@simplex
SimpleX - the first messaging platform operating without user identifiers of any kind - 100% private by design!
No relay list published yet.
Recent Notes
is it yours?
๐คฆโโ๏ธ we don't plan the shitcoin, and never did that :)
It's a payment system for servers, no "coins" there, shit- or not.
Read https://simplex.chat/vouchers - it's been updated.
The plan is evolving - whitepaper is half-way done, the assessment of blockchain to build on is ongoing.
It's a payment system for servers, no "coins" there, shit- or not.
Read https://simplex.chat/vouchers - it's been updated.
The plan is evolving - whitepaper is half-way done, the assessment of blockchain to build on is ongoing.
@nprofile1q... is cool - they don't chase people to publish apps, they just do that. Thank you.
Is it? it's nice ๐ We can do that.
haven't seen it before :)
A big news for SimpleX Chat privacy and security:
Android apps released via GitHub and F-Droid are now 100% reproducible!
It means that you can easily verify that the app is secure, even if the download site was hacked.
From v6.5 our release process is:
1) build Android apps on two independent machines and confirm they are 100% identical;
2) cryptographically "sign" them;
3) add signature files to the release page so you can verify.
v6.5 beta.3 release: https://github.com/simplex-chat/simplex-chat/releases/tag/v6.5.0-beta.3
Server and Linux desktop builds were already reproducible, and Android APKs are now as secure.
Anyone can check it themselves - no coding needed, just follow our simple guide to verify the app is genuine or run the build yourself: https://simplex.chat/reproduce/
Android apps released via GitHub and F-Droid are now 100% reproducible!
It means that you can easily verify that the app is secure, even if the download site was hacked.
From v6.5 our release process is:
1) build Android apps on two independent machines and confirm they are 100% identical;
2) cryptographically "sign" them;
3) add signature files to the release page so you can verify.
v6.5 beta.3 release: https://github.com/simplex-chat/simplex-chat/releases/tag/v6.5.0-beta.3
Server and Linux desktop builds were already reproducible, and Android APKs are now as secure.
Anyone can check it themselves - no coding needed, just follow our simple guide to verify the app is genuine or run the build yourself: https://simplex.chat/reproduce/
MLS uses ratcheting trees, it's different from Double Ratchet.
We honestly see it as a very rare view, proportionally. We are using planning to use one of smartchains for their intended purpose - distributed computing with reliable network-wide consensus. While Community Vouchers is the primary driver to use a smartchain, it'll also solve other problems:
- namespaces for users and groups, that protect from MITM attacks - if operators host names, as in federated designs, it's impossible to protect from them.
- public server registry with operator trust and reliability metrics, without any central authority as with Tor, for example.
And there won't be any minting activity by the operators - they will run full non-validating nodes on blockchain, and will act as decentralized RPC layer to blockchain (which is a weak link for most chains), letting clients to have multiple independent views onto chain for important queries (such as name resolution).
This is a really big innovation, and most users don't see it - they think we're going to use what exist.
- namespaces for users and groups, that protect from MITM attacks - if operators host names, as in federated designs, it's impossible to protect from them.
- public server registry with operator trust and reliability metrics, without any central authority as with Tor, for example.
And there won't be any minting activity by the operators - they will run full non-validating nodes on blockchain, and will act as decentralized RPC layer to blockchain (which is a weak link for most chains), letting clients to have multiple independent views onto chain for important queries (such as name resolution).
This is a really big innovation, and most users don't see it - they think we're going to use what exist.
Several reasons:
- payment either requires using private cryptocurrencies, that most people don't use, or exposes identity to operators - vouchers make purchase and payment unlinkable
- direct payments create risks of operator default - we want to build zero-trust model
- no effective way to codify revenue-sharing agreement - again, risk of defaults, not honouring agreement, etc.
All these problems are solved with smart contracts, and we don't see any simpler solution.
The question is similar to "why SimpleX network needs private message routing?" To protect users privacy and security from their contacts. As the number of operators grow, it's important to protect users from operators.
- payment either requires using private cryptocurrencies, that most people don't use, or exposes identity to operators - vouchers make purchase and payment unlinkable
- direct payments create risks of operator default - we want to build zero-trust model
- no effective way to codify revenue-sharing agreement - again, risk of defaults, not honouring agreement, etc.
All these problems are solved with smart contracts, and we don't see any simpler solution.
The question is similar to "why SimpleX network needs private message routing?" To protect users privacy and security from their contacts. As the number of operators grow, it's important to protect users from operators.
> aren't useful as an investment
Correct. We do NOT plan to use vouchers as a fundraising mechanism, and they are not tradable, and even more - they expire. Otherwise it may cross the line with strict application of Howey test (any tradable utility token, especially if used by a single party as development funding, is likely to be considered a security), and we don't want these risks.
We are exploring other funding models, such as grants, private investments and community crowdfunding - it will all be announced next year once the plan crystallizes.
> I'm not sure this is the best solution.
That is correct, but what we like about it is that it fits a very widely used regulatory framework - prepaid telecom cards. So we are doing a technical innovation without regulatory risks, which is rarely possible.
We are always open to better ideas, as we don't see any simpler design that achieves all the stated objectives:
- zero trust
- revenue sharing between operators and "network"
- unlinkability of purchase and usage
- no (or limited) transferrability
- expiration
- ability to purchase via in-app and credit part payments without being a cryptocurrency exchange (as they are prepaid telecom cards).
- probably some others
> it's difficult for a lot of users to understand what it solves and why.
Agreed, but we aim to make it completely hidden from the users and make it possible to use Community Vouchers (aka Community Credits) without touching / knowing about blockchain.
So there won't be requirement to use a crypto wallet at some point of product development - at least that is the objective we are working to:
- user can buy Community Voucher via in-app payment (yes, with some draconian commission, but it's worth it anyway as it would increase donations to communities - about 50% of app users even today never used cryptocurrencies, and for all potential users it's even bigger share)
- user can then donate it to their community of choice
All that within the app, without any technical way to link voucher purchase to community donation, thus preserving participation privacy.
Correct. We do NOT plan to use vouchers as a fundraising mechanism, and they are not tradable, and even more - they expire. Otherwise it may cross the line with strict application of Howey test (any tradable utility token, especially if used by a single party as development funding, is likely to be considered a security), and we don't want these risks.
We are exploring other funding models, such as grants, private investments and community crowdfunding - it will all be announced next year once the plan crystallizes.
> I'm not sure this is the best solution.
That is correct, but what we like about it is that it fits a very widely used regulatory framework - prepaid telecom cards. So we are doing a technical innovation without regulatory risks, which is rarely possible.
We are always open to better ideas, as we don't see any simpler design that achieves all the stated objectives:
- zero trust
- revenue sharing between operators and "network"
- unlinkability of purchase and usage
- no (or limited) transferrability
- expiration
- ability to purchase via in-app and credit part payments without being a cryptocurrency exchange (as they are prepaid telecom cards).
- probably some others
> it's difficult for a lot of users to understand what it solves and why.
Agreed, but we aim to make it completely hidden from the users and make it possible to use Community Vouchers (aka Community Credits) without touching / knowing about blockchain.
So there won't be requirement to use a crypto wallet at some point of product development - at least that is the objective we are working to:
- user can buy Community Voucher via in-app payment (yes, with some draconian commission, but it's worth it anyway as it would increase donations to communities - about 50% of app users even today never used cryptocurrencies, and for all potential users it's even bigger share)
- user can then donate it to their community of choice
All that within the app, without any technical way to link voucher purchase to community donation, thus preserving participation privacy.
Yes, we see it as an issue, as message delivery will be redundant, and it's a source of revenue to the operator - so operator "default" is not an issue for message delivery.
In case operator is also a mint, then operator "default" becomes an issue, so we are not considering the model when operators act as mints โ it's a much higher level of trust than message delivery.
In case operator is also a mint, then operator "default" becomes an issue, so we are not considering the model when operators act as mints โ it's a much higher level of trust than message delivery.