and in need of refining.
Augmented Reality — Some functionality is implemented, but there is much more to do before the feature is good enough to generally use.
Decentralized cloud storage — The app is able to transfer files over WebRTC to indexedDB. This can be repurposed into a kind-of cloud storage, where the cloud is “your other devices”.

This journey is just beginning and we’re excited to see where collaborative development can take this project. Share your thoughts and questions in the comments.

App: chat.positive-intentions.com
GitHub: positive-intentions/chat
More information about the app: positive-intentions.com