Recently, a developer asked if it would be possible to build a secure NFT chat system with TokenScript.
If we were to do this, the following would be needed:
- A way to obtain the Public Key of the wallet key
- Asynchronous ability for the TokenScript bridge (which we use for Synchronous IoT comms) OR IPFS access OR Whisper protocol For prototyping the TokenScript bridge is the easiest option although Whisper protocol may be the correct long term solution.
The Public Key is required for generating a Diffie-Hellman key, if encrypted messaging is required. Otherwise, for public, authenticated messages the capability already exists; using the Wallet key for signing messages in a similar fashion as PGP keys were (are?) used.
Operation could be like this:
- Alice wants to send a message to NFT owner Bob, first issues a request for chat.
- If Bob wants to chat, they generate their PublicKey and reply to the message.
- Alice can now encrypt chat message using AES embedded in the NFT's TokenScript, and sends via the TokenScript bridge, with the chat package also containing her PublicKey.
- Bob can check NFT messages in his wallet and decrypt them using his wallet key.
- Bob can reply by encrypting his message in a similar fashion and sending via TS Bridge.
TS Bridge may need to cache PublicKeys, so the TokenScript doesn't require to store data on the wallet. Those PublicKeys would only be available to recipients of messages sent with the PublicKey bundled.