dandri/simplex-chat
1
0
Fork 0
mirror of https://github.com/simplex-chat/simplex-chat.git synced 2026-05-10 21:37:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

deploy: 6b6f494502

Browse Source
This commit is contained in:
epoberezkin
2026-04-30 18:33:51 +00:00
parent b4d9101ce7
commit 7d9c2adcdd
3 changed files with 2537 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/protocol/channels-overview.html
+1298
View File
File diff suppressed because one or more lines are too long
docs/protocol/channels-protocol.html
+1201
View File
File diff suppressed because one or more lines are too long
docs/protocol/simplex-chat.html
+38 -2
View File
@@ -954,6 +954,9 @@ eventWord = 1* ALPHA
<p><code>x.grp.info</code> message is sent to all members by the member who updated group profile. Only group owners can update group profiles. Clients MAY implement some conflict resolution strategy - it is currently not implemented by SimpleX Chat client. This message MUST only be sent by members with <code>owner</code> role. Receiving clients MUST ignore this message if it is received from member other than with <code>owner</code> role.</p>
<p><code>x.grp.direct.inv</code> message is sent to a group member to propose establishing a direct connection between members, thus creating a contact with another member.</p>
<p><code>x.grp.msg.forward</code> message is sent by inviting member to forward messages between introduced members, while they are connecting.</p>
<h3 id="channels-relay-mediated-groups" tabindex="-1">Channels: relay-mediated groups</h3>
<p>Channels are groups where message delivery is mediated by dedicated relay members rather than by direct connections between all members. Channels extend the group sub-protocol with additional roles (<code>relay</code>, <code>observer</code>), message signing for administrative actions, a binary batch format for signed and forwarded messages, and an asynchronous delivery pipeline.</p>
<p>For architecture and design rationale, see <a href="/docs/protocol/channels-overview.html">SimpleX Channels Overview</a>. For protocol-level detail - wire formats, message types, signing mechanics, delivery pipeline - see <a href="/docs/protocol/channels-protocol.html">SimpleX Channels Protocol</a>.</p>
<h2 id="sub-protocol-for-webrtc-audiovideo-calls" tabindex="-1">Sub-protocol for WebRTC audio/video calls</h2>
<p>This sub-protocol is used to send call invitations and to negotiate end-to-end encryption keys and pass WebRTC signalling information.</p>
<p>These message are used for WebRTC calls:</p>
@@ -972,12 +975,13 @@ eventWord = 1* ALPHA
</li>
</ol>
<h2 id="threat-model" tabindex="-1">Threat model</h2>
<p>This threat model compliments SMP, XFTP, push notifications and XRCP protocols threat models:</p>
<p>This threat model complements SMP, XFTP, push notifications and XRCP protocols threat models, as well as the channel-specific threat model:</p>
<ul>
<li><a href="https://github.com/simplex-chat/simplexmq/blob/master/protocol/overview-tjr.md#threat-model">SimpleX Messaging Protocol threat model</a>;</li>
<li><a href="https://github.com/simplex-chat/simplexmq/blob/master/protocol/xftp.md#threat-model">SimpleX File Transfer Protocol threat model</a>;</li>
<li><a href="https://github.com/simplex-chat/simplexmq/blob/master/protocol/push-notifications.md#threat-model">Push notifications threat model</a>;</li>
<li><a href="https://github.com/simplex-chat/simplexmq/blob/master/protocol/xrcp.md#threat-model">SimpleX Remote Control Protocol threat model</a>.</li>
<li><a href="https://github.com/simplex-chat/simplexmq/blob/master/protocol/xrcp.md#threat-model">SimpleX Remote Control Protocol threat model</a>;</li>
<li><a href="/docs/protocol/channels-overview.html#threat-model">SimpleX Channels threat model</a>.</li>
</ul>
<h4 id="a-users-contact" tabindex="-1">A user's contact</h4>
<p><em>can:</em></p>
@@ -1052,6 +1056,38 @@ eventWord = 1* ALPHA
<ul>
<li>prove that two group members with incognito profiles is the same user.</li>
</ul>
<h4 id="a-channel-relay" tabindex="-1">A channel relay</h4>
<p>For the full channel threat model, see <a href="/docs/protocol/channels-overview.html#threat-model">SimpleX Channels: threat model</a>.</p>
<p><em>can:</em></p>
<ul>
<li>
<p>send arbitrary unsigned content messages to subscribers, effectively fabricating the content stream while the channel identity and signed profile remain intact.</p>
</li>
<li>
<p>selectively drop any messages, both content and signed administrative events, for some or all subscribers.</p>
</li>
<li>
<p>ignore the &quot;message from channel&quot; directive, revealing which specific owner sent a message.</p>
</li>
<li>
<p>fabricate subscriber connections, inflating subscriber counts.</p>
</li>
</ul>
<p><em>cannot:</em></p>
<ul>
<li>
<p>impersonate an owner - administrative messages (roster changes, profile updates, channel deletion) require valid cryptographic signatures that the relay cannot produce.</p>
</li>
<li>
<p>substitute the channel profile - profile changes require a valid owner signature.</p>
</li>
<li>
<p>redirect joining subscribers to a different channel - the channel's entity ID is baked into both the channel link and the relay link's immutable data.</p>
</li>
<li>
<p>determine the real-world identity of subscribers - subscriber connections carry no persistent identity.</p>
</li>
</ul>
</div>
</article>
</main>