A secure chatting app built on electron, socket.io and heroku
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
assets
e2e
public
src
test/utils
.env
.eslintrc
.gitignore
.travis.yml
LICENSE
LICENSE.md
README.md
docker-compose.yml
package-lock.json
package.json

README.md

Scytale desktop clients

Scytale is a simple P2P chat application that focuses on security, simplicity and e2e user ownership. The intention of this app is not to replace the already existing and popular messaging applications. It is targeting the users who want a secure, dependency-free and fully owned application with a simple interface for exchanging snap messsages.

The client application requires a backend service for exchanging ICE information. It is advised to create your own server on heroku since the default one is for demo purposes (only) and is not maintained.

Status

Build Status

Security

  • Keys are generated using ECDH (prime256v1).
  • E2E encryption is performed by SHA256 (aes-256-cbc).
  • The shared secret is calculated like:
    const sharedSecret = ecdh.computeSecret(remoteUser.publicKey, 'hex', 'hex').substring(0,32)
  • A hash sha256 of the original message is sent together with the encrypted message.

Check safecurves

Dev

Clone the backend service and start it locally.

# Install dependencies
npm install
# Run the app in dev mode
npm run electron-dev

Open your browser and point two tabs to: http://localhost:3000. Pick a random string for chatroom and connect both clients. :)

Unit Test

npm test --watchAll

E2E Test

npm test:e2e