Loki Messenger alpha and Checkpointing!



Today we are announcing the release of our next Loki hardfork, Hefty Heimdall. This hardfork will include a number of updates for both Loki Messenger and Loki Core, including:

Service Node Checkpointing

Loki Storage Server (Stores Loki Messenger messages on Service Nodes)

Internode testing (Blockchain and message storage)

Loki Messenger alpha release

The testnet binaries will be released on June 26, so you can start testing these changes in just a few weeks.

There will be a mandatory upgrade period starting July 10.

The Hefty Heimdall hardfork will happen on July 24, with Checkpointing being enabled but not enforced.

We will start enforcing Checkpointing on September 12, completely preventing double spends after 12 blocks of confirmation.

As you may have already heard, we’re thrilled to announce the launch of the Loki Messenger alpha on the mainnet. This is a huge step forward for us and for the community, with Loki Messenger being the first Loki Service to make it out of the labs. We can’t wait to get it into your hands so that with your feedback, we can start to rapidly iterate on the design and feel of it in anticipation of the full launch later this year. We should make it very clear that the Loki Messenger alpha will not have the privacy properties that will be present in the final version. This alpha will primarily be for testing and feedback purposes.

The Basics

The Hefty Heimdall release will include an alpha version of Loki Messenger, which operates entirely on the Service Node network. Loki Messenger will be the first ever system which enables users to achieve both online and offline messaging in a fully decentralised, redundant and scalable way. The encryption used in Loki Messenger, which is also used in Signal, means your messages are only readable by you and the person you send them to. You can read more about the excellent security properties of this kind of end-to-end encryption in this article: http://www.alexkyte.me/2016/10/how-textsecure-protocol-signal-whatsapp.html

The Loki Messenger doesn’t connect to a central server like other messengers. Instead, groups of cooperative Service Nodes – called “Swarms” – store your messages while achieving a high rate of redundancy, meaning that if a Service Node goes offline, your message isn’t lost. Because Loki Messenger doesn’t use any central server, it’s extremely hard for malicious actors to shut the network down since the storage network is distributed across the world over hundreds of nodes.

However, we’ll stress again that the Loki Messenger alpha will not have many of the privacy qualities that the final version will have. Lokinet still has a while to go before it can be deployed on the Service Node network. The Loki Messenger alpha will allow you to communicate securely with your friends and family over a decentralised network while still having a comparable user experience to the chat apps you already know. And when used in conjunction with other network anonymisation tools, the Loki Messenger alpha will also have some reasonable privacy properties.



How it Works

Offline Messages (Asynchronous Mode)

The process below assumes your messenger client has never connected to the Loki Service Node network before, and you want to send a message to a user who is offline.



Sending

Your messenger client gets a partial list of Service Nodes and IP Addresses from a set of hardcoded Loki seed nodes. This is done via a clearnet connection, meaning whoever runs the seed nodes can see that your IP address is requesting a list of currently operating nodes. Your messenger client contacts a single node randomly from the list, and asks them for the Service Nodes in the Swarm that correspond to your recipient’s public key. This means that a single Service Node knows that your IP address is likely messaging a recipient with X public key. Your messenger client contacts three of the nodes inside your recipient’s Swarm and gives them the encrypted message for your recipient. These three nodes will know that your IP address sent a message to X public key.

Receiving

To find your Swarm, your messenger client contacts a random Service Node and asks for the Swarm that corresponds to your public key. Without Lokinet or a VPN, that random node can assume your IP address is linked to your public key. Your client then maintains a connection to three random Service Nodes in your Swarm and polls them regularly to find out if there are new messages destined for you. This means that three Service Nodes in your Swarm know that your IP address is requesting messages for a particular public key.

Online Messages (Synchronous Mode)



Sending and Receiving

Sending an online message requires knowledge of two parties being online simultaneously, and the addresses they can be contacted at. To do this, Loki Messenger periodically sends your IP address inside encrypted offline messages to your contacts. When a client comes online they can use this contact information to attempt to establish a direct P2P link with another client. Messages can then flow between the two clients without needing to use the Storage Server. However, this means when you use Loki Messenger, all of your friends can see your IP address.

As you can see from the above descriptions, the Loki Messenger alpha provides reliability, censorship resistance and encryption, however it does not provide protection against metadata collection. It’s important to understand this when participating in the Loki Messenger alpha, since – depending on your threat model – you could be leaking metadata that could be used to draw inferences about your use.

The Hefty Heimdall hardfork is a particularly large one – we hope you’re all as excited as we are! Please help us improve Loki Messenger for everyone by downloading and testing the alpha – your reports make all the difference. Keep an eye out for further updates as we approach the hardfork date.

