Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

All of our bridges (except Slack and Discord, but will soon) use Matrix's e2e encryption scheme and all messages are stored encrypted on Beeper servers with a key that you control. We can't decrypt your messages.


Wait, how is this possible? There's an obvious integration point between your bridge server and the other service. They don't talk the same encrypted protocol, obviously, so you have to send plain text at some point in that process.

It makes zero sense that you don't have access to the messages.


They don't talk the same protocol but that doesn't prevent them using compatible forms of message encryption.

If the basic concepts of "E2E key exchange" and "pass this encrypted message" exist at all points, I see no fundamental problems with having E2E encryption across different networks. I can see potential for lots of the normal practical small problems but it could fundamentally work.


I agree that it's technically feasible but that's not going to help me right now. It would require all services use the same encryption (or at least understand a common, compatible one) and I don't see that happening, ever.


Yes, I was wondering about exactly this! A dev response would be much appreciated.


Seems like you have to unwrap the message from the upstream scheme and re-wrap it in Matrix’s scheme at some point, right?

I’d appreciate a blog post explaining the architectural choices here.


Thanks! This is the only piece of information I needed before giving Beeper a chance. I could not find it on the Beeper home page as a callout or in the FAQs, and it would probably be good to add.

Ideally I would not want to run the whole stack if I understand how the E2E encryption is managed.


This simply cannot be true, since you have to decrypt the messages to send them to, for example, WhatsApp.


Nope - you have to encrypt them to send them to WhatsApp. Why could you not encrypt them in the client and then send that encrypted message over the bridge, preserving E2E?


Because that's not how this works. The bridge has to have the unencrypted text, because it's the bridge that is communicating with WhatsApp/Signal/IRC/whatever. The client isn't the bridge, it's not communicating directly with WhatsApp, it's just communicating with a Matrix Bridge (over an encrypted channel) to a Synapse server you don't control.


You'd need WhatsApp's collaboration for this, which I'm going to go out on a limb and suggest that the bridge operator doesn't have.

There are two encrypted channels: client<->bridge, and bridge<->WhatsApp. The bridge can read the decrypted text, and the comment I replied to is a lie.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: