Merge pull request #1338 from dfinity/vetkeys-encrypted-chat

feat: vetkeys encrypted chat example

Author: andreacerulli

rust/vetkeys/encrypted_chat/README.md

@@ -0,0 +1,62 @@
+# Encrypted Chat
+
+| Rust backend | [![](https://icp.ninja/assets/open.svg)](https://icp.ninja/editor?g=https://github.com/dfinity/examples/tree/master/rust/vetkeys/encrypted_chat/rust) |
+| --- | --- |
+
+> **Disclaimer**: This is an *unfinished* prototype. DO NOT USE IN PRODUCTION.
+
+The **Encrypted Chat** example demonstrates how to use **[vetKeys](https://internetcomputer.org/docs/building-apps/network-features/vetkeys/introduction)** to build an end-to-end encrypted messaging application on the **Internet Computer (IC)**. Messages are encrypted on the sender's device and can only be decrypted by the intended recipients — the backend canister never sees plaintext.
+
+See [SPEC.md](./SPEC.md) for the full technical specification.
+
+## Features
+
+- **End-to-end encrypted messaging**: Messages are encrypted client-side using keys derived from vetKeys.
+- **Direct and group chats**: Support for both one-on-one and multi-participant conversations.
+- **Symmetric ratchet key rotation**: Keys evolve over time via a symmetric ratchet, providing forward security.
+- **Disappearing messages**: Messages expire and are automatically purged from both frontend and backend.
+- **Encrypted state recovery**: Users can recover their decryption capability across devices using IBE-encrypted key resharing.
+
+## Setup
+
+### Prerequisites
+
+- [Internet Computer software development kit](https://internetcomputer.org/docs/building-apps/getting-started/install)
+- [npm](https://www.npmjs.com/package/npm)
+
+### Deploy the Canisters Locally
+
+From the `rust` folder, run:
+```bash
+dfx start --background && dfx deploy
+```
+
+## Example Components
+
+### Backend
+
+The Rust backend canister manages:
+- Chat creation (direct and group) with configurable key rotation and message expiration periods.
+- Encrypted message storage and retrieval.
+- VetKey derivation for chat encryption keys, with epoch-based rotation.
+- Group membership management (add/remove participants).
+
+### Frontend
+
+The frontend is a SvelteKit application providing:
+- Internet Identity authentication.
+- Real-time encrypted messaging interface.
+- Local message caching with IndexedDB.
+- Automatic key ratcheting and vetKey epoch management.
+
+To run the frontend in development mode with hot reloading (after running `dfx deploy`):
+
+```bash
+cd frontend
+npm run dev
+```
+
+## Additional Resources
+
+- **[SPEC.md](./SPEC.md)** - Full technical specification of the encryption protocol.
+- **[What are VetKeys](https://internetcomputer.org/docs/building-apps/network-features/encryption/vetkeys)** - For more information about VetKeys and VetKD.

rust/vetkeys/encrypted_chat/SPEC.md

@@ -0,0 +1,24 @@
+test-results
+node_modules
+
+# Output
+.output
+.vercel
+.netlify
+.wrangler
+/.svelte-kit
+/build
+
+# OS
+.DS_Store
+Thumbs.db
+
+# Env
+.env
+.env.*
+!.env.example
+!.env.test
+
+# Vite
+vite.config.js.timestamp-*
+vite.config.ts.timestamp-*

rust/vetkeys/encrypted_chat/frontend/.gitignore

@@ -0,0 +1 @@
+engine-strict=true

rust/vetkeys/encrypted_chat/frontend/.npmrc

@@ -0,0 +1,9 @@
+# Package Managers
+package-lock.json
+pnpm-lock.yaml
+yarn.lock
+bun.lock
+bun.lockb
+
+# Miscellaneous
+/static/

rust/vetkeys/encrypted_chat/frontend/.prettierignore

@@ -0,0 +1,16 @@
+{
+	"useTabs": true,
+	"singleQuote": true,
+	"trailingComma": "none",
+	"printWidth": 100,
+	"plugins": ["prettier-plugin-svelte", "prettier-plugin-tailwindcss"],
+	"overrides": [
+		{
+			"files": "*.svelte",
+			"options": {
+				"parser": "svelte"
+			}
+		}
+	],
+	"tailwindStylesheet": "./src/app.css"
+}

rust/vetkeys/encrypted_chat/frontend/.prettierrc

@@ -0,0 +1,38 @@
+# sv
+
+Everything you need to build a Svelte project, powered by [`sv`](https://github.com/sveltejs/cli).
+
+## Creating a project
+
+If you're seeing this, you've probably already done this step. Congrats!
+
+```sh
+# create a new project in the current directory
+npx sv create
+
+# create a new project in my-app
+npx sv create my-app
+```
+
+## Developing
+
+Once you've created a project and installed dependencies with `npm install` (or `pnpm install` or `yarn`), start a development server:
+
+```sh
+npm run dev
+
+# or start the server and open the app in a new browser tab
+npm run dev -- --open
+```
+
+## Building
+
+To create a production version of your app:
+
+```sh
+npm run build
+```
+
+You can preview the production build with `npm run preview`.
+
+> To deploy your app, you may need to install an [adapter](https://svelte.dev/docs/kit/adapters) for your target environment.

rust/vetkeys/encrypted_chat/frontend/README.md

@@ -0,0 +1,6 @@
+import { expect, test } from '@playwright/test';
+
+test('home page has expected h1', async ({ page }) => {
+	await page.goto('/');
+	await expect(page.locator('h1')).toBeVisible();
+});

rust/vetkeys/encrypted_chat/frontend/e2e/demo.test.ts

@@ -0,0 +1,64 @@
+import prettier from 'eslint-config-prettier';
+import { includeIgnoreFile } from '@eslint/compat';
+import js from '@eslint/js';
+import svelte from 'eslint-plugin-svelte';
+import globals from 'globals';
+import { fileURLToPath } from 'node:url';
+import ts from 'typescript-eslint';
+import svelteConfig from './svelte.config.js';
+import path from 'node:path';
+
+const gitignorePath = fileURLToPath(new URL('./.gitignore', import.meta.url));
+
+export default ts.config(
+	includeIgnoreFile(gitignorePath),
+	js.configs.recommended,
+	...ts.configs.recommendedTypeChecked,
+	...svelte.configs.recommended,
+	prettier,
+	...svelte.configs.prettier,
+	{
+		languageOptions: {
+			globals: { ...globals.browser, ...globals.node }
+		},
+		rules: {
+			// typescript-eslint strongly recommend that you do not use the no-undef lint rule on TypeScript projects.
+			// see: https://typescript-eslint.io/troubleshooting/faqs/eslint/#i-get-errors-from-the-no-undef-rule-about-global-variables-not-being-defined-even-though-there-are-no-typescript-errors
+			'no-undef': 'off'
+		}
+	},
+	{
+		files: ['**/*.ts'],
+		languageOptions: {
+			parser: ts.parser,
+			parserOptions: {
+				projectService: true,
+				tsconfigRootDir: import.meta.dirname
+			}
+		}
+	},
+	{
+		files: ['**/*.svelte', '**/*.svelte.ts', '**/*.svelte.js'],
+		languageOptions: {
+			parserOptions: {
+				extraFileExtensions: ['.svelte'],
+				parser: ts.parser,
+				svelteConfig,
+				projectService: true,
+				tsconfigRootDir: import.meta.dirname
+			}
+		}
+	},
+	{
+		ignores: [
+			'dist/',
+			'src/declarations',
+			'*.config.js',
+			'*.config.ts',
+			'*.config.cjs',
+			'*.config.mjs',
+			'.svelte-kit',
+			'e2e/'
+		]
+	}
+);

rust/vetkeys/encrypted_chat/frontend/eslint.config.js

@@ -0,0 +1,63 @@
+{
+	"name": "svelte-latest",
+	"private": true,
+	"version": "0.0.1",
+	"type": "module",
+	"scripts": {
+		"build": "npm run build:bindings && vite build",
+		"dev": "npm run build:bindings && vite build --mode development && vite dev --host",
+		"build:bindings": "cd scripts && ./gen_bindings.sh",
+		"preview": "vite preview",
+		"prepare": "svelte-kit sync || echo ''",
+		"check": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json",
+		"check:watch": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json --watch",
+		"lint": "eslint . && prettier --check .",
+		"format": "prettier --write .",
+		"test:e2e": "playwright test",
+		"test": "npm run test:e2e"
+	},
+	"devDependencies": {
+		"@eslint/compat": "^1.2.5",
+		"@eslint/js": "^9.18.0",
+		"@playwright/test": "^1.57.0",
+		"@rollup/plugin-typescript": "^12.1.4",
+		"@sveltejs/adapter-auto": "^6.0.0",
+		"@sveltejs/kit": "^2.53.4",
+		"@sveltejs/vite-plugin-svelte": "^6.0.0",
+		"@tailwindcss/vite": "^4.0.0",
+		"@types/isomorphic-fetch": "^0.0.39",
+		"eslint": "^9.18.0",
+		"eslint-config-prettier": "^10.0.1",
+		"eslint-plugin-svelte": "^3.0.0",
+		"globals": "^16.0.0",
+		"prettier": "^3.4.2",
+		"prettier-plugin-svelte": "^3.3.3",
+		"prettier-plugin-tailwindcss": "^0.6.11",
+		"rollup-plugin-css-only": "^4.5.2",
+		"svelte": "^5.53.6",
+		"svelte-check": "^4.0.0",
+		"tailwindcss": "^4.0.0",
+		"tslib": "^2.8.1",
+		"typescript": "^5.0.0",
+		"typescript-eslint": "^8.20.0",
+		"vite": "^7.3.1",
+		"vite-plugin-environment": "^1.1.3"
+	},
+	"dependencies": {
+		"@dfinity/agent": "^3.1.0",
+		"@dfinity/auth-client": "^3.1.0",
+		"@dfinity/vetkeys": "^0.4.0",
+		"@melt-ui/svelte": "^0.86.6",
+		"@skeletonlabs/skeleton": "^3.1.7",
+		"@skeletonlabs/tw-plugin": "^0.4.1",
+		"@sveltejs/adapter-static": "^3.0.8",
+		"base64-js": "^1.5.1",
+		"cbor-x": "^1.6.0",
+		"fake-indexeddb": "^6.0.1",
+		"idb-keyval": "^6.2.2",
+		"isomorphic-fetch": "^3.0.0",
+		"js-base64": "^3.7.8",
+		"lucide-svelte": "^0.536.0",
+		"sass": "^1.90.0"
+	}
+}