# DID Messaging Encryption ## Requirements - Use Wallet as the KMS for encryption keys ### Issues - Encryption API of wallets is not standardized, e.g., MM provides their own custom API. - MM API only supports X25519 with XSalsa20Poly1305 - Cannot be used with JWEs because JWEs require AEAD cipher. - Cannot be used with DIDComm v1 and DIDComm v2 because they rely on XChacha20 or AESGCM256 - EIP2844 aims to solve that issue but does not support authcrypt yet ### Next steps Short-term: - Add support for a custom envelope that uses XSalsa20Poly1305 but with normal DIDComm payload and protocols - Add support for XChacha20 (libsodium) to MM browser extension by updating eth_publicEncryptionKey(XChacha20|XSalsa20) and eth_decrypt() - This will allow us to use MM for DIDComm v1 anoncrypt. - It won't allow us to use MM for authcrypt - Add support for eth_authcrypt(ethAccount, data, ...) - This will allow us to use MM for DIDComm v1 authcrypt and DIDComm v2 Short-term but won't be available mid-term: - Update EIP2844 to allow did_createJWE(senderDidUri, recipient_dids, data, useAuthcrypt?) Mid-term: - Implement EIP2844 in MM