intro notes
This commit is contained in:
parent
62e2f7dd26
commit
ba31e5a784
|
@ -2,12 +2,64 @@
|
||||||
sidebar_position: 1
|
sidebar_position: 1
|
||||||
---
|
---
|
||||||
|
|
||||||
# Cwtch Intro
|
# What is Cwtch?
|
||||||
|
|
||||||
|
Cwtch (/kʊtʃ/ - a Welsh word roughly translating to “a hug that creates a safe place”) is a decentralized, privacy-preserving, metadata resistant messaging app.
|
||||||
|
|
||||||
|
* **Decentralized and Open**: There is no “Cwtch service” or “Cwtch network”. Participants in Cwtch can host their own safe spaces, or lend their infrastructure to others seeking a safe space. The Cwtch protocol is open, and anyone is free to build bots, services and user interfaces and integrate and interact with Cwtch.
|
||||||
|
* **Privacy Preserving**: All communication in Cwtch is end-to-end encrypted and takes place over Tor v3 onion services.
|
||||||
|
* **Metadata Resistant**: Cwtch has been designed such that no information is exchanged or available to anyone without their explicit consent, including on-the-wire messages and protocol metadata.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
** See also: [Create a profile](/docs/profiles/create-a-profile)**
|
||||||
|
|
||||||
|
# Security, Encryption and Safety
|
||||||
|
|
||||||
|
## Identity, or What exactly is a Cwtch Profile?
|
||||||
|
|
||||||
|
With Cwtch you can create one of more **Profiles**. Each profile generates a random ed25519 keypair compatible with
|
||||||
|
the Tor Network.
|
||||||
|
|
||||||
|
This is the identifier that you can give out to people and that they can use to contact you via Cwtch
|
||||||
|
|
||||||
|
## Peer to Peer, 2-party Conversions
|
||||||
|
|
||||||
|
![](/img/BASE_3.png)
|
||||||
|
|
||||||
|
In order to chat with your friends in a peer-to-peer conversation both must be online.
|
||||||
|
|
||||||
|
After a successful connection both parties engage in an **authentication protocol** which:
|
||||||
|
|
||||||
|
* Asserts that each party has access to the private key associated with their public identity.
|
||||||
|
* Generates an ephemeral session key used to encrypt all further communication during the session.
|
||||||
|
|
||||||
|
This exchange (documented in further detail in [authentication protocol](https://docs.openprivacy.ca/cwtch-security-handbook/authentication_protocol.html)) is *offline deniable*
|
||||||
|
i.e. it is possible for any party to forge transcripts of this protocol exchange after the fact, and as such - after the
|
||||||
|
fact - it is impossible to definitely prove that the exchange happened at all.
|
||||||
|
|
||||||
|
One the authentication process is successful then both you and your friend can communicate away assured that no one else
|
||||||
|
can learn anything about the contents or the metadata if your conversation.
|
||||||
|
|
||||||
|
## Offline Delivery via Untrusted Routing Servers, and Group Conversations
|
||||||
|
|
||||||
|
**Note: Metadata Resistant Group Communication is still an active research area and what is documented here
|
||||||
|
will likely change in the future.**
|
||||||
|
|
||||||
|
**TODO: Expand**
|
||||||
|
|
||||||
|
In many respects communication with a server is identical to communication with a regular Cwtch peer,
|
||||||
|
all the authentication and encryption steps above are taken however the server always acts as the inbound peer, and the outbound
|
||||||
|
peer always uses newly generated **ephemeral keypair** as their "longterm identity".
|
||||||
|
|
||||||
|
As such, peer-server conversations only differ in the *kinds* of messages that are sent between the two parties,
|
||||||
|
with the server relaying all messages that it receives and also allowing any client to query for older messages.
|
||||||
|
|
||||||
Cwtch (/kʊtʃ/ - a Welsh word roughly translating to “a hug that creates a safe place”) is a decentralized, privacy-preserving, metadata resistant messenging app.
|
|
||||||
|
|
||||||
## Getting Started
|
## Getting Started
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
### Install
|
### Install
|
||||||
|
|
||||||
Install on OS of choice:
|
Install on OS of choice:
|
||||||
|
@ -16,8 +68,3 @@ Install on OS of choice:
|
||||||
- Android
|
- Android
|
||||||
- MacOS
|
- MacOS
|
||||||
- Linux
|
- Linux
|
||||||
|
|
||||||
### Use
|
|
||||||
|
|
||||||
**[Create a profile](/docs/profiles/create-a-profile)**
|
|
||||||
|
|
||||||
|
|
Binary file not shown.
After Width: | Height: | Size: 38 KiB |
Loading…
Reference in New Issue