Home
Contribute Contact Us Browse all meetings
Home Contribute Contact Us Browse all meetings
IPFS / IPFS Camp 2022 / 2 Nov 2022
IPFS / IPFS Camp 2022 / 2 Nov 2022
Previous Meeting Next Meeting
Add meeting Rate page Subscribe
youtube image
From YouTube: P2P, Privacy and UX at Berty - Manfred Touron

Description

This talk was given at IPFS Camp 2022 in Lisbon, Portugal.

A

So, yes, uh I won't talk about what we plan to do, but what we did and even what we did and removed, because it was a bad idea. So we started working on Bertie four years ago and we actually had multiple iterations, but always privacy was one of the of the foundation of what we plan to do um so Bertie is about is a Messenger application that runs on mobile phones. That doesn't depend on a central consensus on the blockchain, but also no internet. We don't.

A

We want to embrace local first approach where you can create a network with just two devices isolated from the internet, um and yes, privacy for us has always been a goal uh both by being private in terms of encryption, but also by leaking as little bit of that as possible.

A

So yes, we started four years ago actually, three years ago for the first apfs camp, we we won the most OMG features with the Bluetooth, slow energy driver um and actually we keep building and we are ipfs Centric bucket by ipfs, technically on every part of the project by Design. So we have a messenger which is often and very common encrypted.

A

It's also appear to peer like many other messaging applications, especially during this event, but we have another constraint which is mobile, which has performance, constraints and ux constraints.

A

For example, we try to have something that look standard for people used to you used to use WhatsApp or in user applications, so an onboarding contract list Etc, but internally many things are very different when you, when you start working on a masonry- and you say you work on a missionary, people will by default, have a lot of expectations and a lot of habits. That's why I speak about peer-to-peer privacy and ux, for instance, we have a reloading part that is actually fake.

A

It won't do anything, but people want to think that it's it makes something, because application is just something that a an upload stream and do not stream that receive events. And actually, when you do reloading, we don't have anything to say: hey first, the peer-to-peer to work, so we try to make things that looks like good in terms of few weeks, even if that, if it's no sense in terms of technical stuff, um so additionally to trying to look like command and be usable by anyone.

A

That has a lot of habits which we want to show your uniqueness. So by default, if you lose your network, your 4G connection, we will add a message inviting you to enable Bluetooth, which is clearly not common on other applications by default. If you look at your misunder list, your your contact list, you will see. Oh you are connected right now, with blele with Wi-Fi over 4G Etc.

A

um We can add some details and some visual visual icons to show you how many pairs you have by which means Etc. So actually, we want to show uniqueness, but we also want to educate people, so they have proved that they are using peer-to-peer and not relying on a normal HTTP, Central servers and, for example, the challenge when you want to be good at peer-to-peer privacy.

A

Any weeks here we have the as a visual indicator of current peer-to-peer Network, which is very abstract in the apfs and ep2p ecosystem, where multiple iterations to progressively go to the seven and final version, which is uh just the best way. We have to show how much you have a good Network strength that does not depend on the top top right indicators about Wi-Fi and 4G.

A

We have. We have a dedicated strength that is completely unrelated to that that Matrix, so no focus on the technical parts of the parts that are not physical but that are inside the protocol itself.

A

um Ipfs is known to be very content oriented and we are topic oriented because we are not just delivering websites, but we are actually making rooms where people can read and write. So we don't look for cids ETC. We look for topics and that's a big difference. So this is mostly thanks to rbdb one. Other thing we did is that we don't, since a conversation is a CID is immutable, but a topic is mutable.

A

We can have things like privacy, oriented features like making the topic changing every hours, thanks to totp so like when you connect on Google with six digits. Actually the topics will change and as soon as you have the the tltp ash, you will know as any other devices where to look for.

A

um Another thing is about this table ASUS mobile on desktop. You have very long time processes, so it makes sense to have a known and cachet appear for other people. So people know they can ask you many things on mobile. We have very shorter up times. The IP address is always changing. So actually, since we don't care that much about the peer address in the PID, we decided for privacy reason to rotate it very often, so we can rotate the peer ID and be looked at like something completely new for each other devices.

A

Another thing is about Alias Island City. We wanted to make privacy for conversation where you don't know everyone actually with ipfs it's common to try to list all the peers having a common CID, and by doing this you can easily know who are in the group. We wanted to make something harder to detect with analysis identity, so by default. Everyone is not using a non-identity in the group and the way we use to show you that I am zero known contact is to actually send you a proof on another mean by default.

A

Everyone is alone, but I can prove that my temporary identity is a is a attached attached to your to to my known anonymity.

A

We have replication nodes, which is something important in Mobile, because we cannot have always all the devices connected at the same time, but our goal is to make replication not able to help in terms of peer-to-peer and relays, but not able to read the messages. So, basically, you know: icls can be limited to just follow a topic, a thread and be able to relay because it will get the cids ETC, but won't they won't have the key to decrypt the conversation itself.

A

We have a secret uncheck which actually is completely outside of the ipfs and lip2p ecosystem, but it's a way to add an additional way of encrypting messages uh overall P2P. So basically we want to make a way to add a contact that is not related to the E2 is current tier ID and we want to make the uncheck a secret. So you, you won't prove that you are you and you won't, and the requested people won't prove.

A

That is this person, except at the at the end of the process, which involves that you have proof that you are that person without giving the actual address.

A

um Recently, we changed something because the word privacy comes like a messenger with a lot of expectations and we decided to change room or positioning from privacy first Messenger to extreme communication, because in one way you are waiting for a WhatsApp killer and there's a way. You are waiting for some things that will work in external conditions, even if it takes more time. So we decided to keep the Privacy during pattern in the earth of Bertie without giving too much expectation in terms of experience.

A

um And yes, this is about the ux and peer-to-peer. You are building applications for web to people that are ripped to edits, but with web 3 constraints. So it's always a trade-off between privacy, ux performances, Etc and I. Think you will also need to to find the trade-off to shoot the trade-off and to sometimes go outside of your of an extreme, probably for a good reason.