Hey all,
I’m getting close to being finished with my first project off the peercoin blockchain. This project is just a stepping stone towards my larger project (which is still under wraps) that requires a decentralized message app to already be in place.
Below, I wanted to explain the protocol and direction this project is heading in to get any feedback/criticisms/input from the community.
–PeerMessage–
PeerMessage is a messaging app that resides on top of the Peercoin blockchain, without bloating it.
Installation / Setup
- Download the app / source code, run it.
- Follow the installation wizard
- select your peercoin address to use
- install GPG Suite
- generate public/private keys
- publish your public key on the blockchain (acts just like sending a message, see below for details)
- A local sqlite database is automatically created to store the results of a parsed blockchain.
Sending a message:
- User creates text message in app on their machine
- User selects who they want the message to go to, either a specific person or “broadcast”.
- If specific person selected, that person’s public key is pulled and used to encrypt the message.
- The user’s peercoin address is now used to sign the message and append a signature to it.
- A key is created by hashing the message + meta data + timestamp.
- A transaction is made on the peercoin network, using the (as yet unmerged) OP_RETURN to store that key in the blockchain, prefixed with a few characters identifying this app. This costs the user the transaction fee (0.01 PPC).
- The key is then used to store the message in the remote datastore (more on that later)
Scanning the blockchain
- For every new block created, this app scans all transactions in that block looking for OP_RETURN with the proper prefix designating our app (using json-rpc, assumes peercoin client running in addition to this app).
- When a valid transaction is found, pull the key from it, and use the key to pull the data from the external data store.
- Process the external data, which could be a public key announcement, a private message, or a broadcast.
- Verify it’s signature.
- If it’s a public key, store it in the sqlite database attached to the peercoin address that sent it.
- If it’s a broadcast, store it in the sqlite database if user is subscribing to that peercoin address.
- If it’s a private message, attempt to decrypt it. If successful, store it in sqlite database as a new message for you.
Datastore
- Two datastores will be used
- Cloud storage (will be in first iteration)
- This stores the data on top of four cloud services for redundancy.
- Tinyurl.com (url shortener)
- is.gd (url shortener)
- imgur (image storage)
- pastebin (text storage)
- Each one of these stores has a key (e.g. tinyurl.com/) which points to the payload (http://someurl.com/?)
- Read more about this strategy here: http://softwareas.com/the-url-shortener-as-a-cloud-database/
- This stores the data on top of four cloud services for redundancy.
- Distributed storage (second iteration)
- This will either utilize whatever Sunny comes up with for Sidechains, or…
- The BitTorrent network, similiar to this: https://github.com/HelloZeroNet/ZeroNet
- Cloud storage (will be in first iteration)
Spam
- It costs the standard transaction fee (0.01 ppc) for any action (publishing a public key, sending a message, sending a broadcast).
- A user will be able to blacklist anyone who sends them a message, causing all future messages from that person to be hidden (without notifying that person).
- Additionally, the cloud storage services generally have a 10 submittals per ip address per hour limit. This will be reduced as a problem when the distributed storage solution is rolled out - but in the short-run, helps curtail spam.
Some additional details
- The app is written in Python, with an embedded webserver that runs locally. This allows me to build the frontend in modern web languages, using bootstrap as the base - and also allows anyone with web experience the ability to modify it.
- The app interacts with the wallet using json-rpc, and thus requires the wallet to be running and the user to be a full node. This positively impacts the network.
- The app does NOT bloat the blockchain or memory. The OP_RETURN script marks the transaction as invalid, meaning it won’t be stored in memory. It also is extremely small, since it’s only storing a key (essentially a hash of the message), and not the contents of the messages themselves.
- The app is NOT trying to achieve perfect anonymity with it’s messaging protocol. You have one identity per public key, and one public key per peercoin address. Anyone can see the encrypted form of your message. Only the person you sent the message to knows what the message contains and who it was sent to.
Let me know any thoughts you have! I won’t be releasing this until OP_RETURN gets merged from Bitcoin 0.9 to Peercoin, but will continue pushing on this and the larger project until then.