Skip to content
This repository has been archived by the owner on Apr 19, 2024. It is now read-only.
Joachim Neumann edited this page Jun 28, 2018 · 25 revisions

Bisq Remote

Introduction

Bisq users with an open trade need to keep Bisq running on their computer, but might be afk. This Bisq proposal aims at providing a iOS and Android App that can receive notifications from the Bisq desktop app. The mobile Apps are not designed to ever evolve into a full Bisq node, but should rather serve as a remote control to the user's one Bisq node, which runs on his own computer.

Architecture

# Note: Version 1 only supports iOS and the Apple Push Notification Service. The architecture needs to be revised for version 2 for Android and non-Apple push notifications. architecture Figure 1: Data flow for the Bisq remote App In phase 1, using the iOS notification service. The notifications are sent from the Bisq desktop app to a Bisq notification node that acts as proxy to the Apple Push Notification Service.(modify)

Signal flow - initial setup

screen shot 2018-06-13 at 09 35 22

Figure 2: signal from during setup and first use (modify)

Steps:

  1. The App registers registers with the Apple notification service and receives in Apple token. This happens in the background without user interaction.
  2. The App instructs the user to start the Bisq desktop app and open the the menu item “Bisq remote” (This page is currently not implemented).
  3. Bisq shows all currently connected remote smartphones and allows to
    • Remove smartphones so that these will no longer receive Bisq notifications.
    • Add a new smartphone that should receive Bisq notifications. In this case the Bisq desktop app generates a new cryptographic key for symmetric encryption (e.g., 256 bits). This key is displayed as QR code. A version 4 or version 5 QR code can easily hold these bits.
  4. The user scans the QR code with the camera of the smartphone.
  5. The user needs to transfer the Apple token to the Bisq desktop App. He has three options a. Manually copy the Apple token from his phone to the Bisq App a. Produce the Apple token as QR code on his phone and scan it with the camera of his computer a. Use his phone to send an email to himself with the Apple token, receive the email on his computer and copy/paste it into Bisq

Signal flow - Notification

screen shot 2018-06-13 at 09 35 16

Figure 3: signal from during usage - sending a notification from the desktop app to the phone (modify)

Steps:

  1. The Bisq desktop app sends a notification to the Bisq notification node. The notification consists of the Apple token and the encrypted message. (Tor)
  2. The Bisq notification node forwards the encrypted message to the Apple Push Notification service using the Apple token. The message is encrypted (a) with the symmetric key provided by the Bisq desktop App and (b) with an encryption key provided by Apple. (HTTP)
  3. The Apple Apple Push Notification service sends the encrypted message to the iOS device. (HTTP)
  4. iOS notifies the user of a new Bisq message - with or without displaying the content of the message (this part is not finalised yet and might depend on the encryption used).
  5. When the user opens the mobile Bisq remote App, it displays the decrypted message.

Apple Push Notification Service

The Apple Push Notification Service has the advantage that the notifications reach the iOS device even if the Bisq remote App is not currently running. This convenience comes at the price that Apple knows when Bisq related notification are sent to the Bisq user. However, since the notifications are encrypted, Apple does not know the content of the message. The maximum notification payload size is 4 kilobytes (HTTP/2 API). In version 2, alternative notification mechanisms are planned, which do not involve Apple services.

Bisq notification node

The Bisq notification node acts as a proxy. This has the benefit that the Apple certificate that is required to forward notifications to the Apple Push Notification Service is not public. This makes it difficult to spam the Bisq notification node with the aim to have Apple block Bisq notifications.
The Bisq notification node will be based on two components

  1. A provider server for the Apple Push Notification service (APNs)
  2. P2P network layer that allows to communicate to the Bisq nodes over Tor.
  3. Depending on the implementation details, a Apple APNs authentication token signing key or a provider certificate from Apple. Both are linked to the paid iOS developer account that is used to upload the Bisq remote App into the Apple App store.

Cryptography

I will use the 128 bit AES/CBC/PKCS5Padding symmetric encryption algorithm. A 16-character Initialization Vector will be create new for each message and attached to the message that is sent to the phone. A 32-character key will be created once per phone. This key is exchanged with the phone via QR code and persistently stored in the Bisq desktop app and in the Bisq remote mobile app.

Message Format (JSON)

Proposal:

{
  "aps" : {
    "alert" : "Bisq Notification",
    "sound" : "default",
    "bisqNotification" : {
      "comment" : "no comment",
      "notificationType" : "TRADE_ACCEPTED",
      "timestampEvent" : "2018-06-13 11:50:06",
      "version" : 1
    }
  }
}

List of valid Message objects:

Namer Text displayed in the Bisq remote App
OFFER_ACCEPTED Your offer has been accepted on May 27 at 18:32
Amount: 300 Euro
TRADE_COMPLETE Your trade has been completed on May 27 at 18:32
TRADE_ACCEPTED ...

Open Source and replicating the functionality

The code can be found here.

Screenshots and current design

The mobile App and the Bisq notification node are open source, preferably using AGPL. A user that wants to compile and run the mobile Bisq remote App himself and receive notifications, would also need to set up a new Bisq notification node that uses his Apple certificate. He can then point the Bisq desktop App to his own Bisq notification node and receive iOS notifications on his Bisq remote app.

Roadmap

Version 1

  • simple Notifications using the iOS notification service
  • Optional passcode protection of the mobile App
  • Iterations on User Experience and Graphic Design
  • Testing

Version 2

  • Android App with the same functionality
  • Optional notification without Apple Servers (requires the app to run in background). The user can select iOS notification (better user experience, but less privacy) or a proprietary notification mechanism (WebSockets, WhatsApp 3rd party, data pull, ???)
  • Additional notifications from Bisq to the mobile App
  • Notifications from the mobile App to Bisq (“the fiat money has arrived on my account, the trade can be finalised”)
  • Price alerts for attractive offers
Clone this wiki locally