The SEAM library implements a small encoding standard for exchanging messages signed and encrypted with TweetNaCl (and compatible) constructions: sign, box, and secretbox.
SEAM is designed to enable two messaging modes.
- In direct message (or "DM") mode, messages are encrypted with the
boxconstruction (x25519-xsalsa20-poly1305) using the recipient's public key and an ephemeral private key (the "transit" key).
{
"mode": "direct",
"body": "(base64-encoded encrypted bytes)",
"destination": "(opaque string)",
"nonce": "(base64-encoded nonce bytes)",
"timestamp": 2234567890,
"transitIdentity": "(base64-encoded X25519 public key)"
}- In shared message (or "thread") mode, messages are encrypted with the
secretboxconstruction (xsalsa20-poly1305) using a shared key.
{
"mode": "shared",
"body": "(base64-encoded encrypted bytes)",
"destination": "(opaque string)",
"nonce": "(base64-encoded nonce bytes)",
"timestamp": 2234567890
}All messages are encoded as JSON, digested with SHA512, signed with the sign construction (ed25519), and wrapped in an envelope with the signing user's public key.
{
"author": "(base64-encoded ed25519 public key)",
"message": "(message JSON)",
"signature": "(base64-encoded ed25519 signature of SHA-512 hash of message JSON)"
}See GoDoc for full usage.
Released under The MIT License (see LICENSE.txt).
Copyright 2020 Duncan Smith