security
Chainify: a solution for secure messaging
Chainify developed a decentralized messaging service, Nolik (from "no leak"), in which messages are delivered and indefinitely stored in an integral way.

Leakages in various communication tools, such as messengers or email clients have been quite common, and the issue of releasing communication or stored data to law enforcers remain acute.

Chainify, a team focused on building blockchain-based applications, has offered its own solution, a decentralized messaging protocol Nolik.

«Numerous services, such as Telegram, Threema, Signal, SecureDrop, ProtonMail and others, say: 'We don’t read your messages, and you have to trust us on that',» says Amir Boziev, Chainify’s founder. «True, these are respected companies that don’t sell user data. Still, I’m bothered by the very fact that you have to agree to trust those services to use them.»

Built on the Waves blockchain with CDM Protocol, Nolik is open-source. Communication is executed by sending encrypted messages attached to transactions. Each message is encrypted with the recipient’s public key and is decrypted with Waves Keeper.

Nolik works as a web-browser plug-in or mobile app that allows customers to communicate with an enterprise. Possible use cases are client onboarding and commercial service, customer support by a third party, such as logistics or insurance company accessing customer data in connection with an enterprise’s services to provide ancillary services or products.

An outgoing message is saved in IPFS, and its hash is saved in a special transaction on the blockchain. Each message is encrypted with the use of the recipient’s public key and is decrypted with Waves Keeper.

Unlike most popular messaging services, the protocol is totally decentralized, ruling out access by unauthorized parties.

Nolik’s main features are:

  • delivering messages with 100% guarantee as no central server is involved
  • end-to-end encryption without a central server
  • secure and indefinite storage messages for free
  • anyone can verify that a message dispatched by a specific user was actually delivered
  • access to messages only for sender and recipient
  • access to messaging through an unlimited number of interfaces or clients from various vendors
  • sending files of unlimited size (this feature is coming soon).

«We’ve managed to achieve that by combining the best of blockchain and IPFS technologies,» Boziev explains. «For encrypting messages, we use public keys of sender and recipient and generate a shared secret. Those messages are decrypted in each participant’s client. Encrypted messages are stored in an IPFS network, which allows anyone to access them.»

The sender and recipient are initially blockchain accounts, and interaction between them is made by sending a transaction from, say, Alice to Bob. A sent transaction is accompanied by a hash of the file stored in IPFS.

text

Nolik already has the first institutional user, the psychological help service Your Territory. «All social media business models are built on the idea that user data is collected and processed,» explains Boziev. «Theoretically, it could be later sold at the secondary market. So, using unprotected messengers, help services run risks, which should be totally ruled out. No one who is, say 25 or 30, wants anyone to know about teenage issues they had in the past.» By using Nolik, Your Territory offers its user a messaging service they don’t need to trust. The messenger’s operation is totally transparent, and anyone can make sure that messages are properly encrypted and cannot be read by any unauthorized party. In addition, the use of blockchain makes the service’s entire operations utterly transparent, enabling benefactors or regulators to see the total number of addresses, replies and event the amount on time spent on each address. Currently, the team is working on Nolik’s updated version. It will offer an improved design and an opportunity to work without Waves Keeper. Other features include contacts management, group chats, a focus mode facilitating chatting without distraction, easy sharing of a user’s public link and an explorer with cryptographic proofs. The messenger is available here. An installation and use manual for Nolik messenger is available here. The source code can be viewed on GitHub.