Any interest in an end-to-end encrypted PeerJS?

[D1plo1d]

Hey, I just stumbled across PeerJS - so awesome - I didn't know anyone else was working on this problem!

I've been building public key based WebRTC signalling for DAT and WebSockets over at graphql-things. It's similar to PeerJS in that you don't have to deploy custom signalling servers for every new app but with a bit of end-to-end encryption that adds some nice properties:

1. You don't have to trust the signalling server to connect you to who you ask to connect to
2. In Beaker Browser you can forgo the signalling server altogether and can send signals over DAT
3. Your connections can't be hijacked even if the signalling server gets hacked
4. Every socket is based on a permanent public key identity that you can persist and reconnect to any time

Anyways, thought I'd say hey. If y'all are interested I'd love to look at how we could combine our efforts on this. And if you have sponsorship dollars I'd like to learn about that as well because I am a (very nearly) starving free software hacker at the moment. I'm free to chat any time this week.

Cheers,
Rob

[kidandcat]

With the new V2 of PeerJS, I don't see the point of this. The only moment when you need encryption is in the signaling, after that, WebRTC DataChannels are encrypted e2e. And now that V2 only needs an standard MQTT broker to work. The public MQTT broker will use SSL. And if you need more security than that, you only need to deploy your own MQTT Broker.

If you want to propose a modification, PRs are welcome. But I see this too heavy for having the signaling encrypted, it's like having DNS querys encrypted, for someone who is concerned about security, it may be benefitial, but it is an overheat for the rest of the people.

Also you can just use keys or any other method to confirm your caller is legit after being connected.

PD: we have created a group on Telegram, we can chat there :)
https://t.me/joinchat/ENhPuhTvhm8WlIxTjQf7Og

[dzcpy]

Any updates? It would be great to support e2ee in peerjs

[KreutzerCode]

Any updates? I am looking forward to this feature. Is there a reason why it was moved to the v3 milestone?

[jonasgloning]

PeerJS uses WebRTC, which is already end-to-end encrypted once a connection is established.

If you don't trust the PeerServer, this may not be enough: A malicious instance could modify the signalling messages during connection setup to create a MITM situation.
But what are the chances that we have a trusted anchor for identity, a trusted server hosting our application, but an unstrusted PeerServer?

If you are in this situation, please tell me more about your use case.