Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
End to End encryption
Signal (Protocol) (= Axolotl, previously) in yowsup
Yowsup now implements end-to-end encryption protocol found in Textsecure, which WhatsApp has recently adapted in their Android clients, and slowly coming to other platforms. This was achieved by porting libsignal-protocol-java library to python (python-axolotl) and integrating it with yowsup.
How it works in yowsup
Because of the layer-architecture in yowsup, it was easy to just snap in a new axolotl layer, without any of the other layers knowing/caring about the existence of this feature.
Remark(added 2016-09-xx): Please note that by now, the Axolotl Layer becomes Axolotl Layers. (Ref: "Split up axolotl into 3 layers")
The layer intercepts incoming and outgoing messages, and handles the following:
- Generating prekeys, signed prekey, identity key, registration id, persisting and sending them to WhatsApp if they don't exist
- Automatically regenerating and sending new keys when we get a notification from WhatsApp to do so
- Establishing sessions and fetching prekeybundle for a recipient with no session when you send a message to them.
- Transforming outgoing message data from upper layers into encrypted prewhispermessages/ whispermessages before sending them, depending on current session state.
- Transforming the incoming encrypted prewhispermessages/whispermessages into plaintext for upper layers to handle normally.
- Acting as a pass-through layer for recipients who don't support encryption yet.
- Session data is stored in '.yowsup/YOUR_PHONE/axolotl.db' found in your user directory.
- To completely disable E2E encryption, just don't add axolotl-layer to your stack