GNUnet Messenger API: March 2026

Hello again,

this month I’ve contributed a bit across all kinds of services from GNUnet. It started with minor adjustments to the Messenger service inside GNUnet, fixing an issue in the encryption of SECRET messages. Before that it would use an encrypt-and-mac paradigm that might lead to an attacker breaking the encryption. This has been changed to use the encrypt-then-mac paradigm which is more typical for authenticated encryption. I should note that these changes break compatibility to previous version of the service and it only improves the security attributes of the forward secrecy which is using the SECRET messages.

There have also been adjustments to ensure compatibility with changes in the crypto module of GNUnet which introduced syntax changes. Adding to this I’ve started debugging GNUnet services from CORE, DHT, CADET to REGEX and more. I’ve noted that some services were using a completely different peer identity key than underlying communicators which handle the communication on the TRANSPORT layer. So I’ve looked into how they would utilize the rather new PILS service that aims to signal peer identity changes when interfaces notify changes in connectivity. Multiple services were not using PILS correctly or at all. However the communicators did and therefore a mismatch in derivation of peer identity keys appeared.

So I went through all services that used the peer identity key in any way within GNUnet and implemented changes to form consistency in regards to using the PILS service. That way the mismatches could be resolved and I could debug functionality further.

It required a lot more internal changes for those adjustments because the PILS service introduced that any other service would call a function to sign or decrypt anything using the private key from the peer identity asynchronously. However those function calls have been synchronous until the PILS service got realized. So a lot of memory had to be moved from stack to heap alone to make this work and I would think in the future there will be more optimizations and major rewrites necessary to deal with all of this more efficiently.

Besides those changes I’ve also implemented a new cli tool for the REGEX service inside GNUnet because it came in handy to debug its functionality outside of libgnunetchat. Also I tried to fix or reduce a bunch of errors filling up the logs during all my practical testing. So a lot of this work ended up in the latest release of GNUnet as well.

In addition to this release of GNUnet there have been a new release of libgnunetchat, messenger-cli and messenger-gtk which are compatible with another. So the latest version of those applications finally ship the necessary changes to manage account secrets for encryption of group and epoch keys.

So while that has been done, I’ve continued to make a few minor adjustments to the GTK4 port of the Messenger application front-end. Hopefully I can finish my work on this over the upcoming months for a next release. There are still things I plan for the Messenger service in GNUnet too. But that seems to take a little longer.

Kind regards,
Jacki

Read original article

Popular posts from this blog

GNUnet Messenger API: July 2025

Image
Hi there, unfortunately I didn’t make it to write a blog post last month. I was quite busy closing open ends of other projects while there were quite some bugs and issues to be solved in the Messenger service of GNUnet . On the bright side this means I have a lot to talk about this month. Most critical issues could be solved already, test cases of libgnunetchat pass again with all latest changes and the end-to-end encrypted chats seem to work as intended. I am still encountering some issues that messages do not get received immediately from chats or the chats can behave somewhat inconsistent. However it’s likely some condition caused by parallel events or a very specific order of events that’s difficult to reproduce. But these issues only seem to appear on reopening old chats from a previous session. The current sessions simply seem to work properly. Invitations do now respond to input feedback all the time and chat types get visualized depending on actual bits in a chat room’s key....
Read more

GNUnet Messenger API: September 2025

Hey, a few days ago GNUnet 0.25.0 got released with the latest changes to the CORE layer and containing the new PILS service reducing the risk of being tracked while using GNUnet over a wider area. The MESSENGER service might still have some issues working properly with these changes but I will let you know here when I implemented necessary changes to utilize the new PILS service. This will be necessary because the MESSENGER service actually requires to track peers collaborating in message exchange to some degree. It won’t be necessary to link peer identities to individual chat room members. At the same time switching networks on abstract level like walking around with your mobile device or switching from physical connection to WiFi shouldn’t cause issues, message loss or heavy disconnections. So it will be fun to tackle this! However I’m very optimistic GNUnet is going in the right direction with all this work on its fundamental layers. There are still issues underlying in the TR...
Read more

GNUnet Messenger API: October 2025

Image
Hi there, this month I started to port the messenger application from GTK3 and libhandy to GTK4 and libadwaita . So far the progress looks pretty good. I still need to adjust some widgets to avoid usage of some deprecated ones. There is some logic missing to upload files because file dialogs and widgets from GTK3 using those haven’t been ported exactly. So things need to change. Screenshot of the main window ported to GTK4 If you are interested in testing the changes so far, I have pushed all commits to a separate branch so far. While porting I have also noticed some bugs in the application and libgnunetchat API which might cause crashes or freezes. I will try to solve them before any release but I’m very confident that the next release will contain all the changes towards GTK4. Hopefully this will help long-term with reducing CPU load in case of image file previews and video streams. Also I’d like to add in-place video previews for shared files instead of relying on the vide...
Read more