The Internet was born in the 1990s and, year after year has revolutionised the way we communicate, do business and consume news and television. In many ways, it has democratised access to information and drastically reduced the cost of global communications. Still, it has also raised ordinary citizens’ expectations of access to communications, news and privacy.
The second wave of sites like Wikileaks, Facebook and Twitter – known as Web 2.0 and others like Youtube, Linkedin and publishing platforms like WordPress changed the way information was published and made it harder to hide. Whatever the news is, sooner or later, it will be revealed.
Ethereum was born in this environment. A few months after the Snowden revelations, Gavin Wood, co-founder of Ethereum, wrote an article outlining his vision for Web 3.0. Wood outlines an identity-based pseudonymous low-level messaging system that provides its users (individuals and DApps) with hash-based identities, privacy guarantees, encrypted messages, encryption guarantees about the sender, and a message with a defined time-to-live.
In this article, we will discuss what Ethereum Whisper is.
What is Ethereum Whisper?
Whisper is an Ethereum P2P communication protocol that enables messaging between DApps. It offers a simple API that allows us to send encrypted messages over the Ethereum blockchain and receive and decrypt messages using hash keys. Whisper is currently in POC 2 and supports geth and parity clients. It can be used for DApp publish-subscribe coordination signals and to build secure, untraceable decentralised communication.
Whisper Protocol
Whisper currently uses the devp2p ssh protocol string. When sending encrypted messages, the message content can be encrypted asymmetrically or symmetrically by default.
Asymmetric cryptography, also known as public-key cryptography, uses public and private keys to encrypt and decrypt data. A key is public and shared with everyone. The other is the private key; only the owner can see or access the private key information. When encrypting a Whisper message, it uses a built-in standard elliptic curve encryption scheme and an SECP-256k1 public key to encrypt the message; another key is used for decryption. On the other hand, symmetric cryptography (also called key) uses a hash key using the AES-GCM algorithm and a 96-bit random nonce for encryption and decryption. It usually helps with one-to-many messages. The sender and receiver use the same symmetric key to encrypt and decrypt messages.
Whisper Envelopes
The whisper envelope contains an encrypted payload and some metadata in plain text. It is sent and received by Whisper nodes.
Each box in the Whisper envelope contains important information about the message:
- Version: Up to 4 bytes (currently, one byte contains zero) and specifies the encryption method. If the version is higher than the current version, the envelope cannot be decrypted, so it can only be forwarded to the far end.
- Expiry: This is the expiration time for the message (Unix time in seconds).
- TTL: This defines the lifetime (in seconds) of the message.
- Topic: This is 4 bytes of arbitrary data.
- AESNonce: Used for symmetric encryption and represents 12 bytes of random data.
- Data: This is the encrypted byte array data.
- EnvNonce: This is 8 bytes of arbitrary integer data used for Proof of Work (PoW) calculations.
Whisper Message
The envelope payload contains encrypted byte array data; the Whisper message is in plain format. This is the structure of the message: flags, optional padding, payload, optional signature.
Let’s explain the structure in more detail:
- Flags: Flags have one byte to indicate that the message has a signature.
- Padding: Used to adjust message size, may contain arbitrary data.
- Signature: This is the signature used to send the message. It is the ECDSA signature of the Keccak-256 hash of the unencrypted data.
- Payload: This is the payload of the message.
Whisper messages are sent to all Whisper nodes via TTL and PoW consensus to prevent direct denial of service (DDoS) attacks. Nodes pass through the envelope, and only the recipient with the private key can read the message. Now we understand the basic structure of the whisper message—time to look at an example.
Whisper Example
To run Whisper, you need to install geth and then use the whisper option to connect to the geth node as follows:
geth –rpc –shh -ws
In the previous command, we can see the following:
- The –rpc option is used to enable message communication over RPC. The –ssh option is used to enable the whisper protocol.
- The –ws option is used to enable the WebSocket protocol for real-time messaging.
Posting a message: To publish a whisper message, we need a public key to encrypt the message:
- First, we will initialise the whisper client using go-ethereum’s whisper client API and connect to the local geth node via WebSocket over the default port number 8546.
- Then we generate the public and private keys via the NewKeyPair function.
The go-ethereum Whisperv6 package provides a NewMessage API to send messages to the network.
Receiving a message: To receive a whisper message, we need a private key to decrypt the message:
- First, we initialise the whisper client with the go-ethereum whisper client API and connect to the local geth node via WebSocket using the default port number 8546.
- Then we call NewKeyPair to get the private key with keyID.
After that, we use the private key to get the message. Whisper nodes use the devp2p Wire protocol for P2P communication. It is currently in the alpha stage.
Conclusion
Building Web 3.0 is a daunting task. Many companies are trying to fix the internet. Success or failure varies from person to person. But the Ethereum project had a vision from the start to transforming the internet. Therefore, to call Ethereum just a cryptocurrency platform or a smart contract platform would be an understatement. A complete ecosystem has been built alongside the Ethereum blockchain.
Judging by the launch of Ethereum itself, the built-in incentive system and the activity surrounding the other two forks (Swarm and Whisper and projects like Status.im), it is reasonable to expect some very interesting changes on the internet in the coming years as we know.