PRINCIPLES
The company principles are following:
Authority. Own X.509 certificate authority [CA] ECC SECP384R1 SHA384.
Each time user is being registered new PKCS-10 X.409 certificate enrollement is happened. It can be
done by using command line utility.
Hierarchical domains. Own domain name server [NS] DNSSEC.
The structure of hosted service is driven by own DNS server;
Distributed directory. Distributionally controlled [ABAC]
support for multi-hierarchy domains. Top-level domain selects security admins for LDAP servers of the second-level;
Always encrypted. Encrypt any message GCM/CCM [N2O] X.509 Envelope.
Each message being sent is encrypted with GCM/CCM symmetric cipher, no unsecure messages are allowed.
No message storage. Transient in-memeory (no-storage) queue [MQ]: TLS 1.3 Mosquitto or QUIC EMQX.
No storage is used for storing messages. One massage receive is acknoledged by correspondent it is being
deleted from MQTT transient in-memory queue;
No metadata. The messanger doesn't store any metadata
information like IP addresses, hardware client information, etc. The
CHAT is using only client, device, profile, roster internal identifiers for message routing purposes inside MQTT;
Client only roster storage. Roster subscription trees or messages [LDAP] are
stored exclusively and paranoidal at client-side and transfered to new registered clients through MQTT.
User can select not to store peer-to-peer subscriptions in LDAP directory but to store exclusively on client;
LDAP roster storage. Roster subscription trees [ROSTER] are stored in LDAP directory.
Users can select to store their peer-to-peer subscriptions in LDAP directory;
Multi-roster with profile phone and mail table verification.
Phone is not mandatory, email is not mandatory;
Open source foundation. Erlang ssl implementation outlived heartblead so
all infrastructure services are written in Erlang and open sourced for verification.
We remain compatible will all cerrified TLS clients.
The sole author (BDFL) and technical architect is Namdak Tonpa.
˙
˙
COMPANY
The SYNRC CHAT division company structure is following:
Market competitors team: Threema, Signal, WhatsApp, Session, Element, Wire, Wickr;
Protocol team: BERT/ASN.1 protocol [Swift] [Erlang];
Frontend Development team: Swift iOS Client [Chat X.509] Sesign UX [Figma] [Swift];
Backend Development team: Erlang/OTP CA NS LDAP AUTH MQTT [mac] CHAT CLI;
Deployment and Operations team: NetBSD, Linux;
Client support team: Certs [SYNRC.PEM] Schema [SYNRC.LDIF] Zone [SYNRC.DNS].
˙
BUSINESS
Forms of cooperation:
— Autonomous deployments [Your Own] instance;
— Hosting by subscription [Our] instance;
— Multi-roster profiles support by subscription;
— Integration API SDK for public services [PARTNERS];
— Node analytics.
˙
SOCIAL
Made for people:
— Integrated alert channel system;
— B2C service channels (housekeeping);
— Calendar vCard iCal events tasks database;
— Clean iOS UI Zero deps package;
— Public text command line client with directory search;
— Governmental or Corporate X.509 identity ДСТУ 4145 authorisation.
˙
PROTOCOL
The protocol specification:
The protocol entities:
Topics. The CHAT protocol communicates with actions/:client, events/:client,
devices/:phone, contacts/:roster,
private/:roster/:roster, room/:room MQTT topics.
Records. Sending through them
Index, Typing, Search, Feature, Service,
Presence, Friend, Tag, Link, Message, Member,
Room, Contact, Star, Ack, Auth,
Roster, Profile, History, push, io ETF-serialized messages.
Modules. The CHAT protocol is implemented in the set of sub-protocol modules:
FILE, HISTORY, LINK, MESSAGE, PRESENSE, PROFILE, PUSH, ROOM, ROSTER, SEARCH, AUTH.
For full specification follow priv/proto folder.
The CHAT server implementation relies only on ISO/IETF connections
such as DNSSEC, X.509 CSR, LDAP, QUIC, WebSocket, MQTT.
Applications. CHAT is a simple instant messaging server based on ISO standards. It uses MQTT protocol and ETF binary
serialization from Erlang/OTP across applications: MQTT, N2O, KVS, MAIL, LDAP, NS, CA. Secure by default.
The CHAT application has Sign/Verify, Encrypt/Decrypt feature enabled for every single message passed by.
The delivered messages are being deleted from MQTT instance after recipient acknowledgment.
This is Keybase, OTR, PGP (you name it) replacement for secure X.509 ASN.1 defined communications.
˙
iOS 13.0
Here you can download the open source iOS client written in Swift:
˙
UNIX X Windows
The default X Windows client application globally available for WSL, Linux and Mac written in C.
The X.ORG CHAT X.509 client is based on:
1) X Windows Toolkit (Xt),
2) X Windows Library (Xlib) and
3) OpenGL for X Windows (GLX 1.3).
CHAT-X509-GUI.PDF — C console client for X Windows (xt, xlib, GLX, C99).
˙