Building a Secure Snapchat Alternative

Motivation

It all started with a long-term relationship. To stay connected, my girlfriend and I decided to use Snapchat. However, as a security enthusiast, every time I sent a picture or message, my heart sank a little more. As I knew that privacy and Snapchat are no friends and that tools like SnapLion exists. So since I had no active side project, I decided to create a European alternative, where the signal protocol ensures that two only (twonly) can see the data being communicated, while maintaining the spirit of disappearing images and messages.

The initial motivation for the app was just to create a secure way to share short lived images with my girlfriend. But during development I started to love the idea of twonly a little bit more every day. Also the radicalisation of America, which in my opinion makes it increasingly difficult to impossible to rely on American companies like Snapchat or AWS, on which the messenger Signal is dependent, shows that we need a real alternative in Europe and twonly is my attempt to take a step in that direction.

Or with the words of the Former Federal Minister of Economics (Germany):

The next section will be a bit technical, but I'll try to be as high level as possible.

End-To-End Encryption

All communication between users is encrypted using the signal protocol. To ensure that no one is eavesdropping, users can compare session fingerprints, just like in Signal. To save bandwidth and storage, media files are encrypted using a symmetric key that is only generated for that use case. The ChaCha20-Poly1305 protected file is then uploaded once. For each recipient a unique download token is generated which can be used to download the file. The symmetric key is then sent via a signal-protocol protected message to the recipients, allowing the receiver to decrypt the media file. After all download tokens where used, the encrypted media file is then delete from the server.

Tech Stack

As a Rustacean, the backend was an easy choice. Rust is not only fun to work with, but it also offers the performance and safety I needed. The frontend, however, posed a challenge. I had never created an Android or iOS app before. Ultimately, I chose Flutter for its cross-platform capabilities and its plugin ecosystem.

The Backend

The communication between the app and the backend is handled via WebSockets, which provides a real-time experience. Messages are exchanged using Protocol Buffers (Protobuf), a protocol that integrates seamlessly with Rust using the prost crate. While vertical scaling isn’t possible at the moment, adding a Redis-like database to sync open WebSocket connections is straightforward as the backend was design to easily scale vertical. For the database, I opted for MariaDB, as I am most familiar with it. Since the backend doesn’t need to store much data, this choice works well for my needs.

The Frontend

As already mentioned, the front end is created with Flutter. The plugin ecosystem makes it easy to create a fully-fledged app. My current focus is on developing a quick, usable proof of concept. While the plugins are really cool for creating a quick proof of concept, each plugin comes with security risks, so I will try to reduce the use of these plugins to a point where those risks become more manageable.