Building an encrypted social media and chat experience with Bitcoin-native cryptographic algorithms
At Twetch, we are comitted to showing the world how Bitcoin can solve the problems of the internet in the 21st century, some of the most of important of which we believe to be data sovereignty and social media deplatforming. You own yourself. By extension of that, you own your work, and thus your data. Not Twetch. Not any other platform. You, the individual who created it. Twetch is not here to sell your data, or create yet another data silo. We're here to ensure that you can profit from sharing your data on our platform, and should you choose to leave, you're always able to take your data with you without exception. With the open, global data ledger of Bitcoin providing an immutable record of original creation and ownership, Twetch has already accomplished this, but today, we want to go one step further and show you what Bitcoin can really do: We don't just want to protect individual data sovereignty. We want protect the contents of the data itself by making use of the ECC (Elliptic Key Cryptography) cryptographic functions native to Bitcoin!
How it works (for nerds)
There are two main ECC encryption types used, as well as an additional symmetrical cypher. They are as follows:
- ECDH (Elliptic Curve Diffie-Hellmann) - A means by which two parties can safely derive a shared secret over an unsecured communication channel. Most useful in two-party encryption applications.
- ECIES (Elliptic Curve Integrated Encryption Scheme) - An encryption scheme enabling a sender to encrypt a message to a public key that only the holder of its corresponding private key can decrypt. Most useful in single-party encryption applications.
- AES (Advanced Encyrption Standard) - A symmetrical cypher that enables fast, lean encryption/decryption of data using a single, deterministic secret. Most useful in multi-party encryption applications.
Utilising this unique combination of algorithms, we're able to provide Twetch users with a high level of flexibility and security without compromising on any of our goals or values for our community.
So why are we only doing this now?
It has only recently become possible
Whilst our main mission is to free your data and help you own and profit from it, Twetch is also committed to integrating with as many services as possible and providing a great UX that uniquely displays the possibilities of what can be done on Bitcoin. This comes with its own set of unique challenges, especially when it comes to handling sensitive information in a way that is compatible with complete data mobility, whilst integrating with existing wallet providers, each having their own unique capability set. Until recently, it was not possible to provide such a service without becoming a wallet company ourselves. Thanks to the growing support of ECIES encryption and decryption functions of the major wallets today however, it has now become possible to solve this problem in a consistent manner. As such, Twetch Encryption represents a signifcant breakthough in this area, allowing users to control and profit from their data whilst protecting it from third parties, including Twetch itself.
Closing the loop for commercial Twetch usage
Whilst Twetch is a place of entertainment and discussion, it has also evolved to become a popular platform for networking and doing business within the Bitcoin commnunity. With the release of Twetch Chat, users now have the ability to find people they want to work or collaborate with in the public domain, engage with them to narrow down the details of their deal in private, and
/pay them for their work, either privately to protect their arrangement, or publicly to signal to others that they have done a good job, boosting the network effect of both parties and encouraging others to work with them.
New Twetch Encryption Features
Twetch Encryption Keys
Upon signing in to Twetch, users will automatically generate a unique, random 12 word seed in their browser that noone but the user themselves can access. The user's browser also generates the public key of the
m/0/0 derivation path of these 12 words. The 12 word seed is then ECIES encrypted in the browser to all of the users' linked wallets via the public key provided in their respective PayMails and saved on Twetch's servers with the associated public key so they can be addressed and decrypted by the user's wallet at a later date. On any additional logins to Twetch, the encrypted string of these 12 keys will be provided back to the user for them to decrypt with their respective wallet. This enables Twetch to make use of advanced cryptographic functions without ever being in custody of our users' plaintext keys or funds, giving us no way to break encryption, monitor our users or be in posession of their money.
Twetch Encrypted Chat
Twetch chat relies upon the aforementioned public key of the user's Twetch Encryption Keys to safely distribute ECIES-encrypted AES ciphers stored on our servers. When a chat is initiated between two or more participants, the initiator of the chat generates an AES cipher. The cipher is then ECIES encrypted by the initiator of the chat in their browser to the public keys of all chat participants and saved on Twetch's servers. Upon joining a chat, participants can then decrypt the AES cipher to be able to read and send AES encrypted messages to other participants in the chat. Twetch stores users' messages fully encrypted on our servers. If a user is removed from a chat, they will no longer be able to restore these messages from our servers, and if all participants leave a chat, all messages are then permanently deleted and will be unrecoverable.
We see this as just the beginning for encryption on Twetch. Now that we have the ability to allow users to securely manage and use encryption keys in their browser, the possibilities are endless. We will continue to work tirelessly to push out new features and maintain your trust as the only platform that truly allows you to own and profit from your data.