2 ‐ Architecture - davisssamuel/notis GitHub Wiki
1 - Product Description
This document provides an in-depth exploration of Notis, a decentralized private messenger designed to offer users quick and easy communication. Notis features an intuitive interface with easy navigation between screens, including a contact list, app settings, chat history, and more
Secure Messaging
Notis allows users to send messages to friends effortllessly. It supports quickly sending and recieving messages, ensuring a rich communication experience. The encryptiopn scheme used is one that ensures no information is leaked whatsoever. For more information on encryption, see section 7 for more details
User-Friendly Interface
Notis offers seamless transitions between various sections, providing a simple interface. Users can effortlessly access their contact list, adjust app settings, and view chat history easily.
Decentralized Architecture
Nostr follows a decentralized architecture that prioritizes user privacy. The application does not request any personal information from users during registration, such as phone numbers, email addresses, or even names. Instead, users have the freedom to share this information after signing up, preserving their anonymity and privacy. Nostr's commitment to user privacy aligns with the principles of decentralization, ensuring that personal data remains in the hands of the user. Additionally, since Nostr as a protocol is built on the idea of a mesh network of servers storing and routing information, the way Notis handles message sending and storing is decentralized.
2 - Overview
For baseline product design assumptions, see the documents listed in Section 9
2.1 - Purpose
Notis is dedicated to offering its users a robust and user-friendly platform for connecting with friends, family, and colleagues, all while preserving the utmost privacy and data security. Our mission is to empower individuals with a seamless means of communication without the inherent concerns of divulging personal information.
At its core, Notis is designed to provide an uncomplicated yet potent communication tool. Users can effortlessly engage in conversations, share updates, and exchange information with their trusted contacts. Whether it's coordinating with colleagues on a project, catching up with friends, or staying connected with family, Notis serves as a versatile and dependable communication solution.
What sets Notis apart is its unwavering commitment to user privacy. We understand that in today's digital age, safeguarding personal information is paramount. That's why Notis adopts a privacy-centric approach from the ground up. We do not require users to share sensitive personal data such as phone numbers, email addresses, or even names upon registration. Instead, we believe in granting users complete control over their personal information.
With Notis, your identity remains anonymous until you choose otherwise. This means you have the freedom to share as much or as little personal information as you're comfortable with, without any pressure. Your privacy is respected, and your data is secure. We employ cutting-edge encryption protocols to ensure the confidentiality and integrity of your messages and shared content. For more information on the encryption scheme, see section 7.
Notis isn't just about privacy; it's about making communication effortless. Our platform boasts an intuitive and user-friendly interface, ensuring that you can effortlessly navigate between your conversations, contacts, and settings. Whether you're using Notis on your mobile device or desktop, you'll find that connecting with your network is a seamless experience.
In conclusion, Notis is more than just a messaging platform; it's a commitment to providing a secure, user-centric communication solution. With Notis, you can connect with the people who matter most, knowing that your privacy is upheld, and your data is in safe hands. Join us in experiencing a new era of communication where you're in control of your information and your connections.
2.2 - Scope
This document offers a detailed examination of the software components within Notis, providing specific insights into implementation choices. It explores the rationale behind development techniques, adherence to code standards, and critical security considerations. It emphasizes how each component has been thoughtfully crafted to align with the app's core principles of security, privacy, and user-centric communication.
Our unwavering commitment to building a robust, efficient, and secure platform drives every aspect of our software design. This document underscores our dedication to delivering a seamless and trustworthy communication experience for our users.
2.3 - Concepts
Nostr
The idea of decentrilization is core to notis. Notis takes advantage of a new and cutting-edge internet communication protocol called nostr. Fundimentally, nostr allows for internet communication between users without the worry of the effects of media centralization, data collection, and and security breaches. Nostr can be described by the following criteria:
Simple
The protocol is based on very simple & flexible event objects (which are passed around as plain JSON) and uses standard elliptic-curve cryptography for keys and signing. The only supported transport is websockets connections from clients to relays. This makes it easy to write clients and relays and promotes software diversity. The following is an example of what
event.jsonmignt look like:{ "id": "b9fead6eef87d8400cbc1a5621600b360438affb9760a6a043cc0bddea21dab6", "kind": 1, "pubkey": "82341f882b6eabcd2ba7f1ef90aad961cf074af15b9ef44a09f9d2a8fbfbe6a2", "created_at": 1676161639, "content": "this is going to work", "tags": [], "sig": "76d19889a803236165a290fa8f3cf5365af8977ee1e002afcfd37063d1355fc755d0293d27ba0ec1c2468acfaf95b7e950e57df275bb32d7a4a3136f8862d2b7" }Resilient
Because Nostr doesn't rely on a small number of trusted servers for moving or storing data, it's very resilient. The protocol assumes that relays will disappear and allows users to connect and publish to an arbitrary number of relays that they can change over time.
Verifiable
Because Nostr accounts are based on public-key cryptography it's easy to verify messages were really sent by the user in question. Like HTTP or TCP-IP, Nostr is a protocol; an open standard upon which anyone can build. Nostr is not an app or service that you sign up for
Note the above snippet was taken from nostr.com
This decentralization is only possible through what are known as relays, which forward, store, and process the notes that are sent by users all around the world. Anyone can set up a relay. No one company owns all relays. This diversity in support for nostr is the underbelly of its ability to remain decentralized.
Notis will make use of nostr in a number of unique ways. Not only will we allow users to set up account with the click of a button (which generates a public/private key pair), but all features will be available with no restrictions.
Webserver with React Native and nginx
React Native is a popular library for building user interfaces on web and on mobile devices. In the context of Notis, React Native is used to create the frontend of the application. It allows for the development of interactive and responsive user interfaces that enhance the user experience. Detailed information on React Native setup and development practices can be found in the subsequent sections.
Nginx is a high-performance web server that plays a critical role in serving web content efficiently and securely. For Notis, Nginx is used as a reverse proxy server to handle incoming HTTP requests and route them to the appropriate backend services. Nginx also enables features like load balancing and SSL termination for enhanced security and performance. More comprehensive guidance on Nginx setup and configuration will be provided later in this document.
2.4 - Requirements
Notis prides itself on delivering a messaging platform where users can access its full functionality without the need to share any personal information. This commitment to privacy ensures that users' personal data is never at risk of being collected, sold, or misused.
User Privacy
We understand the importance of safeguarding user privacy. That's why we've designed Notis to operate without the need for users to disclose personal details such as phone numbers, email addresses, or even their names. Users have complete control over what information they choose to share, preserving their anonymity and giving them peace of mind.
Secure Communication
Notis ensures that messages are swiftly and reliably delivered to their intended recipients. Our platform employs robust encryption and direct communication channels, eliminating the risk of intermediaries or middlemen causing disruptions or compromising the security of your data. You can trust that your messages, files, and payments will reach their destination without interference.
Consistent Performance
No matter the situation or circumstances, Notis is engineered for smooth and reliable performance. Our platform is designed to operate seamlessly, ensuring that you can communicate with your contacts without interruption. Whether you're sending messages, sharing files, or making payments, you can rely on Notis to deliver a consistent and dependable user experience.
2.5 - Non-Goals
While developing Notis, it's essential to define what we consider non-goals for our application. These are features or functionalities that, while valuable in some contexts, are intentionally excluded from Notis to maintain its core focus as a simple yet efficient private messenger.
Additional Features Beyond Messaging
Notis is designed with a clear purpose: secure and private messaging. As such, we do not intend to include a wide variety of additional features that can make the app more complex and less streamlined. Features like a multitude of app themes, chat games, voice and video calls, and pinned messages, while valuable in some messenger apps, are considered non-goals for Notis. Our aim is to offer a straightforward messaging experience.
Overly Complex User Interface
We understand the importance of an intuitive and easy-to-navigate interface. However, our goal is simplicity. We do not plan to clutter the user interface with unnecessary elements or options that may overwhelm users. Instead, we prioritize a clean and user-friendly design that aligns with our core mission of enabling secure communication.
Data Collection and Profiling
Notis is committed to user privacy, and this includes not engaging in data collection or profiling. We do not intend to gather user data for advertising or analytical purposes. Our focus is solely on providing a private messaging platform without compromising user privacy.
Integration with External Services
To maintain a simple and private messaging experience, we do not plan to integrate extensively with external services or platforms beyond the simple APIs used for visual enhancements. While some integrations can enhance functionality, they can also introduce complexities and potential security risks. Notis will primarily focus on in-app features rather than third-party integrations.
Extensive Customization
While customization is valuable, we do not intend to offer extensive customization options that might divert our focus from providing a straightforward messenger. Users can expect a degree of personalization but not an overwhelming array of customization choices that could lead to a cluttered experience.
2.6 - Outstanding Issues
React Native to React Native Web
FIXME
Cryptio.js on Mobile
React native on Android and iOS does not support the critical javascript library Crypto.js. Our app hinges on this library working. We were unable (after many in-depth attempts) to integrate the Crypto.js library into react-native mobile. We had to resort to using a web rendering of our mobile app in order for Crypto.js to function properly. See our wiki for more information.
Support for NIP-44
NIP-44 v2, which is nostr's new and improved encryption scheme, has not yet been widely adopted by other nostr clients. We decided to remain only on our provate relay for the time being, since sending NIP-44 encrypted events to public relays would mean other clients may error out when they are unable to decrypt the messages. See our wiki for more information.
2.7 - Alternative Designs
The purpose of a private messenger is to provide users with a simple and easy way to contact friends, family, and colleagues. Before landing on the design choices that we made, a number of alternative projects were considered.
Community-Based social media
Developing a BAND clone with the Nostr protocol aims to furnish our app users with a community-oriented social media platform, enabling them to share community announcements, engage in discussions, and exchange ideas related to local matters.
Reasons not chosen
We decided not to pursue the project of creating a BAND clone with the Nostr protocol for several compelling reasons. Firstly, BAND, as an established platform, is already highly proficient at fulfilling its intended purpose. Its success and efficiency in serving its users made us question the necessity and motivation for replicating a similar service within our app. We felt that users might not see a significant value proposition in duplicating a service that was already functioning well through BAND.
Anonymous Proximity-based social media
This proximity-based social media app mobile app would enable users to post anonymous, time-limited messages within a defined geographical area. This app should facilitate interaction by allowing users to express approval or disapproval, leave comments, and engage in private messaging with other users.
Reasons not Chosen
We decided not to pursue the idea of developing a mobile app that enables users to post anonymous, time-limited messages within a defined geographical area for several reasons, with the primary concern being the implementation of location services. Nostr, as a platform, is designed with a specific purpose in mind - to facilitate open and anonymous communication on various topics without the constraints of geographical boundaries. Implementing location services would have compromised this fundamental purpose.
3 - Use Cases
User Registration and Authentication
Notis users begin their journey by registering and authenticating themselves. This process involves providing a private key. Users can paste a key they already have saved, or generate one at login. Upon successful registration, users can access the app's features. Users are consistently reminded not to share their private key. Sharing it or losing it will compromise their account, just like sharing a password would.
Sending Messages
Registered users can initiate text conversations with their contacts. They select a contact from their list, compose a message, and send it. Messages are then delivered to the chosen contact.
Managing Contact Lists
Efficient contact list management is a key feature of Notis. Users can easily add new contacts or remove current ones. Additionally, users can view contact details for each contact and edit them straight from the contacts list. Contacts can also be blocked and unblocked with ease.
Profile Customization
Notis provides a number of profile customization options in order to change how your appear to your friends. Users can change their name, picture, banner, and biography.
QR Code Key Sharing
Users can easily add friends in-person by using the QR code key sharing feature. Visiting profile options will display a QR code for friends to scan, which will provide them a copy of your public key for easy profile sharing.
4 - System Architecture
As previously explained, notis makes use of nostr, which is a new and open source internet communication protocol designed for decentralizing social media-type communication.
4.1 - Webserver
In the context of Notis, our web server is a critical component that ensures the application's availability and accessibility. We have established a specific configuration and setup to achieve this, balancing development and production needs.
Web Server Configuration
Our web server operates as a daemon process on an Ubuntu 22.4 machine. This configuration allows the server to run continuously, ensuring that Notis is accessible to users at all times. The use of a daemon process provides the necessary resilience and stability for our application.
Development Environment
In the development environment, we have implemented a specific setup to facilitate testing and debugging while optimizing network traffic. Notis runs as a proxy server on Cedarville University's network. This proxy server acts as an intermediary that routes all incoming traffic from LAN (Local Area Network) devices to the React Native server, which runs on localhost:19006.
Proxy Server Service: Nginx
To efficiently manage the proxy server functionality, we utilize Nginx, a powerful and widely-used web server software, which also serves as a reverse proxy server. Nginx runs as a daemon process on our Ubuntu machine. This setup enables us to handle and route incoming requests effectively.
Benefits of Using Nginx:
- Reverse Proxy: Nginx acts as a reverse proxy server, forwarding incoming requests to the appropriate destination, in this case, the React server running on
localhost:3000. - Load Balancing: Nginx provides load balancing capabilities, which can be essential for distributing traffic evenly in production scenarios with multiple server instances.
- Security: Nginx offers security features such as SSL/TLS termination, DDoS mitigation, and access control, enhancing the overall security of the application.
Additional Information
For a more detailed guide on how to set up and configure the proxy server using Nginx, please refer to our documentation found here. This resource offers step-by-step instructions and additional insights into the proxy server setup, ensuring that you have a clear understanding of how this component contributes to the overall functionality of Notis.
4.2 - Private Relay
In addition to our web server setup, we created a private relay to facilitate the development and testing of various features required by our application. This relay ensures that the functionality of Notis is well-supported during development, and we have the flexibility to continue using it even after the project's completion or opt for other relays that meet our specific requirements.
Relay Implementation
Our relay is powered by a new set of software packages known as Umbrel. Umbrel is easy to set up, and enabled us to easily install customizable relay software.
Access and Availability
The relay runs on localhost:4848 within the Ubuntu 22.4 machine. It is configured to be accessible only from the machine itself, ensuring that it remains isolated and secure during development. This setup facilitates comprehensive testing and feature validation within a controlled environment.
Development Usage
During the development phase, we do not intend to attach the relay to a proxy server. This decision is intentional, as it allows us to focus on development and testing without the complexities introduced by proxying. This setup provides a straightforward and efficient way to validate and iterate on features.
Further Information
For detailed instructions and additional insights into the relay implementation, you can refer to our documentation found here. This resource provides comprehensive guidance on setting up and configuring the relay, ensuring that you have a clear understanding of its role in supporting Notis features.
In summary, our relay configuration, based on the popular Rust script running within a Docker container, is a vital component of our development and testing infrastructure. It provides the necessary support to validate and fine-tune features while maintaining security and isolation in the development environment. As we progress, we may evaluate the need to continue using this relay or explore alternative relays that align with our feature requirements.
4.3 - React Native
Notis was developed using the react native framework in addition to bun— an innovative and high-performing variant of Node.js that provides identical packages, test scripts, and modules used by the Node.js environment. Our adoption of bun fortified the developmental efficiency of Notis.
FIXME
5 - APIs
We have not created any additional APIs in our app. We remained committed to developing a streamlined and simple user experience, which involved avoiding having to develop additional APIs. However, we did make use of a couple external APIs in order to enhance the user experience.
QR Code Generation
To generate QR codes for easy profile sharing, we make use of an api found at api.qrserver.com. This allows us to specify the data and the size of the QR code easily. For more details, see our wiki.
Random Profile Picture Generation
To generate random profile pictures for users without a profile picture added, we used an api found at api.dicebar.com This allows us to specify the seed for the random image. We used the user's public key as this seed, so the "random" image is consistent across all devices. For more information, see our wiki
6 - User Interface Design
The user interface (UI) design of Notis has been thoughtfully developed to deliver an intuitive and visually pleasing experience. Notis offers both a light mode and dark mode to accommodate user preferences and varying lighting conditions. These modes ensure a comfortable and customized user experience.
Light Mode presents a clean and bright interface with a white background and dark text. It's particularly well-suited for well-lit environments, providing excellent readability and a fresh appearance. Conversely, Dark Mode is optimized for low-light conditions, featuring a dark background with light text and accents. This mode reduces eye strain and is ideal for nighttime or dimly lit settings. Users can easily switch between these modes through the app's settings.
Home Screen
At the core of the app, the home screen offers an overview of recent conversations and chats. Users can swiftly access ongoing conversations, identify unread messages, and view new chats with ease. Each chat is rendered using a react native FlatList, which is updated as new chats are created and deleted.
Messaging Screen
The messaging screen is designed for seamless messaging interactions. It displays text messages within a conversation thread, allowing users to send messages and express themselves with emojis easily. Each message is rendered using a react native FlatList, which is updated as new messages are received and sent.
Contact List
The contact list page simplifies contact management. It exhibits a list of contacts with profile pictures and status indicators, offering the ability to search for contacts, add new ones, and organize them into groups. Each contact is rendered using a react native FlatList, which is updated as new contact are created and deleted.
Settings Page
Users can manage their personal information and settings through the profile page. They can edit their profile picture, banner, name, and biography . IT also provides buttons to copy public and private keys. Users are again reminded not to share their private key with anyone.
In summary, Notis maintains a consistent and user-friendly design approach across all its pages, incorporating intuitive icons, cohesive color schemes, and responsive layouts to deliver a seamless user experience. The availability of light and dark modes ensures users can tailor their experience to their preferences and surroundings.
7 - Technical Design
The user interface (UI) design of the "Notis" app is centered on providing a seamless and user-friendly experience to its users, facilitating their engagement within the "Nostr" platform. The user journey begins with a straightforward login or registration screen, accessible to both existing and new users, ensuring easy access to the platform. Following a successful login, users are greeted with a well-structured dashboard. A top navigation bar grants convenient access to essential sections, including Notifications, Settings, and Profile.
Additionally, the UI boasts a dedicated search and explore feature, conveniently accessed through a prominent search bar. The design adheres to responsive principles, ensuring a uniform and accessible user experience across a variety of devices and screen orientations. To promote user engagement and refinement, the UI incorporates robust feedback mechanisms, facilitating user feedback and issue reporting. Paramount to the UI design are considerations of security and privacy, with the implementation of secure authentication, data encryption, and privacy controls to safeguard user information and interactions. This comprehensive UI design documentation serves as the cornerstone for the development of the "Notis" app, aimed at enhancing the user experience within the broader "Nostr" ecosystem.
NIP-44 v2 Ecnryption
IN December of 2023, NIP-04 was officially deprecated. It turns out that it was far too easy to crack private keys form messages that were encrypted using NIP-04. NIP-44 v2 swiftly took its place. Notis makes use of the more robust NIP-44 v2 encryption scheme. For more details, visit our wiki
Local Storage
FIXME
8 - Configuration
From a technical standpoint, Notis is built using the React framework, which offers a robust foundation for developing dynamic and responsive web applications. Within the React framework, we leverage the built-in nostr-tools module to efficiently manage various aspects of our application's configuration.
React Native Framework
Notis is developed using the React framework, a popular JavaScript library for building user interfaces. React Native's component-based architecture enables us to create modular and reusable UI elements, enhancing code maintainability and scalability. The framework's virtual DOM (Document Object Model) reconciliation ensures efficient updates and improved performance, even for complex user interfaces.
nostr-tools and ndk Modules
Our application relies on the nostr-tools and ndk modules to streamline configuration management. This module provides essential functionalities for handling configuration settings, environment variables, and other technical aspects of the app. For in-depth details on our implementation of these modules, see our wiki here and here
By utilizing the nostr-tools and ndk modules within the React framework, Notis maintains a robust and flexible configuration management system. This approach enables efficient handling of various configuration aspects while ensuring security, automation, and adaptability in response to evolving technical requirements.
9 - References
The following documents are useful for understanding this design document.
ChatGPT 3.5 was used in the making of this document
END OF DOCUMENT