Loki Messenger breaks new ground
Multi-device support is one of the most-requested features in modern messaging applications — people want to be able to chat seamlessly across all of their devices.
Decentralised chat applications have struggled to implement this crucial feature, leaving their user experience lagging behind messengers that use central servers.
The Loki Messenger team has been working on this problem for the last few months, and we’ve finally published our solution. Loki Messenger v1.5.0 puts multi-device into users’ hands for testing.
How we did it
Unlike many decentralised messengers, Loki Messenger is not a peer-to-peer messaging service. Instead, Loki Messenger uses a network of servers (Loki Service Nodes) to store and retrieve messages, which are operated by individuals and groups in the Loki community.
Because Loki Messenger is based on this unique decentralised architecture, it can do things that many traditional peer-to-peer messengers cannot, including storing messages offline and enabling multi-device syncing.
When a message is sent to a particular public key (Loki Messenger address), it is received by a ‘swarm’ (a group of 5–8 Service Nodes). The recipient’s Loki Messenger client polls its swarm to check for incoming messages. This polling typically occurs every 3 seconds, but exact intervals can vary depending on the device. If an incoming message is found, the client downloads it. If the receiving client is offline when the message is sent, it will receive the message when it next comes online and polls its swarm for messages. If the client remains offline for an extended period of time, the incoming message is deleted from the swarm (see Time to live below).
A record of active Service Nodes can be found here.
So, how does multi-device syncing work?
Before you can use multi-device, your two devices need to be paired. This process involves generating a ‘device mapping’ — a cryptographically signed piece of information which links your primary device’s public key to your secondary device’s public key.
This device mapping is uploaded to the Loki File Server, which acts as a file storage solution for Loki Messenger. By default, all Loki Messenger clients use the official Loki File Server (hosted by the Loki Project) to upload and store device mappings. However, users will be free to set up and host their own instances of the Loki File Server once multi-device moves out of testing.
When someone sends a friend request to your primary device’s public key, the Loki File Server also provides that person with the public key of your secondary device. This allows the friend request to be delivered to both devices. A similar mechanism is used in public chats, to confirm that messages signed by either the primary or secondary device are coming from the same user (as per the user’s device mapping).
When a message is sent to a multi-device-enabled recipient, the sender’s Loki Messenger client looks up the recipient’s device mapping on the Loki File Server. The sending client collects the recipient’s primary and secondary keys, then sends a message to both keys’ swarms.
If the sender also has multi-device enabled, they will send a copy of their outbound message to their other device too, ensuring their sent message logs are synced between devices.
The receiving process remains largely unchanged. To check for received messages, your client will ask a node in its swarm if it’s holding any messages for your public key. If you are on your secondary device, your client will ask the secondary device swarm. Since all messages destined for you are sent to both devices’ swarms, your messages are kept in sync across both devices.
Further questions and future work
While Loki Messenger’s current multi-device implementation offers a novel solution for cross-device syncing, there are a number of changes and refinements we intend to make as we continue to iterate on this new feature.
Although public key storage does not inherently create a privacy risk, we would still like to limit the amount of metadata which is publicly available, including the association between two public keys (i.e. a single user’s primary and secondary devices). There are several changes we aim to make to limit metadata availability, and to improve the overall Loki Messenger UX.
To eliminate the need for externally-stored device mappings, devices would pair with each other by sending a special control message to the other device. Once the control message is received and the secondary device has authenticated and accepted the request, the two devices would share their private keys. This ensures each device could act completely autonomously without the other device needing to be online. During this process, no device mapping would need to be stored on the Loki File Server or in the recipient’s swarm.
Receiving friend requests
To add a new friend, you would send a friend request to their primary device. Once the friend request has been confirmed by your friend, their Loki Messenger client would send you the public keys of both their primary and secondary devices.
Receiving friend requests under this future system would change slightly, because requests would always be received by the primary device. This means that both primary and secondary device would need to monitor the primary device’s swarm for friend requests. If either device detects an incoming request, they can download and accept it on behalf of the other. The device which accepts the request would then send the new friend the other device’s public key, as described above.
With multi-device implemented, public chats need to be able to ensure that messages from both primary and secondary devices appear to originate from the same person. Currently, every message sent to a public chat is signed by the sending device’s key, and receiving clients determine whether two seperate keys are related by checking the associated device mapping which is stored on the Loki File Server.
In future, the primary device’s private key will be given to the secondary device, so that messages from both devices are signed by the same key. This will prevent servers and recipients from having to check device mappings in order to validate that messages from two seperate keys are associated. Instead, servers and clients will simply see messages from someone’s primary and secondary devices as coming from the same person, with no further checks necessary.
Time to live
When a Loki Messenger client sends a message, it specifies the time to live (TTL) for that message. The TTL is the time that the message will be stored on the receiving Loki Service Node swarm before being deleted (this storage-and-deletion process occurs if the recipient is offline at the time of the message being sent).
The default TTL for messages is 24 hours. This means that if your secondary device is turned off (or otherwise offline) for more than 24 hours, its sent message history will become out of sync with the primary device.
To get around this, a user’s primary and secondary devices could re-sync using a Lokinet peer-to-peer connection when they are both online. This is something we will look to implement once Lokinet and Loki Messenger are working together successfully.
Multi-device support increases the overhead required to send individual messages. Currently, each public key can only have one secondary device associated with it. However, even with this limitation in place, sending a single message from a multi-device-enabled client can result in at least three messages being sent: one message to the recipient’s primary device, one message to the recipient’s secondary device, and one message to the sender’s secondary device.
This is not ideal because it increases the number of messages that need to be stored on Loki Service Node storage servers. It also creates additional metadata that could be used by malicious actors to identify links between devices.
A better solution would be to use the Lokinet peer-to-peer layer to sync messages between primary and secondary devices when both are online at the same time. If we combine the existing message sync method (used when one device is offline) with a peer-to-peer sync layer (used when both are online), most cases could be handled without needing to store all messages on the storage server.
The current multi-device system is only the first in a series of iterations. Over the coming months, significant work will be done on improving multi-device UX, as well as refining the message history sync process to further increase the privacy and usability of Loki Messenger.
Originally published at https://loki.network on November 26, 2019.