9 comments

[ 2.9 ms ] story [ 38.3 ms ] thread
Hi All, I am one of the founders of Stealthy. Unlike Web 3.0 browsers, we have deep integration at the resource level with other dApps. This means you can browse, share, and collaborate dApp content from within Stealthy.

We’re eager to get the HN community feedback on our mobile app. Here are the current features in Stealthy: - Available on iOS and Android - Public channels: topic discussion or dApp support - Private 1:1 messaging: client side encrypted for recipient - Sharing and collaboration with other dApps (Graphite and TravelStack)

Here is what’s on our roadmap: - Performance & UX improvements - Messaging features: Group messaging, attachments, gifs etc - Deeper dApp integrations: blog or post to social media from Stealthy - Lightning network integration for transactions

(comment deleted)
Hi everyone, I wanted to just address a few points that arise for decentralized and messaging apps:

How decentralized is Stealthy?

  * User identities are stored in the Bitcoin blockchain
  * User storage is decentralized away from Stealthy in the user’s own cloud storage
  * Stealthy doesn’t require a centralized signalling server for p2p communication (both parties must add each other as contacts, coordinating this outside of Stealthy)
  * Conveniently, Stealthy includes a signalling server that can be disabled.
  * Push notifications use centralized technology at present.
  * Our public discussion channels use centralized notifications to scale at present.
  * We build on Blockstack to get decentralized identity and storage (https://blockstack.org/faq/, https://blockstack.org/whitepaper.pdf)
  * We have plans to continue decentralizing Stealthy features as time permits and solutions become available, for instance migrating to GUN decentralized database for some features (https://gun.eco)
2. Protocol details?

  * We plan to publish more details near the end of this year.
  * All data is stored off chain for performance approaching centralized messengers.
  * Offline p2p communication is relatively simple and involves polling a contact’s cloud storage for messages.
  * Polling scales based on users presently and will see more intelligence in a future release.
  * Realtime p2p uses our offline p2p to establish a WebRTC connection (coming later this year to mobile).
  * All p2p messages are encrypted client side before transmission.
  * Our public channels use a hybrid version of our p2p protocol
    * Messages from users use the p2p protocol with a centralized notification for scaling.
    * Messages from the channel are written sequentially, unencrypted (it’s a public channel)
3. Encryption details?

  * Encryption keys are held by the user 
  * Stealthy uses Blockstack compatible ECIES for all p2p messaging (SECP256K1 curve, SHA512 MAC, AES 256 CBC cipher, SHA256 HMAC)
  * More information here: https://blockstack.org/faq/
4. Surveilling metadata?

Stealthy was not designed to conceal metadata from state-level actors, especially those with a capability of surveilling each node of a network concurrently. There are other protocols with that intent. However, we are looking to improve our protocol in this regard in the near term.

5. Why collect an email?

Stealthy uses Blockstack’s identity solution which collects email in the event that you need to recover your 12-word Blockstack pass phrase. Stealthy does not collect your email.

This is the type of innovation the world needs! Keep up the good work guys!
Thanks--it's fun work too!
Superb. Exactly what the world needs now!
I find BitMessage protocol truly decentralized. I worked on implementing a java client for it a while ago. It stores encrypted message on your machine, although only the intended receiver can decrypt the message. Although inefficient it's impossible to identify origin of the message. On the downside the p2p message propagation could take time. I wish it was more popular.

Source: https://bitmessage.org/wiki/Protocol_specification

Please don't do promotional voting or commenting in HN threads. We ban accounts and sites that do that. The comments are especially bad, because HN users are expert at sniffing out that kind of thing, which makes the thread unsalvageable even if the work is good.

https://news.ycombinator.com/newsfaq.html