{"id":15150182,"url":"https://github.com/kiooku/mini-signal","last_synced_at":"2026-02-18T12:33:44.839Z","repository":{"id":218240839,"uuid":"729860186","full_name":"Kiooku/mini-signal","owner":"Kiooku","description":"Incomplete Signal implementation - for learning purpose","archived":false,"fork":false,"pushed_at":"2024-01-28T09:13:26.000Z","size":880433,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-07T05:49:39.360Z","etag":null,"topics":["aead","aes-gcm-siv","concurrent-programming","css","double-ratchet-algorithm","e2ee","end-to-end-encryption","html","js","privacy","rust","security","signal","sqlite","tauri-app","tcp","tls","tokio-rs","x3dh"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Kiooku.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-12-10T15:25:57.000Z","updated_at":"2024-01-28T09:13:14.000Z","dependencies_parsed_at":"2024-12-20T18:12:49.724Z","dependency_job_id":"04430a42-8e4f-4964-8eb6-c45a7fe3e596","html_url":"https://github.com/Kiooku/mini-signal","commit_stats":{"total_commits":17,"total_committers":1,"mean_commits":17.0,"dds":0.0,"last_synced_commit":"287ef73cadb2e4a5a04b05166ee31d6c113565f6"},"previous_names":["kiooku/mini-signal"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Kiooku%2Fmini-signal","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Kiooku%2Fmini-signal/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Kiooku%2Fmini-signal/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Kiooku%2Fmini-signal/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Kiooku","download_url":"https://codeload.github.com/Kiooku/mini-signal/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247601483,"owners_count":20964864,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aead","aes-gcm-siv","concurrent-programming","css","double-ratchet-algorithm","e2ee","end-to-end-encryption","html","js","privacy","rust","security","signal","sqlite","tauri-app","tcp","tls","tokio-rs","x3dh"],"created_at":"2024-09-26T14:02:02.989Z","updated_at":"2025-10-14T22:02:11.113Z","avatar_url":"https://github.com/Kiooku.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# mini-signal\n\n---\n\n`mini-signal` is an incomplete implementation of [Signal](https://signal.org/), for learning purpose.\n\nThe goal of this project is to implement a visual interface and a server, allowing to simulate the one to one message functionality of Signal.\n\nFor that, I'll use the cryptographic algorithm develop in my [Cryptography-Notebook](https://github.com/Kiooku/Cryptography-Notebook) \nrepository, [tokio](https://tokio.rs/) and [native-tls](https://github.com/sfackler/rust-native-tls) for the asynchronous server and [tauri](https://tauri.app/) \nfor the user interface.\n\n*Obviously, don't use this application for real-world usage. Nothing has been reviewed by professionals and may include serious fault.*\n*\u003c/br\u003eHowever, it's a great tool for learning (feel free to use it to test some attacks or get a better understanding of a secure message application).*\n\n*What's more, there's still a bit of work to be done to completely clean up the project, even if the result is quite decent and fully functional.*\n\n**Preview**\n\n[preview_mini_signal.webm](https://github.com/Kiooku/mini-signal/assets/33032066/8129c783-d149-4eb0-a419-1ab639ff574a)\n\n## Table of content\n\n1. [How to install mini-signal](#how-to-install-mini-signal)\n2. [How to deploy the server](#how-to-deploy-the-server)\n3. [Implementation details](#implementation-details)\n   - [Cryptography](#cryptography)\n   - [Server](#server)\n   - [Client](#client)\n4. [Conclusion](#conclusion)\n5. [Resources](#resources)\n\n## How to install mini-signal\n\nStart the server before starting the client: `cargo run` in `mini-signal-server`.\n\nYou can simply run `cargo tauri dev` in `mini-signal`, to launch the app on dev mode.\n\nOtherwise, if you want to build an executable of the app, I'll suggest you to follow the [guide on the Tauri website](https://tauri.app/v1/guides/building/cross-platform/).\n\n## How to deploy the server\n\nTo initialize `cert.pem` and `key.rsa` in the keys folder of `mini-signal-server`, run the following command:\n\n`openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout src/keys/key.rsa -out src/keys/cert.pem -subj \"/C=GB/ST=London/L=London/O=Global Security/OU=IT Department/CN=example.com\"`\n\n\u003e **Note**: Make sure that `cert.pem` and `key.rsa` are located in the `keys` folder.\n\nThen run: `cargo run`, you should see the message *\"Server started\"*.\n\n## Implementation details\n\n### Cryptography\n\nThe end-to-end encryption is done using the [double ratchet algorithm with header encryption](https://github.com/Kiooku/Cryptography-Notebook/tree/main/E2EE/double-ratchet-with-header-encryption) initialize with the [X3DH](https://github.com/Kiooku/Cryptography-Notebook/tree/main/AsymmetricCiphers/x3dh) protocol.\n\nAll the rust implementation of these two protocol can be seen on my [Cryptography-Notebook repository](https://github.com/Kiooku/Cryptography-Notebook/tree/main/E2EE).\n\n[`native-tls`](https://github.com/sfackler/rust-native-tls) crate is used for TLS.\n\n[Argon2id](https://en.wikipedia.org/wiki/Argon2)  hash function is used to store the passwords.\n\n### Server\n\nThe server use a TCP over TLS connection to communicate with the client.\n\nAll the server is done in Rust using the [`tokio`](https://tokio.rs/), [`warp`](https://github.com/seanmonstar/warp) and [`native-tls`](https://github.com/sfackler/rust-native-tls) crate.\n\nThe TCP over TLS connection can be replaced with [XMPP](https://xmpp.org/), but I wanted to make a Rust project and XMPP \ndoes not have a reliable crate, and I wanted to make the server using Rust for learning purpose.\n\nUsers must identify themselves before sending or collecting data.\n\nThe server deal with three sqlite databases. I used [`rusqlite`](https://github.com/rusqlite/rusqlite) to interact with them. \n\n**Message database**: Use to store messages when the user is not connected to the server. Messages are deleted once the user has retrieved them.\n\n**X3DH keys database**: Use to store the X3DH keys used to initiate E2EE.\n\n**Password database**: Store user password using [`argon2id`](https://docs.rs/rust-argon2/latest/argon2/) hash function to follow [OWASP recommendations](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html).\n\nAll possible actions that the client can perform with the server are described in the `Action` enumeration. \nAnd all possible responses in the `Response` enumeration in `main.rs`.\n\n### Client\n\n\u003e **Note**\n\u003e \n\u003e The client front-end is made using vanilla HTML, CSS and JS.\n\u003e \n\u003e Tauri does not support some CSS function which modify slightly the final render from a browser. \n\u003e \n\u003e *e.g. `overflow-anchor: auto` and `backdrop-filter: saturate(120%) blur(14px);` are not supported.*\n\u003e \n\u003e For example, some messages are not displayed when the password does not match in the registration page *(further work to improve the user experience with Tauri constraints).*.\n\nTwo database on the client side:\n1. Double Ratchet database:\n   1. **Double Ratchet** table: Store the state of the double ratchet for each communication.\n   2. **X3DH**: Store the X3DH keys of the client.\n   3. **OPK Bundle**: Store the opk keys of the client.\n2. **Messages** database: Store the message decrypted of the user.\n\n\u003e **Note**\n\u003e \n\u003e To increase client-side security, it would be preferable to encrypt each database with a password *(the same as the one used to connect to the server)*.\n\u003e \n\u003e However, as far as I know, rusqlite doesn't allow this, and I'd have to use another crate. This may be a project update for later.\n\nFunctionalities:\n- Light and dark mode\n- Search user\n- Search message\n\nMessages are gathered every 5 seconds on the server, so it's not instant E2EE encryption, but there is a certain delay. \nThe switch to instant E2EE is a future application update.\n\n## Conclusion\n\nThe aim of this project was to see the complexity of creating a secure messaging application prototype. \nMoreover, it allowed me to use my [X3DH](https://github.com/Kiooku/Cryptography-Notebook/tree/main/AsymmetricCiphers/x3dh) and [double ratchet algorithm](https://github.com/Kiooku/Cryptography-Notebook/tree/main/E2EE/double-ratchet-with-header-encryption) in a real world context.\nIn addition, it's a great opportunity to bring together most of the knowledge I have in [cryptography](https://github.com/Kiooku/Cryptography-Notebook) and computer science *(Database management, server, front-end, concurrent programming...)*\n\nThis is my first major project in rust and my first application in tauri. So I've learned a lot during this project. \nIt's still an MVP and the project should be cleaned up in several points to get closer to a secure messaging application like Signal.\n\nThis project was carried out during my winter break. \nFeatures such as the management of message encryption sessions in an asynchronous and multi-device setting *[(Sesame algorithm)](https://signal.org/docs/specifications/sesame/)*, or private group system [(Zero-knowledge groups)](https://eprint.iacr.org/2019/1416.pdf),  could be implemented later, depending on my learning journey.\n\n## Resources\n- https://signal.org/docs/\n- https://tokio.rs/tokio/tutorial\n- https://tauri.app/v1/guides/\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkiooku%2Fmini-signal","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkiooku%2Fmini-signal","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkiooku%2Fmini-signal/lists"}