You host your own service, which can also federate with other Databag nodes. It is Public-Private key based identity (not bound to any blockchain or hosting domain) and End-to-End encrypted (the hosting admin cannot view sealed topics, default unsealed).

This is not a service for finding friends in your contact list. You, or your organisation, hosts the service, and has completely private and secure chatting amongst yourselves.

Another use-case may be if you are visiting a foreign country which blocks many public messenger services. This app would connect back to your private server, which is very unlikely to have been blocked.

See https://github.com/balzack/databag

#technology #opensource #privacy #selfhosted

  • Arthur BesseA
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    1
    ·
    2 years ago

    i’m cross-posting my comment originally from this thread about some other snakeoil to these two threads about databag i see now:

    is the databag protocol/design documented somewhere? does it claim to have forward secrecy?

    from a quick glance I see here they’re generating an AES key from a passphrase and using it to encrypt an RSA private key, which is… not a good sign.

    fwiw https://simplex.chat is another thing which seems to have similar goals and functionality but is better documented.