PeerMessage

Hey all,

I’m getting close to being finished with my first project off the peercoin blockchain. This project is just a stepping stone towards my larger project (which is still under wraps) that requires a decentralized message app to already be in place.

Below, I wanted to explain the protocol and direction this project is heading in to get any feedback/criticisms/input from the community.

–PeerMessage–

PeerMessage is a messaging app that resides on top of the Peercoin blockchain, without bloating it.

Installation / Setup

• Download the app / source code, run it.
• Follow the installation wizard
  • select your peercoin address to use
  • install GPG Suite
  • generate public/private keys
  • publish your public key on the blockchain (acts just like sending a message, see below for details)
  • A local sqlite database is automatically created to store the results of a parsed blockchain.

Sending a message:

• User creates text message in app on their machine
• User selects who they want the message to go to, either a specific person or “broadcast”.
• If specific person selected, that person’s public key is pulled and used to encrypt the message.
• The user’s peercoin address is now used to sign the message and append a signature to it.
• A key is created by hashing the message + meta data + timestamp.
• A transaction is made on the peercoin network, using the (as yet unmerged) OP_RETURN to store that key in the blockchain, prefixed with a few characters identifying this app. This costs the user the transaction fee (0.01 PPC).
• The key is then used to store the message in the remote datastore (more on that later)

Scanning the blockchain

• For every new block created, this app scans all transactions in that block looking for OP_RETURN with the proper prefix designating our app (using json-rpc, assumes peercoin client running in addition to this app).
• When a valid transaction is found, pull the key from it, and use the key to pull the data from the external data store.
• Process the external data, which could be a public key announcement, a private message, or a broadcast.
  • Verify it’s signature.
  • If it’s a public key, store it in the sqlite database attached to the peercoin address that sent it.
  • If it’s a broadcast, store it in the sqlite database if user is subscribing to that peercoin address.
  • If it’s a private message, attempt to decrypt it. If successful, store it in sqlite database as a new message for you.

Datastore

• Two datastores will be used
  • Cloud storage (will be in first iteration)
    • This stores the data on top of four cloud services for redundancy.
      • Tinyurl.com (url shortener)
      • is.gd (url shortener)
      • imgur (image storage)
      • pastebin (text storage)
    • Each one of these stores has a key (e.g. tinyurl.com/) which points to the payload (http://someurl.com/?)
    • Read more about this strategy here: http://softwareas.com/the-url-shortener-as-a-cloud-database/
  • Distributed storage (second iteration)
    • This will either utilize whatever Sunny comes up with for Sidechains, or…
    • The BitTorrent network, similiar to this: https://github.com/HelloZeroNet/ZeroNet

Spam

• It costs the standard transaction fee (0.01 ppc) for any action (publishing a public key, sending a message, sending a broadcast).
• A user will be able to blacklist anyone who sends them a message, causing all future messages from that person to be hidden (without notifying that person).
• Additionally, the cloud storage services generally have a 10 submittals per ip address per hour limit. This will be reduced as a problem when the distributed storage solution is rolled out - but in the short-run, helps curtail spam.

Some additional details

• The app is written in Python, with an embedded webserver that runs locally. This allows me to build the frontend in modern web languages, using bootstrap as the base - and also allows anyone with web experience the ability to modify it.
• The app interacts with the wallet using json-rpc, and thus requires the wallet to be running and the user to be a full node. This positively impacts the network.
• The app does NOT bloat the blockchain or memory. The OP_RETURN script marks the transaction as invalid, meaning it won’t be stored in memory. It also is extremely small, since it’s only storing a key (essentially a hash of the message), and not the contents of the messages themselves.
• The app is NOT trying to achieve perfect anonymity with it’s messaging protocol. You have one identity per public key, and one public key per peercoin address. Anyone can see the encrypted form of your message. Only the person you sent the message to knows what the message contains and who it was sent to.

Let me know any thoughts you have! I won’t be releasing this until OP_RETURN gets merged from Bitcoin 0.9 to Peercoin, but will continue pushing on this and the larger project until then.

PeerMessage is a messaging app that resides on top of the Peercoin blockchain, without bloating it.
The user’s peercoin address is now used to sign the message and append a signature to it.

Interesting - that seems different from building a sidechain

wow, is there a bitcoin equivalent to this or it’s a new innovation

I like it.

• how much bytes in OP_RETURN you need?
• cloud storage is more than enough for start
• do you consider using second level of storage e.g. pastebin, imgur(encrypted content embed in png), other?

it looks very beautiful!
do you think it can be merged in storj in order to create the first decentralized email service?

It has been a while I have seen such an interesting design specifically for Peercoin.
Would be great to have a Peercoin version of Storj and a messaging system on top of it.

Only thing I would consider is the level of integration between wallet and App at the GUI level. It can just be basic wallet functionality in your web front end.
But probably depends on what your final destination is…

Aaaaaaaaaaa! Don’t decentralize everything, not yet! emeth made it simple and beautiful, spam free messaging service with hidden recipient. It’s great. Don’t touch, don’t storj it, don’t let it crash before start, let it be useful right now and evolve.

Emeth, it seems you got a mention from Sunny King here on your project…

[quote=“kac-, post:4, topic:3247”]I like it.

• how much bytes in OP_RETURN you need?
• cloud storage is more than enough for start
• do you consider using second level of storage e.g. pastebin, imgur(encrypted content embed in png), other?[/quote]

Right now I’m using 2 bytes to identify the app, 3 bytes to identify the action, and 25 bytes for the key (total of 30 bytes). is.gd, one of the cloud stores, has a limit of 30 bytes for a key. OP_RETURN allows 40 bytes, so we have wiggle room in the future if needed.

Definitely going to be using the second level of storage. Even when the distributed storage solution is added, the second level of storage in the cloud acts as a fallback - it’s very hard to censor, is up even when no one is “seeding”, etc.

[quote=“seki, post:5, topic:3247”]it looks very beautiful!
do you think it can be merged in storj in order to create the first decentralized email service?[/quote]

It could be, but I won’t be doing so. I have high hopes that Sunny King’s sidechain solution will cover most of the same use-cases that storj does, and my goal with these projects is to increase the usefulness of peercoin itself.

Also, email itself is already a decentralized service, so I’d be careful about throwing around phrases like that.

[quote=“Cybnate, post:6, topic:3247”]It has been a while I have seen such an interesting design specifically for Peercoin.
Would be great to have a Peercoin version of Storj and a messaging system on top of it.

Only thing I would consider is the level of integration between wallet and App at the GUI level. It can just be basic wallet functionality in your web front end.
But probably depends on what your final destination is…[/quote]

I hope this app more and more becomes the main app used for Peercoin, and will eventually have all wallet features built-in, as well as a pluggable interface for people to build new data apps off Peercoin. Web-based UI is frankly just superior to a native GUI - no one can argue with that, I suspect.

Right now, we (Peercoin) are still tied to Bitcoin’s core, and thus are tied to Bitcoin’s GUI-based wallet as long as we want to benefit from their advances (such as OP_RETURN). Eventually, development in Bitcoin will either stagnate, or go in a direction Peercoin does not want to go. At that point, I see the opportunity for complete rewrites of the wallet app in something like this app. I’m hesitant to do it before then.

Will there be a form of PoS difficulty in sending/receiving messages? Similar to how Bitmessage has a PoW difficulty users can alter

Great work! I am excited ;D

@emeth have you tried your model with http://en.wikipedia.org/wiki/Elliptic_curve_Diffie–Hellman ?
Like stealth payments- those will be stealth messages. And it removes GPG/PKI dependencies and code.

alice_private_key * bob_public_key = bob_private_key * alice_public_key = shared_secret

alice_public_key - key can be found in ScriptSig of first input of “message transaction”
bob_public_key - in Bob’s forum signature

Terrific work emeth.

Since it is written in python, can it act as a simplified local smtp daemon to allow local mailers such as thunderbird to send/receive/manage peermessage as if they were emails?

[quote=“mhps, post:12, topic:3247”]Terrific work emeth.

Since it is written in python, can it act as a simplified local smtp daemon to allow local mailers such as thunderbird to send/receive/manage peermessage as if they were emails?[/quote]

That’s a crazy interesting idea. To my knowledge, there’s no reason it couldn’t do so.

[quote=“kschneezy, post:10, topic:3247”]Will there be a form of PoS difficulty in sending/receiving messages? Similar to how Bitmessage has a PoW difficulty users can alter

Great work! I am excited ;D[/quote]

Not at present. The fee per message (0.01 ppc), the limits imposed by cloud storage, and the ability to shadow-ban specific people from sending you messages may be sufficient to take care of the spam issue. If it’s not, we’ll explore further.

[quote=“kac-, post:11, topic:3247”]@emeth have you tried your model with http://en.wikipedia.org/wiki/Elliptic_curve_Diffie–Hellman ?
Like stealth payments- those will be stealth messages. And it removes GPG/PKI dependencies and code.

alice_private_key * bob_public_key = bob_private_key * alice_public_key = shared_secret

alice_public_key - key can be found in ScriptSig of first input of “message transaction”
bob_public_key - in Bob’s forum signature[/quote]

I did some research into that area, and looked around about what people had to say about it and similar approaches (e.g. https://bitcointalk.org/index.php?topic=685269.0). I actually think it could work - but I worry about people getting side-tracked worried and arguing about the cryptography specifics rather than using it as the base for even more complicated data apps off the blockchain.

When I release the code, I won’t immediately release binaries. I want people to be able to play with it, critique it, experiment with it, etc for a little while before “publishing” it on the market. I’d encourage you (or anyone else interested) to experiment in a fork with swapping out GPG with something like mentioned above, and seeing how the community responds to it. I have no particular preference for what is used for encryption, so long as it does its job and doesn’t cause emacs vs. vi-style wars.

[quote=“emeth, post:13, topic:3247”][quote=“mhps, post:12, topic:3247”]Terrific work emeth.

Since it is written in python, can it act as a simplified local smtp daemon to allow local mailers such as thunderbird to send/receive/manage peermessage as if they were emails?[/quote]

That’s a crazy interesting idea. To my knowledge, there’s no reason it couldn’t do so.[/quote]

Maybe you could just interface peermessage with bmwrapper or BitMailServer (for windows). It seems easy to use.

I will certainly keep an eye on this. Keep up the good work.
And look into creating project on Peer4commit.

Fantastic idea!
I haven’t read the whole thread, because I’m n the run, but I want to note that Emercoin has a PKI.
That seems - at least partially - to be block chain wise similar to what you want to do.
As Emercoin is a Peercoin fork, it might be able to lean on their code!
…just wanted to throw that in the discussion.

And I need to voice a warning: what will we do once the frequently used PeerMessage service has consumed quite a number of Peercoins by destroying the tx fee and the mining in PoW is either with very tiny block rewards (because of former Bitcoin miners join the PoW process) or has been discontinued?
How will we then create new Peercoins?
…just kiddin’, because I’m so excited about that proposal!

I love that PeerMessage idea!

This is a very cool piece of technology, emeth. Kudos! I’m going to keep a close eye on what you’re building here and would be interested in helping out when you’re ready for widescale testing.

Emeth

Rather than risk losing it, I have reserved the domain name peermessage.net for 12 months
(.com and .org had already gone)

Let me know whether and when this domain will be useful, and we can sort out how to transfer it
If not, I will just let it lapse a year from now

[quote=“RobertLloyd, post:19, topic:3247”]Emeth

Rather than risk losing it, I have reserved the domain name peermessage.net for 12 months
(.com and .org had already gone)

Let me know whether and when this domain will be useful, and we can sort out how to transfer it
If not, I will just let it lapse a year from now[/quote]

I’ve owned PeerMessage.org for a while and will be happy to turn it over to Emeth if/when he’s ready for it. I thought I had PeerMessage.com, but I guess I only tried to get it and ended up with the .org.