Try   HackMD

Private Groups | 2019-11-07

simplest thing

mix sends notification to group: bbq is cancelled. pure broadcasts, no tangles.

sbot.privateGroups.add({key, id})

sbot.backlinks.read(query)

things we're not doing:

  • optimisations like "only try keys from people I'm in groups with"
    • possible future: sbot.privateGroups.add({key, feeds: [id...]})
  • indexing past messages
content: {
  type: 'gathering',
  name: 'private group call',
  startTime: {
    epoch: 1573074104361
  },
  
  // user doesn't need to know this
  tangles: { 
    group: { root, previous },
    gathering: { root, previous }
  }
}

what features does adding someone to a key look like

content: {
  type: 'group/update',
  
  writers: { 
    <@dominicFeed>: 1,
    <@keksFeed>: 1
  },
  
  tangles: {
    group: { root, previous },
    membership: { root, previous }
  }
}

// agree ^this is more sugary than needed immediately

content: {
  type: 'entrust',
  key: <groupKey.base64>
  tangles: {
    group: {root, previous}
  },
  recps: [mixFeed, group.id]  // << NOTE group.id
}

// ^this one is a minimal entrust message for a group.

Properties:

  • tangles.group is present so as a new person I can traverse (up the tangle) the history of things I need to decrypt

  • recps includes the person being added and the group, meaning

    • mix receives the messages about being added to the group
    • the group received a message seeing that mix has read-access
    • // this is polite / transparent
      Image Not Showing Possible Reasons
      • The image file may be corrupted
      • The server hosting the image is unavailable
      • The image path is incorrect
      • The image format is not supported
      Learn More →
  • ssb-server now needs to know when it sees group.id to encrypt to that group as well

    • what group.id is still needs determining:
      • could be a hash of the group's root %messageId ?
      • could be a hash of the group's private key?
    • some past prototyping https://github.com/dominictarr/ssb-private-groups/blob/master/index.js#L65
      • if id is @feedId, just use that
      • if it's a @messageId (or unique group.id), check if it's a valid group id and then look up / derive the encryption key for that group and use that for encryption

publishing fails if:

  • any recps are duds
  • if recps === []

Q? How how does encryption work when there's a feedId + a group.id ?

  • plan to change the format to box2
    • box2 is specified? yes
  • it will use a slot

Q? does this work for multiFeed.id just the same?

  • mix : we would want asymmetric keys for this

Parts of the system

High

  • backlinks index

Low


simple thing (simplest ++ / v2)

how to solve the "I received the key later" problem

  • could do this in backlinks.read or in the backlinks indexing

  • could tangle all messages for a group