►
From YouTube: P2P, Privacy and UX at Berty - Manfred Touron
Description
This talk was given at IPFS Camp 2022 in Lisbon, Portugal.
A
So,
yes,
I
won't
talk
about
what
we
plan
to
do,
but
what
we
did
and
even
what
we
did
and
removed,
because
it
was
a
bad
idea.
So
we
started
working
on
Bertie
four
years
ago
and
we
actually
had
multiple
iterations,
but
always
privacy
was
one
of
the
of
the
foundation
of
what
we
plan
to
do
so
Bertie
is
about
is
a
Messenger
application
that
runs
on
mobile
phones.
That
doesn't
depend
on
a
central
consensus
on
the
blockchain,
but
also
no
internet.
We
don't.
A
We
want
to
embrace
local
first
approach
where
you
can
create
a
network
with
just
two
devices
isolated
from
the
internet,
and
yes,
privacy
for
us
has
always
been
a
goal
both
by
being
private
in
terms
of
encryption,
but
also
by
leaking
as
little
bit
of
that
as
possible.
A
So
yes,
we
started
four
years
ago
actually,
three
years
ago
for
the
first
apfs
camp,
we
we
won
the
most
OMG
features
with
the
Bluetooth,
slow
energy
driver
and
actually
we
keep
building
and
we
are
ipfs
Centric
bucket
by
ipfs,
technically
on
every
part
of
the
project
by
Design.
So
we
have
a
messenger
which
is
often
and
very
common
encrypted.
A
For
example,
we
try
to
have
something
that
look
standard
for
people
used
to
you
used
to
use
WhatsApp
or
in
user
applications,
so
an
onboarding
contract
list
Etc,
but
internally
many
things
are
very
different
when
you,
when
you
start
working
on
a
masonry-
and
you
say
you
work
on
a
missionary,
people
will
by
default,
have
a
lot
of
expectations
and
a
lot
of
habits.
That's
why
I
speak
about
peer-to-peer
privacy
and
ux,
for
instance,
we
have
a
reloading
part
that
is
actually
fake.
A
It
won't
do
anything,
but
people
want
to
think
that
it's
it
makes
something,
because
application
is
just
something
that
a
an
upload
stream
and
do
not
stream
that
receive
events.
And
actually,
when
you
do
reloading,
we
don't
have
anything
to
say:
hey
first,
the
peer-to-peer
to
work,
so
we
try
to
make
things
that
looks
like
good
in
terms
of
few
weeks,
even
if
that,
if
it's
no
sense
in
terms
of
technical
stuff,
so
additionally
to
trying
to
look
like
command
and
be
usable
by
anyone.
A
That
has
a
lot
of
habits
which
we
want
to
show
your
uniqueness.
So
by
default,
if
you
lose
your
network,
your
4G
connection,
we
will
add
a
message
inviting
you
to
enable
Bluetooth,
which
is
clearly
not
common
on
other
applications
by
default.
If
you
look
at
your
misunder
list,
your
your
contact
list,
you
will
see.
Oh
you
are
connected
right
now,
with
blele
with
Wi-Fi
over
4G
Etc.
A
We
can
add
some
details
and
some
visual
visual
icons
to
show
you
how
many
pairs
you
have
by
which
means
Etc.
So
actually,
we
want
to
show
uniqueness,
but
we
also
want
to
educate
people,
so
they
have
proved
that
they
are
using
peer-to-peer
and
not
relying
on
a
normal
HTTP,
Central
servers
and,
for
example,
the
challenge
when
you
want
to
be
good
at
peer-to-peer
privacy.
A
Any
weeks
here
we
have
the
as
a
visual
indicator
of
current
peer-to-peer
Network,
which
is
very
abstract
in
the
apfs
and
ep2p
ecosystem,
where
multiple
iterations
to
progressively
go
to
the
seven
and
final
version,
which
is
just
the
best
way.
We
have
to
show
how
much
you
have
a
good
Network
strength
that
does
not
depend
on
the
top
top
right
indicators
about
Wi-Fi
and
4G.
A
A
Ipfs
is
known
to
be
very
content
oriented
and
we
are
topic
oriented
because
we
are
not
just
delivering
websites,
but
we
are
actually
making
rooms
where
people
can
read
and
write.
So
we
don't
look
for
cids
ETC.
We
look
for
topics
and
that's
a
big
difference.
So
this
is
mostly
thanks
to
rbdb
one.
Other
thing
we
did
is
that
we
don't,
since
a
conversation
is
a
CID
is
immutable,
but
a
topic
is
mutable.
A
A
Another
thing
is
about
this
table
ASUS
mobile
on
desktop.
You
have
very
long
time
processes,
so
it
makes
sense
to
have
a
known
and
cachet
appear
for
other
people.
So
people
know
they
can
ask
you
many
things
on
mobile.
We
have
very
shorter
up
times.
The
IP
address
is
always
changing.
So
actually,
since
we
don't
care
that
much
about
the
peer
address
in
the
PID,
we
decided
for
privacy
reason
to
rotate
it
very
often,
so
we
can
rotate
the
peer
ID
and
be
looked
at
like
something
completely
new
for
each
other
devices.
A
Another
thing
is
about
Alias
Island
City.
We
wanted
to
make
privacy
for
conversation
where
you
don't
know
everyone
actually
with
ipfs
it's
common
to
try
to
list
all
the
peers
having
a
common
CID,
and
by
doing
this
you
can
easily
know
who
are
in
the
group.
We
wanted
to
make
something
harder
to
detect
with
analysis
identity,
so
by
default.
Everyone
is
not
using
a
non-identity
in
the
group
and
the
way
we
use
to
show
you
that
I
am
zero
known
contact
is
to
actually
send
you
a
proof
on
another
mean
by
default.
A
We
have
replication
nodes,
which
is
something
important
in
Mobile,
because
we
cannot
have
always
all
the
devices
connected
at
the
same
time,
but
our
goal
is
to
make
replication
not
able
to
help
in
terms
of
peer-to-peer
and
relays,
but
not
able
to
read
the
messages.
So,
basically,
you
know:
icls
can
be
limited
to
just
follow
a
topic,
a
thread
and
be
able
to
relay
because
it
will
get
the
cids
ETC,
but
won't
they
won't
have
the
key
to
decrypt
the
conversation
itself.
A
We
have
a
secret
uncheck
which
actually
is
completely
outside
of
the
ipfs
and
lip2p
ecosystem,
but
it's
a
way
to
add
an
additional
way
of
encrypting
messages
overall
P2P.
So
basically
we
want
to
make
a
way
to
add
a
contact
that
is
not
related
to
the
E2
is
current
tier
ID
and
we
want
to
make
the
uncheck
a
secret.
So
you,
you
won't
prove
that
you
are
you
and
you
won't,
and
the
requested
people
won't
prove.
A
Recently,
we
changed
something
because
the
word
privacy
comes
like
a
messenger
with
a
lot
of
expectations
and
we
decided
to
change
room
or
positioning
from
privacy
first
Messenger
to
extreme
communication,
because
in
one
way
you
are
waiting
for
a
WhatsApp
killer
and
there's
a
way.
You
are
waiting
for
some
things
that
will
work
in
external
conditions,
even
if
it
takes
more
time.
So
we
decided
to
keep
the
Privacy
during
pattern
in
the
earth
of
Bertie
without
giving
too
much
expectation
in
terms
of
experience.
A
And
yes,
this
is
about
the
ux
and
peer-to-peer.
You
are
building
applications
for
web
to
people
that
are
ripped
to
edits,
but
with
web
3
constraints.
So
it's
always
a
trade-off
between
privacy,
ux
performances,
Etc
and
I.
Think
you
will
also
need
to
to
find
the
trade-off
to
shoot
the
trade-off
and
to
sometimes
go
outside
of
your
of
an
extreme,
probably
for
a
good
reason.