In a previous blog, I talked about the opportunities and challenges of building a blockchain-based messaging application. There are many efforts trying to bring blockchain-based messaging to the market. Secretum is one recent example. I took a look at their white paper to understand more about how they designed the application. Although they provide informative information about the motivation of blockchain-based messaging and aspects of their design, I hope that a more thorough white paper will follow to understand how Secretum works in detail.

Before I begin with the technical aspects, the way Secretum motivates blockchain-based messaging includes some very nice examples and information worth noting. They reference an NPR article about how data of hundreds of millions were compromised in a breach on Facebook — showing the scale of the risk of such breaches. They mention an interesting point about how messaging apps like Telegram have seen an increase in usage by hackers sharing stolen/illegal information. Interesting about these arguments against centralized messaging is whether a decentralized solution can avoid such problems. It appears to me that the risk of such problems is the same (if not higher) in decentralized deployments which would require more effort to solve.

Now let’s get to the technology/design side. At a high level, Secretum’s system model consists of the smart contracts on blockchain (specifically on Solana), a network of nodes outside of the blockchain to handle communication of messages and storage, and the users. As expected, the messaging between users utilizes end-to-end encryption to ensure that no party can know the content of messages. However, this is something that is already implemented by many messaging apps including ones that are not decentralized. Secretum motivates the need for their decentralized solution by mentioning other potential breaches of privacy. They provide the following examples:

(1) Requiring a phone number for registration, which is done by apps such as WhatsApp and Signal. The use of phone numbers as the identity/identifier of a user makes it possible for hackers to target users based on their phone numbers. This coupled with vulnerabilities in WhatsApp can lead to hackers gaining access to a user’s phone by knowing their phone number only– as some recent news has shown.

(2) Collection of IP addresses (and other connectivity information). Sometimes this is required by the app (e.g., Telegram), and sometimes it is something that can be inferred from nearby nodes (e.g., Signal).

(3) Reviewing of message contents which indicates that messages are monitored which puts them at the risk of insider or outsider attacks. The white paper indicated that this is the case in WhatsApp.

Secretum uses these points above as motivation and claims that they do not suffer from these problems. This is done by the following protocol: There is a number of off-chain Secretum nodes that act as a middle layer between users and the Solana blockchain. An off-chain Secretum node maintains a subset of user accounts (and their IP addresses). Also, a node contains staked SER token (the Secretum token) that is utilized to initiate communication. When a user x wants to communicate with another user y, A node X (corresponding to user x) communicates with node Y (corresponding to user y) by first requesting permission from the smart contract. The smart contract “routes” this request to Y. The nodes then connect the users together as they know their IP addresses.

A big question mark that I have for this design is how the off-chain Secretum nodes are not posing a threat similar to centralized servers in existing non-blockchain messaging apps. I couldn’t find a clear answer in the white paper (let me know if you found the information in the white paper or elsewhere.) In particular, IP addresses are still being maintained by these nodes. Also, they store messages — that although encrypted, reveal the communication patterns of users.

In addition to the messaging aspect of Secretum, they push the idea of sending tokens in a decentralized way. Unlike centralized exchanges (such as Coinbase), a decentralized exchange does not rely on centralized entities to make cryptocurrency transactions. Rather, they utilize smart contracts to perform such operations. Secretum wants to facilitate the operation of decentralized exchanges as an added feature of their messaging app. Although it might seem that this function is not related to messaging and might be forced into the mission of Secretum, I think that integrating payment/exchange functions is a good idea with messaging apps. A non-trivial part of our interactions with others revolves around payments, whether it is paying for a service or dividing the cost of a meal with friends.

In summary, it was very interesting to know about what Secretum do, how they position themselves, and the economic/token model they use for decentralized messaging. I am going to keep an eye out for more details about their design, especially how Secretum nodes operate and coordinate with each other and other components of the system.