Frog: Bitmessage for the web!

[bytemaster]

Sender & Receiver address is anonymous.

The receiver could filter messages on the client side, but they would still flow through the network.

[Peter Lambert]

I think this is a great project. I tried to install Bitmessage on my computer, but only manual install is availible for OSX, and I must have done something wrong because I just can't get it to work. Having an easy to install and use version would be great.

I hope this doesn't come off as mean, ... Your a programmer, try and get BTC3.5 by working for someone else.

Also don't tell your parents this but college is a scam. I just graduated from college (23yrs old), ... I think your really talented, and you should be hustling in the bitcoin community. ... Wait until your 17, you be driving a Benz maybe even a ferrari to school Take my advice, bootstrap, hustle, you will be big... And when your starting your own companies you come to me for funding ok.

I hope this doesn't come off as mean, but how do you get through college and not know how to use "your" and "you're" correctly?

[intellivision]

I think that bringing Bitmessage to smartphones is probably one of the best ways of getting this protocol into the public space.
However, don't take this the wrong way since I do like the concept, I feel as though a seperate service to send/receive/work messages detracts security, or at least some anonymity, from the network. Not that it could be the case, it's just how I feel.

I would still love to see this come to fruition though.
I'd like to see the offering of more options like local PoW on the user's device (I know ARM isn't that powerful, but it's not Bitcoin mining) or their remote machine with BM PoW software installed, such as a home server.

Also, will you be writting the client in HTML5?

[moltenmich]

Congrats on the fully funded bitcoinstarter project! 

[Jaxkr]

Congrats on the fully funded bitcoinstarter project! 

That is an adorable frog. 

[Jaxkr]

I think that bringing Bitmessage to smartphones is probably one of the best ways of getting this protocol into the public space.
However, don't take this the wrong way since I do like the concept, I feel as though a seperate service to send/receive/work messages detracts security, or at least some anonymity, from the network. Not that it could be the case, it's just how I feel.

I would still love to see this come to fruition though.
I'd like to see the offering of more options like local PoW on the user's device (I know ARM isn't that powerful, but it's not Bitcoin mining) or their remote machine with BM PoW software installed, such as a home server.

Also, will you be writting the client in HTML5?

Yes. The client will be using HTML5 technologies, such as a client side DB.
Also, I will be taking a lot of precautions to keep the service anonymous with the frog nodes. I'll write a blog post on this soon, and give you a link.

[intellivision]

I think that bringing Bitmessage to smartphones is probably one of the best ways of getting this protocol into the public space.
However, don't take this the wrong way since I do like the concept, I feel as though a seperate service to send/receive/work messages detracts security, or at least some anonymity, from the network. Not that it could be the case, it's just how I feel.

I would still love to see this come to fruition though.
I'd like to see the offering of more options like local PoW on the user's device (I know ARM isn't that powerful, but it's not Bitcoin mining) or their remote machine with BM PoW software installed, such as a home server.

Also, will you be writing the client in HTML5?

Yes. The client will be using HTML5 technologies, such as a client side DB.
Also, I will be taking a lot of precautions to keep the service anonymous with the frog nodes. I'll write a blog post on this soon, and give you a link.

Thanks, I'll be looking forward to reading it, and congratulations on the funding.
One more question, since would your client is written in HTML5 (I'm assuming the PoW part will be separate or in asm.js) will it be making an appearance on the Firefox Marketplace once released?

[Jaxkr]

I think that bringing Bitmessage to smartphones is probably one of the best ways of getting this protocol into the public space.
However, don't take this the wrong way since I do like the concept, I feel as though a seperate service to send/receive/work messages detracts security, or at least some anonymity, from the network. Not that it could be the case, it's just how I feel.

I would still love to see this come to fruition though.
I'd like to see the offering of more options like local PoW on the user's device (I know ARM isn't that powerful, but it's not Bitcoin mining) or their remote machine with BM PoW software installed, such as a home server.

Also, will you be writing the client in HTML5?

Yes. The client will be using HTML5 technologies, such as a client side DB.
Also, I will be taking a lot of precautions to keep the service anonymous with the frog nodes. I'll write a blog post on this soon, and give you a link.

Thanks, I'll be looking forward to reading it, and congratulations on the funding.
One more question, since would your client is written in HTML5 (I'm assuming the PoW part will be separate or in asm.js) will it be making an appearance on the Firefox Marketplace once released?

I plan to release the client solely as a web app located on a site, rather than a browser app. This is for portability, so you can pick it up on your phone or another computer.

The proof of work is a sticky situation, and I might use asm.js or something of the like.
The exact 2 lines of code that do the PoW in PyBitmessage are

Code:

nonce += 1
trialValue, = unpack('>Q',hashlib.sha512(hashlib.sha512(pack('>Q',nonce) + initialHash).digest()).digest()[0:8])

Unfortunately for me, this could not use more language specific features.
It's unpacking as a big endian unsigned long long. I haven't found a library to do this, as the node bufferpack and jspack don't support this type. I believe it's a limitation in JavaScript itself.
The next part of this in a double binary sha512 hash. I CAN do this in JS with nodejs code ported to the browser. However, the binary hashes don't match the python ones as JS can't handle binary data like that. The hex hashes match, though.

I'll go into detail on this when the dev blog is up. If anyone has any suggestions on how to implement this, I'd appreciate it.

[bluemeanie1]

 Email with PGP is already ridiculously easy to use, works with existing infrastructure and has been PROVEN to be secure.

 -bm

It seems like Bitmessage won't become wildly popular unless we can make it ridiculously easy to use.
Frog will solve this by being a very easy to use Bitmessage client for the web.

How will Frog work?
Frog will function very similarly to the Electrum Bitcoin client. The user's client reads data from the network off of a pool of servers.
When you open the Frog application in your browser, it automatically connects to an available Frog server that runs the complete Bitmessage software. When you send a message, your browser completes the proof-of-work necessary for propagation, and sends it to a Frog node. Then, the Frog node follows the standard protocol to send the message to the Bitmessage network.

But, wouldn't this decrease decentralization?
Not really. Since the birth of Electrum, the community has put up dozens of servers for the client to use. This has resulted in the creation of reliable supernodes that benefit the entire Bitcoin network.

Just like Electrum, anyone can put up a Frog server for the clients to use. So the servers will not be controlled by a centralized authority. Also, since a proof-of-work is required for sending Bitmessages, attacking these servers will be very difficult. Frog nodes will have all the protections a regular Bitmessage node has. So Frog will result in the creation of supernodes, which will help the entire Bitmessage network

Will it be open source?
Yes.

What's your timeline?
I am currently on my summer vacation and have a lot of free time on my hands. I estimate having a funtional beta by August.

Frog will help conquer surveillance by putting great tools into more hands. Help us make it a reality.

Funding successful, and work begun a while ago!


Here is my GitHub, and a dev blog will be up as soon.

[Jaxkr]

Email with PGP is already ridiculously easy to use, works with existing infrastructure and has been PROVEN to be secure.

 -bm

This is an argument against Bitmessage in general. You should talk to Atheros about that.
Also, email with PGP isn't truly anonymous nor is it decentralized. Your mail server could be seized or go down at any time.

[bluemeanie1]

Email with PGP is already ridiculously easy to use, works with existing infrastructure and has been PROVEN to be secure.

 -bm

This is an argument against Bitmessage in general. You should talk to Atheros about that.
Also, email with PGP isn't truly anonymous nor is it decentralized. Your mail server could be seized or go down at any time.

part of the value proposition with BitMessage was it was supposed to be easy to use.

seems the only remaining value proposition is "I Haz A Blockchain".

[marcus_of_augustus]

Email with PGP is already ridiculously easy to use, works with existing infrastructure and has been PROVEN to be secure.

 -bm

This is an argument against Bitmessage in general. You should talk to Atheros about that.
Also, email with PGP isn't truly anonymous nor is it decentralized. Your mail server could be seized or go down at any time.

part of the value proposition with BitMessage was it was supposed to be easy to use.

seems the only remaining value proposition is "I Haz A Blockchain".

bitmessage is as easy to use as

Code:

git clone https://github.com/Bitmessage/PyBitmessage.git
cd PyBitmessage/src
python bitmessagemain.py

 .... how exactly could you manage to get confounded by that?

bitmessage doesn't use a blockchain ... at least get your facts right if you are going to be the uber-critic ... btw, what have you done recently?

PGP mails are a major pain in the ass to use in a properly secure way, particularly alongside regular plain-text mails in the same inbox and suffer from other security weaknesses ... and it is a kludge on top of an insecure layer so will never be a long term solution.

Bitmessage might not be perfect, but it is a great start ... but has none of the problems you have pointed out.

[bluemeanie1]

Email with PGP is already ridiculously easy to use, works with existing infrastructure and has been PROVEN to be secure.

 -bm

This is an argument against Bitmessage in general. You should talk to Atheros about that.
Also, email with PGP isn't truly anonymous nor is it decentralized. Your mail server could be seized or go down at any time.

part of the value proposition with BitMessage was it was supposed to be easy to use.

seems the only remaining value proposition is "I Haz A Blockchain".

bitmessage is as easy to use

if it's easy to use, why the startup?

uber-critic?  unfortunately the environment around bitcoin appears to be one where no one ever questions anyone's claims, and thus erroneous ideas seem to float around unchecked.  If that's the kind of thing you want, then go right ahead.  I guess with experience, you learn to have a zero-tolerance policy for BS.  If you want to contribute and support a project simply because it's 'cool', then go right ahead.  Talk to me again when you're all grown up and ready to do something real with your life.

PGP works perfectly fine and is KNOWN to be secure.  Why don't people contribute to one of the may PGP/email projects out there?  or encrypted IM?  There has been loads of work on how to do secure messaging, why Bitmessage?  Does it even suggest where it fits in this realm?  How it compares to other similar technologies? 

http://en.wikipedia.org/wiki/Secure_messaging

You're calling me ubercritical, but I have to say it's a bit arrogant to ignore and entire FIELD of study.  Where is the work on why this is an improvement over other secure messaging protocols?  There have been hundreds of publications in this area.

time to grow up guys.

[Jaxkr]

Email with PGP is already ridiculously easy to use, works with existing infrastructure and has been PROVEN to be secure.

 -bm

This is an argument against Bitmessage in general. You should talk to Atheros about that.
Also, email with PGP isn't truly anonymous nor is it decentralized. Your mail server could be seized or go down at any time.

part of the value proposition with BitMessage was it was supposed to be easy to use.

seems the only remaining value proposition is "I Haz A Blockchain".

bitmessage is as easy to use

if it's easy to use, why the startup?

First of all, before criticizing Bitmessage please understand how it works. You can read the whitepaper here. Bitmessage doesn't use a blockchain or anything very similar.

Secondly, Bitmessage is still tied to the desktop client. This app is a portable web client.

[marcus_of_augustus]

Email with PGP is already ridiculously easy to use, works with existing infrastructure and has been PROVEN to be secure.

 -bm

This is an argument against Bitmessage in general. You should talk to Atheros about that.
Also, email with PGP isn't truly anonymous nor is it decentralized. Your mail server could be seized or go down at any time.

part of the value proposition with BitMessage was it was supposed to be easy to use.

seems the only remaining value proposition is "I Haz A Blockchain".

bitmessage is as easy to use

if it's easy to use, why the startup?

sounds like its for mobile devices ... didn't you read the OP either? ... you're just trolling again aren't ya blueman? and I think he means one-click easy to use as opposed to three CLI easy-to-use

but hey you want to argue semantics you'll find something I'm sure ... in 1 - 2 - 3 ... and there he is

[bluemeanie1]

Email with PGP is already ridiculously easy to use, works with existing infrastructure and has been PROVEN to be secure.

 -bm

This is an argument against Bitmessage in general. You should talk to Atheros about that.
Also, email with PGP isn't truly anonymous nor is it decentralized. Your mail server could be seized or go down at any time.

part of the value proposition with BitMessage was it was supposed to be easy to use.

seems the only remaining value proposition is "I Haz A Blockchain".

bitmessage is as easy to use

if it's easy to use, why the startup?

First of all, before criticizing Bitmessage please understand how it works. You can read the whitepaper here. Bitmessage doesn't use a blockchain or anything very similar.

Secondly, Bitmessage is still tied to the desktop client. This app is a portable web client.

you guys are seriously hilarious.

so you're going to take away Bitmessage's decentralization to make it 'easier' to use.  Why dont I use Cryptocat, GPG Tools, or any number of other secure messaging protocols out there?  Did you even stop for moment to think how this product compares at the end user level?

this is too funny.

[bluemeanie1]

I notice also these projects seem to have an abundance of input from Graphic Designers, Video Script Producers, Cheerleaders, etc.

It's kind of unfortunate really what has happened to Open Source.  It used to be about engineering, now it's about making these 'projects' to attract investors and the like.  It's nothing about what it was originally.

[intellivision]

I think that bringing Bitmessage to smartphones is probably one of the best ways of getting this protocol into the public space.
However, don't take this the wrong way since I do like the concept, I feel as though a seperate service to send/receive/work messages detracts security, or at least some anonymity, from the network. Not that it could be the case, it's just how I feel.

I would still love to see this come to fruition though.
I'd like to see the offering of more options like local PoW on the user's device (I know ARM isn't that powerful, but it's not Bitcoin mining) or their remote machine with BM PoW software installed, such as a home server.

Also, will you be writing the client in HTML5?

Yes. The client will be using HTML5 technologies, such as a client side DB.
Also, I will be taking a lot of precautions to keep the service anonymous with the frog nodes. I'll write a blog post on this soon, and give you a link.

Thanks, I'll be looking forward to reading it, and congratulations on the funding.
One more question, since would your client is written in HTML5 (I'm assuming the PoW part will be separate or in asm.js) will it be making an appearance on the Firefox Marketplace once released?

I plan to release the client solely as a web app located on a site, rather than a browser app. This is for portability, so you can pick it up on your phone or another computer.

The proof of work is a sticky situation, and I might use asm.js or something of the like.
The exact 2 lines of code that do the PoW in PyBitmessage are

Code:

nonce += 1
trialValue, = unpack('>Q',hashlib.sha512(hashlib.sha512(pack('>Q',nonce) + initialHash).digest()).digest()[0:8])

Unfortunately for me, this could not use more language specific features.
It's unpacking as a big endian unsigned long long. I haven't found a library to do this, as the node bufferpack and jspack don't support this type. I believe it's a limitation in JavaScript itself.
The next part of this in a double binary sha512 hash. I CAN do this in JS with nodejs code ported to the browser. However, the binary hashes don't match the python ones as JS can't handle binary data like that. The hex hashes match, though.

I'll go into detail on this when the dev blog is up. If anyone has any suggestions on how to implement this, I'd appreciate it.

I'm not very knowledgeable when it comes to this sort of thing, but would it be possible for you to use the C++ library in JS through Emscripten?

[Jaxkr]

Frog is a great idea.

However I think for bitmessage to be a success there needs to evolve a market for pow, people are not going to want to drain mobile computing resources to send potentially 100s of benign  msgs in 1 day. Or trade pow credits from other computing resources

Just my opinion but I think that is an important missing piece

You read my mind.
I already have a "stamps" program planned. For about .3 mBTC, you will be able to purchase a credit (or "stamp") that gets your messages processed by powerful PoW servers will a lot of GPUs.
This is how the service will pay for itself, and be usable on mobile devices.

Interesting ... so people with lots of mBTC can afford to send junk mails I suppose ... can a receiver set his 'postage' high enough to discourage low-ball (i.e. low difficulty PoW" messages from arriving?

That's a possible solution.
I'll probably just strictly limit the amount of stamps that can be bought, though.

[Jaxkr]

I just registered the domain frog.li, and have pointed it at the dev blog.
http://blog.frog.li/ is the blog, and frog.li simply redirects to the blog, as there isn't anything there yet.