Skip to content
/ quantum Public

A "Better Discord" plugin for message encryption/decryption

License

GPL-3.0 license
3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

imnaK/quantum

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

163 Commits
assets
assets
 
 
docs
docs
 
 
src
src
 
 
.babelrc
.babelrc
 
 
.gitignore
.gitignore
 
 
.prettierrc
.prettierrc
 
 
LICENSE
LICENSE
 
 
config.json
config.json
 
 
package.json
package.json
 
 
webpack.config.js
webpack.config.js
 
 

Repository files navigation

Quantum logo
Quantum

Quantum is a Better Discord plugin offering enhanced privacy through message encryption.
Disclaimer: Please note that while this messaging system offers enhanced security measures, it does not provide absolute security. We also cannot be held responsible for any misuse of this software or any consequences resulting from its use.

Current Version   GitHub License   BetterDiscord

Prerequisites  ‒  Getting started  ‒  Build  ‒  Features  ‒  Usage

Note: this project is under development but for the moment the two of us do not have enough time for new features or bug fixes. Please be patient, we will continue for sure!

Is this safe?

As mentioned above, this plugin serves as an additional layer of security rather than an absolute safeguard. It facilitates secure encryption and decryption of messages and keys across different channels. However, it's important to note that there are no fail-safes like 2FA or similar measures in place.

What cryptography techniques do we use?

All encryption methods employed in this project utilize widely recognized and trusted libraries. We opted against the risky endeavor of developing proprietary cryptography algorithms. For transparency, you can review the libraries and packages used in our project here.

For messages we use the XChaCha20-Poly1305 encryption technique. It uses a 256-bit (32-byte) key and a 192-bit nonce. XChaCha20 is a variant of the ChaCha20 stream cipher, designed for high-speed secure encryption. Poly1305 is a cryptographic message authentication code (MAC) used alongside to ensure data integrity and authenticity.
For secure key exchange between channels, we use the Ed25519 signature scheme.

Prerequisites

Getting started

Clone the project:

git clone https://github.com/imnaK/quantum.git

Go to the project directory:

cd ./quantum

Install dependencies:

npm install

Currently the secret key is still imported at build time, so a corresponding json file with the 32 byte key must be created:

node -e "require('fs').writeFileSync('.secret.json',JSON.stringify({key:require('crypto').randomBytes(32).toString('hex')}));"

Disclaimer: Please note that anyone possessing the secret key has the ability to decrypt the messages!

Build

Build the project:

npm run build

Build a production ready minified file:

npm run build:production

The corresponding file build\Quantum.plugin.js or build\Quantum.min.plugin.js will be created.

Afterwards, the plugin will be automatically copied to the BetterDiscord plugin directory.

Additional Tools

Format using the project standard.

npm run format

Features

As this project continues to evolve, it's possible that some features listed here may be pending development. Rest assured, they are on their way.

  • Message Encryption and Decryption:
    • Implement encryption and decryption mechanisms for messages exchanged in direct message chats.
    • Ensure that sensitive information remains protected during transmission and storage on Discord.
    • Continuously enhance security measures, acknowledging our ongoing investigation into potential vulnerabilities, such as transmissions to Discord during typing.
  • Key Exchange:
    • Establish a method for securely exchanging encryption keys between users in direct message chats.
  • Key Storage in "quantum" Directory:
    • Store encryption keys per user account in a directory named "quantum."
    • Ensure that the "quantum" directory is located as a sibling to the plugins directory.
    • Implement security measures to protect keys stored in the "quantum" directory.

Usage

When you launch Quantum for the first time, a popup will appear, prompting you to enter a master password. This password protects your chat encryption keys, ensuring their security. You'll need to enter this password each time you restart Discord, Quantum, or switch between accounts. While the encrypted file is highly secure and resistant to brute force attacks, it's crucial to choose a strong password for added protection.

Message encryption and decryption

If you want to en-/decrypt messages in a direct message chat you first need to exchange a key:

The procedure for the key exchange is still in development. Check back later too see if this line of text is gone. :)

After a key is exchanged you can use the prefix q: to write encrypted messages and decrypt them by right clicking -> "Decrypt Message".
Example:

Usage GIF

Contribution Guidelines

At this point of development there is not much of contributing to this project. If you still have interest in contributing, contact us on our Discord.

License

This software is licensed under the GPL v3 license included here.

About

A "Better Discord" plugin for message encryption/decryption

Resources

Readme

License

GPL-3.0 license
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages