chat.positive-intentions.com

github.com/positive-intentions/chat

I'm excited to share with you an instant messaging application I've been working on that might interest you. This is a chat app designed to work within your browser, with a focus on browser-based security and decentralization.

What makes this app unique is that it doesn't rely on messaging servers to function. Instead, it works based on your browser's javascript capabilities.

Here are some features of the app:

• Encrypted messaging: Your messages are encrypted, making them more secure.
• File sharing: Easily share files using WebRTC technology and QR codes.
• Voice and video calls: Connect with others through voice and video calls.
• Shared virtual space: Explore a shared mixed-reality space.
• Image board: Browse and share images in a scrollable format.

Your security is a top priority. Here's how the app keeps you safe:

• Decentralized authentication: No central server is required for login, making it harder for anyone to gain unauthorized access.
• Unique IDs: Your ID is cryptographically random, adding an extra layer of security.
• End-to-end encryption: Your messages are encrypted from your device to the recipient's device, ensuring only you and the recipient can read them.
• Local data storage: Your data is stored only on your device, not on any external servers.
• Self-hostable: You have the option to host the app on your own server if you prefer.

A decentralized infrastructure has many unique challenges and this is a unique approach. Ive taken previous feedback and made updates. Its important to note, the app is an unstable proof-of-concept and a work-in-progress. Its important to understand at this early stage in the project, there will be breaking changes. It is not ready to replace any existing apps or services. While the app is aiming to be an encrypted and secure chat system, the project is not mature enough to have been reviewed by security professionals and should not be considered encrypted or secure. it is provided for testing/review/feedback purposes.

Looking forward to hearing your thoughts!

The live app

About the app

Even more about the app

Docs

Subreddit

We need to exert more pressure on apple and eu to not remove PWAs. Every signature counts, please sign and share EU has already started a preliminary investigation on this http://archive.today/2024.02.26-223134/https://www.ft.com/content/d2f7328c-5851-4f16-8f8d-93f0098b6adc

Magento, a company based in Berlin offering hosting and e-commerce platform, posted a video illustrating to their EU customers the significant impact of removing PWA support in iOS 17.4 on their services.

Source: https://twitter.com/mysk_co/status/1760585742655308077

Apple has decided to remove Progressive web apps from iOS in EU. If you have a business in the EU or serve EU users via Web App/PWA, we must hear from you in the next 48 hours!

Does anyone know if there are any plans to support signing and reproducible builds with PWAs? Voyager (https://github.com/aeharding/voyager) is now reproducibly built on F-droid, and, naturally, signed for distribution as a native app, which is awesome, but those using the PWA do not have such guarantees.

I honestly don't even know where in the web stack signing and reproducible build support for PWAs would be integrated. Browser level? w3c spec? Or just some open source project that provides tools to build and deploy a webapp in a reproducible and verifiable bundle? idk

Anyways, I guess I just feel like PWAs could benefit from signing and reproducible builds. Imagine clicking "add to homescreen" and seeing a checkbox verifying that the webapp bundle you're installing was built from a specific git SHA and signed by the developer. (This obviously might be too low level for a regular user, but I'm sure some UX sugar could make this better.)

It would also allow for secure app updates - for example, rejecting an update in case the server distributing the PWA is compromised.

What are your thoughts?

Thought I would share my experience releasing a web app to the Apple App Store using Capacitor.

They asked a bunch of questions and wanted a couple small tweaks, but the stickler was the following issue:

Guideline 4.2 - Design - Minimum Functionality

Your app provides a limited user experience as it is not sufficiently different from a mobile browsing experience. As such, the experience it provides is similar to the general experience of using Safari. Including iOS features such as push notifications, Core Location, and sharing do not provide a robust enough experience to be appropriate for the App Store.

Next Steps

To resolve this issue, please revise your app to provide a more robust user experience by including additional native iOS functionality.

If you cannot - or choose not to - revise your app to be in compliance with the App Store Review Guidelines, you may wish to build an HTML5 web app instead. You can distribute web apps directly on your web site; the App Store does not accept or distribute web apps. For more information about creating web apps, refer to the Configuring Web Applications section of the Safari Web Content Guide. For a description of the HTML elements and attributes you can use in Safari on iPhone, check out Safari HTML Reference: Introduction. Please see attached screenshots for details.

Luckily, I was able to address this by adding a companion watch app. ChatGPT helped a lot (I know nothing re watchOS or SwiftUI) but it went pretty smoothly and only took a couple days for a basic MVP that syncs login state with the main app (with a custom Capacitor plugin for managing state).

The Watch app is here: https://github.com/aeharding/voyager/tree/main/ios/App/VoyagerWatch%20Watch%20App

Looking back, it was quite stressful, especially before the Watch app was built.

Has anyone else released a web app to the Apple App Store? What issues did you run into, if any, and how did you address them?