Id like to share my implementation of the signal protocol that i use in my messaging app. The implementation is in rust and compiles to WASM for browser-based usage.
- Github: https://github.com/positive-intentions/signal-protocol
- Demo: https://signal.positive-intentions.com/
Its far from finished and im not sure when its a good time to share it, but i think its reasonable now.
The aim is for it to align with the official implementation (https://github.com/signalapp/libsignal). That version was not used because my use case required client side browser-based functionality and i struggled to achieve that in the official one where javascript is used but is targeting nodejs.
There are other nuances to my approach like using module federation, which led to me moving away from the official version.
While i have made attempts to create things like audits and formal-proof verication, i am sharing it now if there is feedback about the implementation. Any outstanding issue i may be overlooking? Feel free to reach out for clarity on any details.
This signal implementation is for a p2p messaging app. See it in action here: https://p2p.positive-intentions.com/iframe.html?globals=&id=demo-p2p-messaging--p-2-p-messaging&viewMode=story
i think use it an appropriate amount. im not sure how to quantify that. i use different AI models on different tasks in the code as well as the documentation.
its worth repeating its far from finished and i hope with feedback i can make it better. i have put efforts towards directing it towards unit-tests, an audit and formal-proofs. none of that is good-enough, but i hope it can act as a starting point for verifying the implementation is correct.
i get the whole semantic versioning rhetoric and branching strategies, etc. this project is a while from being promoted as “perfect”. this is still a work-in-progress.
im sure people have better things to do with their time than review unstable and unfinished code. as a solo dev on this, there isnt anyone reviewing my code. if i dont share it like this, no one with come across it. i hope you can understand i get pushback when i promote my messaging app is “secure”, so this transparency is nessesary.