End-to-End Encrypted Messaging
Echoes is an instant messaging app that supports end-to-end encryption for messages between users.
Private message encryption is an extra layer of protection from man-in-the-middle attacks. If enabled, compromised chat servers would not be able to decrypt communication.
To start an end-to-end encrypted session, send the other person a private message and use the padlock button.
Make sure you verify public key thumbprints before exchanging sensitive information. Verification should be out-of-band via phone call, in person, carrier pigeon, etc.
All communication (nick<->chan, nick<->nick) is wrapped in HTTPS.
Echoes is still in early-beta so keep that in mind while using it.
/join #channelname - join a channel
/pm nickname - start private conversation with nickname
/help - list all available commands
- WebCrypto for endpoint encryption/decryption/authentication (http://www.w3.org/TR/WebCryptoAPI/)
- Raindrops Framework for Password-less Identity Management (https://github.com/slackr/raindrops)
- Socket.IO and NodeJS for message exchange (http://socket.io, http://nodejs.org)
The client source is available under GPLv3 here: https://github.com/slackr/echoes.client/