I have been working on an Android App quite a while now, starting from a simple idea.
A messenger where messages travel directly between phones with no servers in between. Using direct WebRTC encrypted connections (SRTP/DTLS), there are no servers that stores, reads, or relays content. Group chats use a gossip protocol where members relay to other members.
The only infrastructure the app touches is a signalling relay to set up the connection (no message content), a push notification to wake up a sleeping phone (also no content), and a TURN relay for restricted networks (encrypted packets only).
I wrote a detailed white paper explaining the full architecture: https://www.mindtheclub.com/white-paper.html
The app is in Open Testing on Google Play (1,000 tester cap): https://www.mindtheclub.com/beta-signup.html
I’m interested in this community's perspective on whether the architecture holds up.
Not quite, with XEP-0174 you can only reach peers on the same LAN. I use standard WebRTC signalling to establish the connection, so peers on different networks can reach each other across the internet. Discovery itself is out of band, you add a contact via QR code or a profile link, then signalling just brokers the connection to that known peer.
What I’d like is something that doesn’t use Firestore, but uses either XEP-0174 or proximity handshaking to establish the initial shared secret between two devices, after which something like TOR or I2P could be used fir signalling against the shared secret.
That way, interception gets you nowhere and nobody’s able to follow the signal back to host to gain connection metadata.
The initial identity exchange between two devices isn't done via Firestore, it's done offline (shared by QR code). The key material used to verify a peer is authentic never touches the internet. Signalling is done through Firestore, and here it's fair to say metadata isn't hidden: Firestore knows that userId 01 contacted userId 02 at a certain date and time.