this post was submitted on 04 Jun 2026
8 points (100.0% liked)

Android Apps

2665 readers
18 users here now

Welcome to the !androidapps Community!

We're thrilled to have you here and be part of our vibrant community centered around Android apps. To ensure a positive and valuable experience for everyone, we kindly ask you to adhere to the following community guidelines:

  1. Be Respectful: Treat fellow community members with respect and kindness. We encourage constructive discussions and discourage personal attacks, harassment, or any form of offensive behavior.

  2. Stay on Topic: Keep the discussions focused on Android apps and related topics. Avoid veering off into unrelated discussions or spamming the community with irrelevant content.

  3. Quality Contributions: Share valuable insights, tips, and recommendations related to Android apps. Provide helpful feedback and support to other users. Engage in meaningful discussions that contribute to the community's knowledge base.

  4. Mindful Self-Promotion: While we welcome developers to share their apps and updates, we ask that you do so in a balanced and considerate manner. Excessive self-promotion or spamming is not allowed. Instead, focus on providing value and engaging with the community.

  5. Follow Appropriate Guidelines: Ensure your posts and comments comply with the platform's terms of service, as well as local laws and regulations. Refrain from sharing content that is illegal, harmful, or violates intellectual property rights.

  6. Be Transparent: If you're a developer promoting your own app, clearly disclose your affiliation to maintain transparency within the community. This fosters trust and authenticity.

  7. Report Inappropriate Content: If you come across any content that violates these guidelines or seems inappropriate, please report it to the moderator for review and appropriate action.

Remember, the !androidapps community thrives on collaboration and mutual support. Let's work together to create a positive environment where we can all learn, grow, and discover amazing Android apps!

founded 3 years ago
MODERATORS
Puzzlehead@lemmy.world
8
WebRTC messenger architecture, sealed-sender push, encrypted signalling, looking for threat-model critique. Open Source GPLv3 (lemmy.ml)
submitted 1 week ago by GradleSurvivor@lemmy.ml to c/androidapps@lemmy.world
0 comments fedilink hide all child comments
 

A WebRTC messenger where message content never touches a server and the push layer can’t see who’s messaging whom

Android app, solo-built. Trying to find out where the architecture breaks before I scale it.

The core idea. Messages travel through direct WebRTC data channels (DTLS/SRTP) between two phones. No server stores, reads, or relays content. Group chats use a gossip protocol, sender fans out to a few reachable members who relay onward; members who come online late fetch missing messages from any peer who has them.

The supporting infrastructure, and what each piece can see.

Signalling: needed to set up any WebRTC connection. I use a Cloudflare Worker (ephemeral, nothing persisted). The SDP/ICE payload is encrypted with the recipient’s public key before it leaves the sender, and the two participants are addressed by opaque per-session hashes. The relay forwards ciphertext between un-linkable identifiers.

Push wake-up: FCM, because Android. Sealed-sender design: the wake-up payload is encrypted to the recipient’s public key, and the sender’s identity is inside that envelope. The push layer sees who’s receiving (it must, that’s how push works), not who’s sending. The FCM request is also forwarded via a Cloudflare Worker so Google doesn’t see the sender’s IP either.

TURN relay: Cloudflare again, for restricted networks. Carries encrypted packets only, like any TURN.

The code is open source (GPLv3).

I wrote a detailed white paper explaining the full architecture on my landing page: https://www.mindtheclub.com/

Mainly interested in where the design assumptions break. The sealed-sender piece, I’d like to know if the threat model I’m assuming there is too generous.

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here