Pattern β : Bob hasn't done the initial DMTP setup

Until Bob finishes the initial setup, the messages to Bob are encrypted with the shared key (Alice & DMTP) and stored. At this time, the messages are not E2EE and we (DMTP) can see the messages.

Once Bob finishes the initial setup and generates keys, DMTP encrypts the messages with the shared key (Bob & DMTP) and delivers it to Bob. Bob re-encrypts the messages with the shared key (Alice & Bob). Finally, those messages are stored in DB and others encrypted with the DMTP shared key are deleted. This makes them E2EE and no one can decrypt them. even later.

Now let's take a look at the detailed flow

Sending Messages

1. DMTP server verifies the signature and prove that DMTP key pair haven't been manipulated.

2. Alice client retrieves DMTP's pubKeyfrom the DB

3. Alice decrypts Alice’s DMTP_priKey with her wallet.

4. Alice generates the combined secret from Alice’s DMTP_priKey and DMTP’s DMTP_pubKey

5. Alice encrypts messages with combined key (Alice & DMTP)

6. Store the encrypted messages in the DB and IPFS

   The data to be stored will look something like this.

   {
     "messages":"ENCRYPTED_MESSAGE_WITH_COMBINE_ALICE_AND_DMTP",
     "sender": "SENDER_WALLET_ADDRESS",
     "receiver": "RECEIVER_WALLET_ADDRESS",
     "timestamp": "TIMESTAMP"
   }

7. The CID of message data is stored in Message table in DB and CID table in DB

   【Messages Table】 ⇒ CID

   【CIDs Table】 ⇒ [CID, CID, CID, CID, CID, CID]

8. The Message table is stored in Processing Chats in 【Users Table】

   【Users Table】⇒ Processing Chats　[ Room ID, Room ID, Room ID]

9. Periodically, sync all data in CID table to IPFS and get CID

   All CIDs are stored in this file

   {
     "ROOM_ID_A": ["CID", "CID", "CID", "CID", "CID"],
     "ROOM_ID_B": ["CID", "CID", "CID", "CID", "CID"],
     "ROOM_ID_C": ["CID", "CID", "CID", "CID", "CID"],
   }

10. This CID is stored in the blockchain (Polygon)

    string[] cids;
    function storeCID(string memory _cid) public onlyOwner{
      cids.push(_cid);
    }

After Bob's initial DMTP setup is complete

1. Once Bob's initial DMTP setup is complete, DMTP server retrieves all message data and Bob's DMTP_pubKey

2. DMTP server verifies the signature and prove that DMTP key pair haven't been manipulated.

3. DMTP server generates the combined key from DMTP’s priKey and Alice's DMTP_pubKey and decrypts all messages with that.

4. DMTP server generates the combined key from DMTP’s priKey & Bob's DMTP_pubKey,and encrypts all messages with that. The encrypted message is updated in DB

5. Bob client retrieves the encrypted message (DMTP & Bob) & DMTP key pair

   1. Decrypts the encrypted DMTP_priKey with Bob’s priKey

   2. Generates the combine secret from Bob’s DMTP_prikey & DMTP’s DMTP_pubKey

   3. Use the combined secret(Bob & DMTP) to decrypt all messages

   4. Generates the combine secret from Bob’s DMTP_prikey & Alice’s DMTP_pubKey

   5. Use the combined secret (Alice & Bob) to decrypt all messages

6. Update message data stored in DB

7. Store new message data in IPFS and get CID

8. Store CID in DB

9. Periodically, sync all data in CID table to IPFS and get CID

   All CIDs are stored in this file

   {
     "ROOM_ID_A": ["CID", "CID", "CID", "CID", "CID"],
     "ROOM_ID_B": ["CID", "CID", "CID", "CID", "CID"],
     "ROOM_ID_C": ["CID", "CID", "CID", "CID", "CID"],
   }

10. This CID is stored in the blockchain (Polygon)

    string[] cids;
    function storeCID(string memory _cid) public onlyOwner{
      cids.push(_cid);
    }