Skip to content
This repository has been archived by the owner on Apr 19, 2024. It is now read-only.
Joachim Neumann edited this page Jun 28, 2018 · 25 revisions

Bisq Remote

Introduction

Bisq users with an open trade need to keep Bisq running on their computer, but might be afk. This Bisq proposal aims at providing a iOS and Android App that can receive notifications from the Bisq desktop app. The mobile Apps are not designed to ever evolve into a full Bisq node, but should rather serve as a remote control to the user's one Bisq node, which runs on his own computer.

Architecture

# Note: Version 1 only supports iOS and Android Push Notification Service. The architecture needs to be revised for version 2 (notifications over Tor). architecture

Figure 1: Data flow for the Bisq remote App In phase 1, using the Apple or Google push notification service. The notifications are sent from the Bisq desktop app to a Bisq notification node that acts as proxy to the Apple/Google Push Notification Service.(modify image)

Signal flow - Registering the phone

The registration of the phone should be as easy as possible. An encryption key and a notification token need to be exchanged. The only possibility to do this in one step is if the phone created the encryption ken and then transfers it together with the token which the phone gets from Apple or Google to the Bisq desktop app: setup

Figure 2: signal from during setup(modify image)

Steps:

  1. The mobile App registers with the Apple or Google notification service and receives a notification token. This happens in the background without any user interaction.
  2. The App instructs the user to start the Bisq desktop app and open the the menu item “Bisq remote” (This is currently not implemented in the Bisq desktop app).
  3. The user registers the phone with the Bisq desktop app by transferring the key and the token.
    • Method 1: A QR code with the Bisq Phone ID is created on the phone and scanned by the camera of the computer
    • Method 2: The user sends an email with the Bisq Phone ID from his phone to himself. On the computer he copies the Bisq Phone ID into the Bisq desktop app.
  4. Bisq should allow the user to
    • Add a new phone.
    • Remove phones that should no longer receive Bisq notifications.

Bisq Phone ID

The Bisq Phone ID consists of three parts which are separated by the "|" character:

  1. A Magic, either BisqPhoneiOS or BisqPhoneAndroid
  2. A 32 byte cryptographic key for symmetric encryption. This key is generated by the phone and used in the Bisq desktop app to encrypt the content of the notification.
  3. A Notification token, either from Apple or from Google.

Example: BisqPhoneAndroid|f89e5160b3634ee6b51995e06af3e33e|cEcb7vlj_SE:APA91bFYGqp_wsNv1OLHE3AeqUySkdUiNeuPv5yFmgGuOWqEMVycQrwPom8oq1iFNPbp7raLbPxC4cxW99yFmhH8fieyM2kXCyQxAG_y73hBha-TgtwR9r3MpQ852fljTVjw6zlOLD8t6UfhQkx81lvhyaSLe2Q

Signal flow - Notification

notification

Figure 3: signal from during usage - sending a notification from the desktop app to the phone (modify image)

Steps:

  1. The Bisq desktop app sends a notification to the Bisq notification node. The notification consists of the notification token and the encrypted message. (Tor)
  2. The Bisq notification node forwards the encrypted message to the Apple or Google Push Notification Service using the Notification token. The message is encrypted with the symmetric key. (HTTP)
  3. The Apple/Google Push Notification service sends the encrypted message to the iOS/Android device. (HTTP)
  4. The phone notifies the user of a new Bisq message without displaying the content of the message.
  5. When the user opens the mobile Bisq remote App, it displays the decrypted message.

Apple Push Notification Service

The Apple Push Notification Service has the advantage that the notifications reach the iOS device even if the Bisq remote App is not currently running. This convenience comes at the price that Apple knows when Bisq related notification are sent to the Bisq user. However, since the notifications are encrypted, Apple does not know the content of the message. The maximum notification payload size is 4 kilobytes (HTTP/2 API). In version 2, alternative notification mechanisms are planned, which do not involve Apple services.

Google Push Notification Service

We use firebase.google.com

Bisq notification node

The Bisq notification node acts as a proxy. This has the benefit that the Apple/Google certificate which is required to forward notifications to the Push Notification Service is not public. This makes it difficult to spam the Bisq notification node with the aim to have Apple or Google block Bisq notifications.
The Bisq notification node will be based on two components

  1. A provider server for the Apple Push Notification service (APNs)
  2. P2P network layer that allows to communicate to the Bisq nodes over Tor.
  3. Depending on the implementation details, a Apple APNs authentication token signing key or a provider certificate from Apple. Both are linked to the paid iOS developer account that is used to upload the Bisq remote App into the Apple App store.

Cryptography

I use the 128 bit AES/CBC/PKCS5Padding symmetric encryption algorithm. A fresh 16-character Initialization Vector will be created for each notification. This Initialization Vector will be attached to the notification.

Message Format (JSON)

Proposal:

{
  "aps" : {
    "alert" : "Bisq Notification",
    "sound" : "default",
    "bisqNotification" : {
      "comment" : "no comment",
      "notificationType" : "TRADE_ACCEPTED",
      "timestampEvent" : "2018-06-13 11:50:06",
      "version" : 1
    }
  }
}

List of valid Message objects:

Namer Text displayed in the Bisq remote App
OFFER_ACCEPTED Your offer has been accepted on May 27 at 18:32
Amount: 300 Euro
TRADE_COMPLETE Your trade has been completed on May 27 at 18:32
TRADE_ACCEPTED ...

Open Source and replicating the functionality

The code can be found here.

Screenshots and current design

The mobile App and the Bisq notification node are open source, preferably using AGPL. A user that wants to compile and run the mobile Bisq remote App himself and receive notifications, would also need to set up a new Bisq notification node that uses his Apple certificate. He can then point the Bisq desktop App to his own Bisq notification node and receive iOS notifications on his Bisq remote app.

Roadmap

Version 1

  • simple Notifications using the iOS notification service
  • Optional passcode protection of the mobile App
  • Iterations on User Experience and Graphic Design
  • Testing

Version 2

  • Android App with the same functionality
  • Optional notification without Apple Servers (requires the app to run in background). The user can select iOS notification (better user experience, but less privacy) or a proprietary notification mechanism (WebSockets, WhatsApp 3rd party, data pull, ???)
  • Additional notifications from Bisq to the mobile App
  • Notifications from the mobile App to Bisq (“the fiat money has arrived on my account, the trade can be finalised”)
  • Price alerts for attractive offers
Clone this wiki locally