Secure chat over DIDComm

A persistent communication channel between an organization and a customer. Forget about fraud, scams, and spam.

Comment

Inspiration

As a bank customer, it's tough to tell whether a message from the bank (by e-mail or by SMS) is genuine or fraudulent. Generative AI has made phishing and other scams much harder to spot.

What it does

The secure communication channel is a modern way of interaction between organizations and their customers. Using DIDComm's signed and encrypted messaging, it guarantees the authenticity of the parties and the confidentiality of the discussions. The solution could be integrated into existing customer care software (for organizations) and digital wallets (for individuals).

The application sends and receives DIDComm messages. It includes user interfaces for both customer care representatives (monitor and handle multiple chats at once) and individuals (digital wallet). The communication between application server and the user interface is using web sockets.

The digital wallet (installed at chat.wollid.com for demonstration) is a multi-tenant custodial web wallet. Currently there is no log-in mechanism. New users can create just by adding a nickname to the path, e.g., https://chat.wollid.com/joe or https://chat.wollid.com/billy. The server automatically creates did:web identifiers to them. True self-sovereign identity. :) (ToDo: add a log-in process using WebAuthn.)

The customer care front end (chat.ctrldash.app/?mode=operator) is technically the same user interface as the digital wallet, just with a different stylesheet.

Both wollid.com and ctrldash.app have the same server code installed. They are independent nodes that can communicate using DIDComm. Anyone can install the app (https://github.com/woll-id/chat) to launch a new node. No centralized infrastructure is needed.

How we built it

For DIDComm messaging, the project is using Veramo. It also uses the Decentralized Identity Foundation's Trust Establishment document format to show verification of trusted organizations. On top of that, there's basically just a couple HTML/CSS/JS files for user interfaces.

Challenges we ran into

Althought Veramo has some documentation, reading the code was required in many situations. Mircea has nice examples here and there, and he was very helpful during the hackathon.

Accomplishments that we're proud of

Single-contributor entry, created in the final hours of the hackathon. Thanks for extending the deadline. Couldn't have made it otherwise.

What we learned

DIDComm and Veramo.

What's next for Secure chat over DIDComm

If the idea is well received, perhaps we can create a real solution out of it.

Now that the basic functionality is in place, the solution could be modularized (separating messaging logic and user interfaces) and a proper API should be designed and documented.

Built With

  • posh
  • rawcss
  • trustestablishment
  • vanillajs
  • veramo
Share this project:

Updates