hush
/
hushchat
8
0
Fork 2
Code Issues Pull Requests Projects Releases Wiki Activity
HushChat - Signal Protocol with zaddrs instead of phone numbers https://hush.is
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
63 Commits
1 Branch
0 Tags
568 KiB
 
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
onryo 8abe9f7f36
Update 'README.md' 		1 year ago
images Upload files to 'images' 1 year ago
LICENSE Initial commit 4 years ago
README.md Update 'README.md' 1 year ago
guide.md markdown edits to fix numbered lists 3 years ago

README.md

HushChat - Signal-like Protocol on Hush

Features of HushChat:

  • No phone numbers 🔒
  • No centralized web servers ⛓️
  • No US-based or any kind of company/non-profit/organization
  • No Javascript/Electron in our desktop full or lite wallets 🚫
  • Plausible Deniability
  • Multiple layers of encryption, in-flight and at-rest 🛡️
  • Emoji Support 💩

What is HushChat Protocol ?

HushChat is a protocol which is a particular use case of HushList protocol and which sits on top of Hush Protocol, an improved Zcash Protocol. It is inspired by the design of Signal Protocol and uses many of the same cryptography and ideas, but does not actually use any code from Signal. For low-level details about HushChat Protocol see https://git.hush.is/hush/hushchat-protocol

How do you start using HushChat?

Refer to our HushChat Beta Guidebook to learn more.

Is HushChat only compatible with HUSH mainnet?

No, it's designed to run on any compatible Zcash Protocol chain, including all Hush Smart Chains.

That being said, HushChat is being developed soley on HUSH mainnet. Other cryptocoins are encouraged to read our Free Software and port it to their codebases with appropriate licensing.

Is HushChat a fork of Signal?

No. We do not use code directly from Signal, but the ideas from the protocol and ideas/concepts from the GUI interface. For instance, Signal Protocol has a concept of "ratcheting" and so does HushChat. Ratcheting is implemented via libsodium secretstreams.

Why not just use Signal?

Signal requires phone numbers and is a centralized service. HushChat is completely anonymous and decentralized and requires absolutely no metadata be given to any centralized third parties. Signal is also not fully open source, the backend servers are NOT OPEN SOURCE, and so, Signal should be considered "open core" and not fully open source. HushChat is Free Software! We are about your freedom, Moxie cares about his Silicon Valley friends.

Is HushChat compatible with the new Hush Smart Chain DRAGONX ?

Yes, DRAGONX is supported by default, as well as all Hush Smart Chains. GUI wallets that support HushChat on DRAGONX are in progress.

How does it compare to Conceal (CCX) and LOKI chat systems (Session) ?

Glad you asked!

  • Monero (CryptoNote Protocol) family coins have no encrypted data storage at the protocol level!
  • Zcash Protocol coins have encrypted data at the protocol level via the memo field
  • This means that Monero family coins are inherently inferior to build an encrypted chat system upon
  • The encryption must be added at a higher level and really stands out, you know which transactions are chats and which are not
  • The design of HushChat is such that every normal HUSH transaction looks like a chat, and every chat looks like the most common kind of Hush transaction. There is no way to tell if chat is being used in any z2z transaction or not. This is caused "plausible deniability" and also there is no way to know how many people are being communicated with, another kind of plausible deniability.
  • CCX and LOKI have none of the above properties, their systems are centralized and have very little privacy, if any.
  • CCX + LOKI use Javascript/web tech extensively and HushChat avoids that stuff like a disease

What kind of interfaces will there be to HushChat?

In order of (likely) development:

  • Lite mode desktop (SDL )
  • Full mode desktop (SD )
  • Android Mobile (SDA )

The Lite mode desktop version is released.

What is HushList?

HushList is a protocol first published in 2017, which describes how to use Zcash Protocol for various communications use cases, including censorship-resistance: https://git.hush.is/hush/hushlist/src/branch/master/whitepaper/protocol.pdf

HushChat is basically one specialized way to use HushList Protocol, focused on near-real-time chat versus mailing list style communicaitons. The world is increasingly chat-based versus email-based and HushChat is a response to that.

Will HushChat store messages on the blockchain like HushList does?

Yes, data must be stored on-chain to have censorship resistance and HushChat can be thought of as a "flavor" of HushList. Users may choose between storing data on the public Hush blockchain or their own Hush Smart Chain (which could be public or completely private).

Isn't it a bad idea to store private data in a blockchain?

It depends on the needs of the user. Currently, many users give all their information for free to various cloud companies who constantly mine their personal data which can then be sold to advertising companies who want to influence thinking and purchases. These average users have a lot to benefit from controlling their data, wrapping it in multiple layers of encryption and enjoying censorship-resistance. For those with more strict needs (say a Healthcare company), a dedicated Hush Smart Chain with access controls, such as needing to be on a certain VPN with a special user/pass to connect to the network, could be used.

Ultimately, to prove to others that something happened or to easily communicate with others, a public blockchain will be the primary use case. It also provides a meeting place for users to come together and then spin up their own Just-In-Time specific-use-case blockchains.

Additionally, if somebody is trying to say false things about you, selectively disclosing data that proves your innocence can be very valuable. HushChat enables this use case.

Are you rolling your own crypto like stupid people?

No. We use the industry standard libsodium to provide cryptographic primitives:

https://download.libsodium.org/doc/

Specifically, we use these parts of libsodium:

  • Key Exchange
  • Secretstreams
  • Password Hashing API (Argon2id)

and potentially others. In terms of cryptographic hash functions, Blake3, Blake2B and SHA256 are used directly and internally by various libsodium functions.

How does HushChat protect my privacy?

Glad you asked!! HushChat adds various layers of privacy on top of our "base" Hush Protocol (itself an improvement on Zcash Protocol), heavily using libsodium.

  • Every HushChat has per-conversation encryption
    • This means that every time Alice talks to a new Bob, they have unique encryption keys compared to every other chat.
  • Every HushChat conversation constantly "ratchets"
    • The shared keys to each conversation constantly change, providing "forward secrecy"
    • If you can steal the secret keys to one chat, it won't decrypt future chats nor can you impersonate future chats
  • HushChat Lite wallets have FULL wallet.dat encryption, leaving no plaintext accessible
    • A wallet.dat at rest therefore has two layers of encryption, wallet-level and chat-level
    • HushChats on the Hush blockchain have three layers of encryption, since the encrypted memo field is only visible to sender and receiver
  • Every HushChat is additionally encrypted with a user passphrase, independent of wallet.dat private keys
    • This means if your device is seized/liberated/stolen and your wallet.dat inserted in ChainAnalysis or similar blockchain analysis platform, your chats are encrypted blobs of useless information
  • HushChats cannot be truncated, removed, reordered, duplicated or modified without being detected
  • HushChat, when used from a lite wallet, uses a randomly selected different server upon startup
    • Unlike most existing lite wallets (such as Zcash), which have a hardcoded single centralized lite server, Hush wallets have many community run servers
    • It's very bad for privacy for all users to talk to a single lite wallet, that means the lite wallet operator knows their IP addresses and transaction id's of ALL USERS. Additionally the ISP of the lite wallet knows all IP addresses talking to the server.
    • In Hush, a new random server is selected when the wallet starts, and no one lite server operator has access to all the data, only a slice of it

Signal Vulnerabilities

https://restoreprivacy.com/timing-attacks-on-whatsapp-signal-threema-reveal-user-location/

HushChat is not vulnerable to the above vulnerability because there are no delivery receipts in HushChat protocol. When Alice sends a message to Bob, she has no idea if or when it's ever delivered to Bob's wallet or if he reads it. This is a feature, not a bug.

Signal is also increasingly trying to be a "social media app" and encouraging people to leak metadata and promising them it will be deleted forever. Haven't we heard that before? Hush considers this a bug (possibly an attack) and not a feature.

Where can I learn more?

Join us on Telegram or our Telegram Support channels.