wiremock - allows for mocking HTTP APIs.libphonenumber - Google’s library for phone numbers verification.Liquibase - library for database schema changes management.Lettuce - Another Redis java client, allowing for non-blocking operations.Bouncy Castle - cryptography related library.curve25519-java - Signal implementation of Curve25519 for java.resilience4j - library related to fault tolerance, implementing features like circuit breaker, retry or rate limiting.Signal depends on a few of its modules, including e.g. Dropwizard - framework for developing Java services.It is built with Maven with a target for JDK 11. Keep in mind that it is not the only piece of the system. This is the main part of backend architecture providing REST API and WebSockets, being responsible for passing messages to appropriate users and storing them in the database. In this article, I will focus on the Signal Server. Today, I’d like to share what interesting things I found there and what I’ve learned from it. Quite recently, for one of our Architecture Discussion Group meetings I did a quick Signal Server code analysis in order to understand how it works underneath. An interesting fact is that WhatsApp, Facebook Messenger, and Skype actually decided to use Signal Protocol! However, in most cases they use it with encryption disabled, leaving it enabled only for specific private conversations. Signal protocol can be used for end to end encryption of all messages, but also for video calls. This service has around 50 million users and even other IMs leverage its protocol! What is more, application code can be found on github under the Signal organization and was independently audited. Signal seems to be the ONE that really cares and provides end to end encryption for the sent data. Among the biggest winners of the mentioned exodus are IMs like Telegram or Signal. People start caring about their data and how they can be processed by the applications’ owners. This year, effects of WhatsApp privacy controversies were described as “the largest digital migration in human history”. What have I learned from Signal server source code
0 Comments
Leave a Reply. |