Introducing: Steem Messenger (Beta)
I'm very excited and proud to introduce my newest project for the Steem-Ecosystem:
Steem Messenger (Beta)
Steem Messenger is the easiest way to communicate with other Steem users through the blockchain (on-chain) via transfers.
These messages (transfers) can be sent in plain text or in encrypted format (with your private memo-key).
The project is currently in beta, open-source and available for Windows, Mac & Linux on Github:
Releases: https://github.com/therealwolf42/steemmessenger/releases
Bug Reports: https://github.com/therealwolf42/steemmessenger/issues
Source Code: https://github.com/therealwolf42/steemmessenger
For Utopian: This also the initial release as previous development has been done on a private repository
Features
Customized chat design - based on the look and feel of Discord.
Messages (transfers) can be sent in plain text and encrypted format.
The needed keys (active & memo) can be imported directly into the messenger or derived from the password, which are then saved in an encrypted format (with an encryption password) locally on the computer.
Incoming Messages are automatically fetched every x minutes (default: 10 minutes - can be customized) and also decrypted (if messenger is unlocked - more about that below)
The Messenger has to be unlocked in order to send any messages / decrypt new messages and will automatically lock itself after a period. (default 60 minutes - can be customized)
Notifications for new messages (currently not working on Linux)
Multiple accounts supported
Steem users can be blacklisted to block transfer spammers - additionally, Smartsteem.com is providing a global-blacklist consisting of known spammers & scammers.
Settings can be configured dynamically
Notification when a new version is available
Important: Beta Version
Steem Messenger is currently in Beta. While careful development and testing has been done - bugs should be expected. @therealwolf or smartsteem.com cannot be held liable for unknown issues, loss of funds (SBD & STEEM) or mistakes made by the user.
Now, since we have the important message above out of the way - let me show you what you prob. all have been waiting for:
The Messenger live in action!
Live : Sending Messages
As seen in the gif above - messaging is only possible when the wallet is unlocked and an active key imported. Encryption is only possible when the account's memo key has been imported as well.
Getting Started
Adding your first account to the messenger is really easy and takes only a minute.
The keys can be either imported directly or derived from your password. An encryption password has to be entered as well to unlock the wallet & decrypt your keys.
Interface
There are multiple functions on the main interface:
1.) Unlock / Lock the Messenger
2.) Open Settings
3.) Get newest messages (if new are available)
4.) Start new conversation with enter or a click on the arrow
5.) Hide all current and future messages from that user by putting him/her on the blacklist
6.) Send a transfer
Multiple Accounts
You are able to add multiple accounts to the Messenger.
While only one can be selected at a time - the data is saved locally for all your accounts.
Nodes
You are able to choose your preferred RPC-Node.
I personally really like rpc.build.team.io but api.steemit.com is great as well. However, at the time of writing - api.steemit.com is causing small problems with the messenger - so I temporary disabled that option.
Blacklist
Users can be put on your individual blacklist.
I personally don't have any individual users on my blacklist, because all of those are already on smartsteem's global blacklist - so I just chose @samrg472 - who is of course no spammer!
Settings
These settings can be customized by you:
Use Smartsteem Blacklist
If you want to use the global blacklist consisting of spammers and scammers powered by Smartsteem.com
Default Encrypt Messages
If this setting is enabled - the encrypt checkbox is always checked by default.
Default Currency
Whether you want to use either SBD or STEEM as your preferred currency.
Update Interval
Every x minutes (10 by default) the messenger is checking for new messages. Minimum value is 1 minute.
Unlock Timeout
x minutes (60 by default) after unlocking of the messenger - it will be locked again and the decrypted keys will be reset.
Last Words
Honestly, I'm so excited to have finally finished the first version of the messenger.
I really hope that many of you will find it as useful as me.
And please keep in mind that it is still Beta - so bugs will arise. And if they do - let me know on Github through issues. (link is at the beginning of this post)
Also: I was able to work and focus nearly primarily on the messenger in the last few weeks due to the success of Smartsteem.com.
So I want to thank every vote-seller, delegator & vote-buyer / bidder for indirectly giving me the space & possibility to focus on a project - which has the primary goal of enhancing Steem and your experience with it!
Oh and if you believe that I bring value to Steem, then please vote for me as witness with a click on my signature below. (or with your favorite method).
Thank you!
While I applaud the development effort, I’m wondering why this is actually necessary.
You can currently send messages to anyone. You can encrypt those messages. You can receive and read those messages. They already require keys and a minimal 0.001 fee.
Why would anyone need to use this specific “Steem Messenger?” It has all of the same required functions as current wallet transfers...but does not improve the messaging system. It’s pretty much exactly the same, except you would now use another third-party app.
Am I missing something here?
Because it's a pain in the ... to use the Wallet transfers. The memo key isn't saved, because most users log in via their posting key and this results in encrypted messages not being automatically decrypted and encryption not working without a login with your memo-key.
And even if you login with your memo key to read those messages & encrypt - you still have to enter your active key afterwards.
So yes - I used the wallet in the past and it works, but it is simply too complicated, waste of time and insecure entering the keys so often.
Nevertheless, I appreciate your comment!
It’s really no more complicated or time consuming than logging into a third-party service and using it to send a message. And the security issue remains to be seen. I actually feel pretty secure not having my keys saved and only needing to use them when they’re necessary.
I use the existing wallet transfer functions all the time with no issues. Is this new service mainly for noobs? People who don’t know the simple features/functions of the current Steem wallet?
What do you mean with third-party-service?
You got to have them saved somewhere - otherwise how do you use them?
Your software is a "third-party service" (But so is Steemit, Busy and any other front-end, since the blockchain cannot be accessed without the use of such implementations).
I think that by this he meant easily accessible and always "active" (like when you use your browser's password manager to automatically input your password regardless of the user, and using cookies to keep the password wif logged in your session).
But with proper safety measures, this messenger would not be a security risk, I believe, and would instead make it much faster and safer to send and read transactions (especially if real-time notifs were enabled in the future).
The security aspects in general for the issue of typing versus storing, it can be secure enough considering the developer did use the appropriate encryption apis, selected the correct ciphers and use a sensitive / aggressive interation count on a key derivation function (KDF).
This proctects against phshing, if correctly implemented.
Also notice I'm not vetting this project, just expressing that is more or less the same about the cryptographycally-soundness, but on the phishing part, a definitive more secure apprach.
I'm on the final rounds of a new wallet development, and I'll publish a doc on how I've secure the keys, using a 6 digit pin code which is resistent to phishing, rainbow tables and other aspects.
The security of the secret-key exchange used by steem is another debate.
I honestly believe on a off-chain approach for the encrypted messages to live. storing numerous and numerous encrypted messages, potentially with the same content possible opens some window to crypto-analysis, but, the end result is not catastrophic, the worse case scenario, a given individual would be able to read encrypted messages.
Glad to extend this conversation further when possible.
Congrats @therealwolf on the project!
Hello @hernandev ! Maybe you'll want to check out the REAL Steem Messenger project, which is actually off chain based : https://steemit.com/utopian-io/@kingswisdom/steem-messenger-v0-0-3-private-beta-session-image-encryption-and-many-more
We work with a unique security protocol that i'll be unveiling this weekend ! Stay tuned for more infos on this !
Upvoted for visibility - it's bullshit when people steal names. I have no doubt the product is cool and well built...but for fucks sake be original people. Besides, I think off-chain solutions are better for this. Why force the chain to work this hard?
Well both these apps are pretty close together and Beta. Not like one has been out for 12 months haha
I think is a great idea
Hello @ats-david ! I agree with you, this application is just a better graphical UI to the steem wallet. We still need to give our active key in order to just send messages, which puts our account at risk.
In addition, this is not the real Steem Messenger. Here is the REAL Steem Messenger project : https://steemit.com/utopian-io/@kingswisdom/steem-messenger-v0-0-3-private-beta-session-image-encryption-and-many-more
It is off chain, does not require your active permission, nor to access to your funds, it is scalable at ease, and truly unique by design.
I will unveil the security protocol used in Steem Messenger (the real one) this weekend. Stay tuned for more info on this.
Not to mention private messages were already introduced around the start of Steemit. The name of this invention is called steemit.chat.
I faced that problem sometimes too. You don't know who is authentic and who is not. Anyone can use any name on steemit.chat.
My name on Chat is the same as heerre. Plus, you can verify me on Keybase as well.
The goal never was to replace steem.chat. Rather to give an easy way to initiate contact and send messages via the blockchain and if needed afterwards - switching to other plattforms (steem.chat, discord) is always possible.
It's always good to have an alternate platform to steemit chat. As it has been down a lot of times in the last year.
And a lot of users are not on discord.
I was waiting for some service like yours for a long time. If this one works properly, I will not use discord and chat anymore!
how about the delays between sending a paid memo?
Steem creates a new block every 3 seconds
How can I encrypt my Memo? I couldn't figure out it yet.
This seems really interesting. Looking forward to seeing how it develops, will certainly give it a test.
Looking forward to seeing how my comment develops? How will you test it?
It's so that you can use a dedicated application that isn't cluttered with the rest of the functionality. I like my chat applications dedicated to preserve my sanity.
Three things would make this a killer app for me:
1.) No problem.
2.) Alert? Do you mean Notifications like this?
Or do you actually mean a mobile alert? And how? SMS?
3.) No problem. But also similar question as above regarding mobile alert.
Oh, I didn't realize this was a desktop app, I figured it was a web app, I didn't read the full post. If it were a web app you could request permission from the browser to create alerts. You could also have a wrapper app on Android that could do alerts. However as a desktop app I'm not sure it could serve this purpose.
The App is written with electron-js (chromium). So alerts are available. But I think what you mean are desktop notifications.
I can implemented something like this: https://github.com/mikaelbr/node-notifier
(Of course without the input - but you get what I mean)
I meant browser/mobile alerts, the kinds you get with Telegram. Desktop alerts work too.
Not sure if folks want to pay 1 Steem for every 1000 messages sent
There's also SBD. It wouldn't be a chat messenger, it would be an attention request service.
So basically I have to pay 1 SBD to spam 1000 people, I'm sure that very useful to the mass Steemians who don't run services
I'm working on a FCM version for my wallet app, that may useful for your app too.
Hey @therealwolf
We're already looking forward to your next contribution!
Decentralised Rewards
Share your expertise and knowledge by rating contributions made by others on Utopian.io to help us reward the best contributions together.
Utopian Witness!
Vote for Utopian Witness! We are made of developers, system administrators, entrepreneurs, artists, content creators, thinkers. We embrace every nationality, mindset and belief.
Want to chat? Join us on Discord https://discord.me/utopian-io
@utopian-io right away
Yes, just figured out... Thank you @dj123 😎
lol why?
oh yeah welcome to Steemit @christabelle .... and come join us in @comedyopenmic / #comedyopenmic
Right away @dj123 thank you
Here is our discord server:
https://discord.gg/rddw2Ny
come join us there!
UTOPIAN is pretty cool
amazing work! just make sure messages are ALWAYS encrypted or then chat becomes public.. forever..
Messenger on top of the blockchain is the real game changer here. I found it absurb at first glance but after reading your response in the comment, I finally the get the real value here. Well, job well done @therealwolf congrats for making this. More option = More chances of winning🤩
One big problem I see with this, how does this affect the steem infrastructure?
As I can see it at the moment, steem has already a huge problem with the existing load. Doesn't that put even more load on it? I mean, let's consider mass adoption of this, this could simply double the load of the blockchain, and we already know that distributed ledgers which rely on bft never scale well.
You're right that mass adoption of the messenger could increase the load. But my understanding is that @ned wants to have mass adoption for Steem.
And in that case: changes to improve scalability have to be made anyway.
Of course, they want mass adoption, but since full-nodes are barely taking it at the moment already, this means they're nowhere close to that goal yet. Additionally, every scalability has a limit, and a chat service like that, considering mass adoption, could simply have 10 times the load of the blockchain itself.
Which means, with growing adoption it would have to scale 10 times better with this chat than they'd have to without.
We're using but a small percentage of the whole potential that this has. I read that we're using around 3% of the max load at the moment. The problem we've been having with bandwidth recently is due to people spamming the blockchain, but I think that it's been solved with a node update by most major witnesses.
Besides, the more people that join the blockchain, the higher the requirements will be for witnesses. They will have to adapt and the blockchain's capacity will increase correspondingly to the increase in users and activity.
I'm not talking about the blockchain itself, while that's not a problem now, this will definitely be one in the future, especially with chats like that spamming the blockchain. The problems I'm talking about are the full-nodes which are already at the tipping point of them not being able to catch up anymore (At the moment they're barely coming along with 500GB RAM). While the blockchain is an important part to be scalable, there are a lot of other components involved as well.
Damn, I didn't know that the nodes were in such a saddened state. Will the Witnesses be able to handle them if they put more RAM? Would it be affordable?
The Problem is not about the witness nodes, the problems are the full nodes.
The Steem devs have pointed out in their last post that they're working on something to improve the situation. But I guess a lot of things will need a rewrite until this system starts scaling better.
Hello @raycoms, maybe you should have a look to the REAL Steem Messenger : https://steemit.com/utopian-io/@kingswisdom/steem-messenger-v0-0-3-private-beta-session-image-encryption-and-many-more
Everything in Steem Messenger happens out of the blockchain, in a permissionned database. More on our security protocol this weekend.
WOW, great project! upvoted! Thanks for the hard work.
@therealwolf as a developer and witness you are doing amazing works for steemians your bot and your apps are good and user friendly
Wouldn’t it be better to select the other user’s public memo key for encrypting messages to that user? If that’s the case, I see users having to change their public memo key often ... still not a bad idea !!
@robertgenito
Messages are encrypted (encoded) with your private memo key and the public memo-key of the recipient.
Messages can only be decrypted (decoded) with either your private memo-key or the private memo-key of the recipient.
Hmmmm, not like PGP where you can't decrypt it unless you have the recipient's private key. I'll have to research the difference in these encryption algorithms.
Search for Diffie-Hellman key exchange.
Where do we find the private Memo key? There is no option to reveal it in the Steemit wallet.
You can only derive your memo-key from your password.
Do you know of a steemit page that describes each different password and its significance with the Steem protocol? (I’m sure the white paper has this in great detail...)
Oooh thank you for clearing this up...makes sense.
Ignoring all the negative reviews about this, I completely support this work. I think it will be a good messenger. Once I ended up transferring to steemmarket instead of smartmarket and ended up in a loss. That day I was thinking a feature like this will be useful. Today you have made it possible.
And I don't think you will have to follow anyone to make a transfer to them. So as you mentioned it is pain in the .... Well a good feature. And this can also at a later point in time become a good messenger app becoming a competitor for other normal chatting messengers. Who knows. Necessity induces inventions. Great work @therealwolf.