Introducing Origin Messaging: Decentralized, Secure, and Auditable

At Origin Protocol, we’re building a platform for creating decentralized marketplaces on the blockchain. One of the core features of any marketplace is the ability for participants to communicate with one another. Whether a buyer has questions about a product before committing to a purchase, or a host is delivering sensitive instructions to a home sharing guest, messaging is a critical component necessary to facilitate meaningful transactions. And while users are drowning in centralized options, we wanted a messaging system that was truly decentralized, encrypted end-to-end, persistent, real-time and auditable while still delivering a user experience as good as any centralized service.

We soon realized that there was a need for a decentralized messaging system, not only for Origin, but for the entire ecosystem. Our legendary engineer, Yu Pan signed up for the daunting task of figuring out a way to meet our objectives. Our solution uses OrbitDB, a technology built on IPFS, and Ethereum wallets to handle the signing process. We’ve already integrated our new messaging protocol into the Origin demo DApp, so you can experiment with it yourself today.

Origin Messaging In Action

Here are some of the characteristics of Origin Messaging and why they matter:

  • Open-source — Everything we build at Origin is 100% open-source. It’s no coincidence that the most trusted systems in the world run on open-source software. You should never be required to trust our company or any other to remain a good actor. You can always verify and run our code for yourself.
  • Secure — Everything is encrypted end-to-end. Your privacy is paramount and no one (including Origin and the NSA) should have the ability to eavesdrop on your conversations. We’ll never ask to see your private keys. We wouldn’t consider building it any other way.
  • Decentralized — Our messaging system is built on top of OrbitDB which is a serverless, distributed, peer-to-peer database. OrbitDB uses IPFS as its data storage and IPFS pubsub to automatically synchronize databases with peers. Unlike most messaging services, there are no centralized servers or single points of failure that can be compromised or shut down, no matter who asks.
  • Free — Despite leveraging Ethereum’s infrastructure and signing capabilities, no messages are actually published to the Ethereum blockchain. This means there are no associated gas costs, and it’s completely free to send or receive a message.
  • Persistent — Your conversations should live forever (or at least for a really long time). Protocol Labs (the organization behind IPFS) is currently working on a project called Filecoin, which will allow users to pay for their data to be stored securely across the network. When Filecoin launches, we’ll finally have an incentive system to ensure that your encrypted blobs of text messages stick around. Until then, Origin and a few of our partners will happily “pin” your messages to ensure that there’s at least one copy available on the network.
  • Fast — Life is short and this is 2018. Messages sent via Origin Messaging show up almost immediately. Since none of the messages are stored on-chain, there is no waiting for blocks to be mined or anything like that.
  • Auditable — The signatures on every message are checked to confirm the validity of the sender. A special requirement for Origin is that, in the event of a dispute between a buyer and a seller, a third-party arbitrator must be capable of accessing the conversation history only after permission is granted by one of the participants. The arbitrator must receive cryptographic proof that they’re viewing an accurate transcript of everything that was said in order to arrive at a fair resolution. This all happens without any users disclosing their private keys.
  • Ethereum-based — We’re building Origin on top of Ethereum, and so public addresses are essentially the primary keys for our users. It makes sense that you should be able to send a message to the holder of a specific ETH address. And your private key should be the only secret that you need to maintain.
  • Easy to use — If we expect users to adopt this technology, we can’t have MetaMask or another wallet pop up every time you want to send a message. At the same time, it’s critical that everything is that encrypted and that messages can be cryptographically linked back to the Ethereum wallet that sent the message. We’re able to accomplish both objectives by signing a couple of special messages with your Ethereum wallet when messaging is first enabled on your account. This creates a new shared key that is derived from your wallet and can be safely kept in localStorage on your browser for convenience.
  • Integrated with ERC-725 — When you receive a message from someone, it’s helpful to know who they are and have some assurance that they are who they say they are and not an imposter. We’re big supporters of the ERC-725 standard for managing identity on the blockchain. Since ERC-725 works by attaching identity attestations to your Ethereum address, it works seamlessly with our messaging system by adding not only names and faces but also attestations from trusted third-parties that have verified certain parts of the identity.
  • Anonymous — For users who prefer not to validate an identity and connect it to their account, we respect the decision to be known by a beautiful string of unintelligible characters like 0x627306090abab3a6e1400e9345bc60c78a8bef57.
  • Extensible — Sending text messages back and forth is just the beginning. Origin Messaging can be used to send multimedia content and even transporting machine-readable messages between DApps. For example, the arbitration features that we’re working on will use Origin Messaging as the underlying transport system.

How it works

An Origin user will be responsible for maintaining only one secret: her Ethereum private key. With this and a web3 provider, she will “enable Origin Messaging” for her account. By signing a message that we generate, she will create an Origin Messaging Private Key, which will be stored in her device’s localStorage.

Our DApp provides various mechanisms for sending a message. When one is generated from a listing or existing transaction, we store a reference to the relevant listing or purchase in order to provide this context in the conversation UI. Messages could also be sent to any Origin Messaging-enabled user by a user or DAPP with access to the Origin Messaging Public Key Registry.

Watch the technical explanation of how Origin Messaging works

Current limitations

We’re currently running our own OrbitDB server and IPFS gateway in order to increase the stability and performance of the service. We’re eager to see more adoption of IPFS and the eventual launch of Filecoin to increase the decentralized nature of this system and make it more resilient to attacks.

Origin Messaging requires a double opt-in key generation procedure for each participant in a conversation. This is not a frictionless onboarding experience, but it is a necessary component that provides both security and auditability. We’re also counting on users to be able to maintain their Ethereum private keys, which is an ongoing exercise in user education.

Next steps

We’d love to see this messaging standard adopted by other projects. Users will increasingly benefit from this communication platform as it is implemented across additional applications. In the coming weeks, we’ll be working to further improve the user experience, expand the available features, and refine our public API. We would welcome any other DApp developers who would like to integrate a free and secure messaging system to check out our open-source library and get in touch.

Learn more about Origin: