Twitter acquired Threader! Learn more

Sarah Jamie Lewis
+ Your AuthorsArchive @SarahJamieLewis Executive Director @OpenPriv. Cryptography and Privacy Researcher. @cwtch_im icyt7rvdsdci42h6si2ibtwucdmjrlcb2ezkecuagtquiiflbkxf2cqd Apr. 15, 2021 7 min read

After the set backs of last year, I'm much happier with the direction of Cwtch now and the progress over the last few weeks has been amazing.

Going to try and maintain a thread of updates as we approach finally getting a Beta out. #cwtchdev

This week I've mostly been focused on the UI around offline/online status and displaying info refarding underlying anonymous communication network (right now Tor).

Also, if you haven't yet done so you should check out the Discreet Log series that we've been putting out every fortnight to provide some deeper thoughts and context around the development and research work we do.

(A new one will be out this Friday)

Today, for the first time in a few months, I've been thinking about the experimental groups feature in Cwtch and how users interact with Servers, key bundles and the crypto.

Mostly this took the form of some backend wiring work, so no pretty screenshots.

Now that the new UI is approaching Beta-completeness I look forward to being able to take a step back and actually do some research into metadata resistant group comms again.

Beta will probably ship with the old-style download-everything groups, but I don't expect them to stay.

(On that last point, see:  - for one possible direction I want to explore more)

One Cwtch development I'm pretty excited about it the work that @errorinn has been doing around UI integration tests.

We are moving quickly towards fully automated regression tests that link library functionality with critical UI feedback.

This last week of #cwtchdev for me has mostly been background wiring for experimental groups (which now are now functional) - but a few UI updates have made it in (group UI, consistent profile image widget, and a new Tor status bar)

Today on #cwtchdev is some more fuzzbot-driven work, mainly thinking about communicating error states and some of the more weird setups I want fuzzbot to automate.

Today in #cwtchdev, a lot of backend work weeding out some old Cwtch group code to get a version of groups ready for Beta.

And also playing with title bars...

It (finally) begins

Have now officially declared our cwtch group chat to be the primary communication took a long time to get here, and there are still bumps in the road ahead, but I'm very excited.

Will be spending the next few weeks heavily dogfooding, sanding down the remaining rough edges while we finalize our release infrastructure, and then we will start rolling out a Beta!

Didn't actually intend to get this far this evening, but I did manage to get Cwtch compiling and running on a raspberry pi 4 (via 64 bit kernel and raspbian-nspawn-64) - so yay arm64 linux support!

Today in #cwtchdev I spent the day improving the reliability of cwtch groups - which was mostly wiring up error messages to retry logic that I had put off until the UI was in better shape.

Also I gave our server implementation some love and switched it over to using sqlite which got rid of some legacy prototype code from a few years back, and also allows much faster syncing times.

For those that might not know...Cwtch servers are an *optional* and *experimental* part of Cwch that support groups/offline messaging via untrusted infrastructure.

Still think the design could be improved, but that is mostly an after-beta research project.

Today in #cwtchdev I traced why sending messages to groups was slow on startup and realized that the event engine was bottlenecking on connecting to group servers because that code should have been running in a goroutine...🙃

On the plus side, everything is now ridiculously fast

We also had our weekly planning meeting and now have what I believe is the final list of dev tasks prior to Beta.

Taking a little bit more time, but the performance and usability gains will be worth it I think.

Today in #cwtchdev - for those interest in an iOS version of Cwtch - there are currently a few draft pull requests open seeking input on getting the new UI building for iOS. (Help Wanted / Appreciated) 

(See also this issue for more details: )

Also in #cwtchdev new experimental invite flow dropped thanks to @errorinn

Today in #cwtchdev Fuzzbot gets a personality

Don't go breaking my heart...

Today on #cwtchdev more fuzztesting, this time on the new mini invite overlay.

Who wouldn't want to join Ṱ̺̺̕o͞ ̷i̲̬͇̪͙n̝̗͕v̟̜̘̦͟o̶̙̰̠kè͚̮̺̪̹̱̤ ̖t̝͕̳̣̻̪͞h̼͓̲̦̳̘̲e͇̣̰̦̬͎ ̢̼̻̱̘h͚͎͙̜̣̲ͅi̦̲̣̰̤v̻͍e̺̭̳̪̰-m̢iͅn̖̺̞̲̯̰d̵̼̟͙̩̼̘̳ ̞̥̱̳̭r̛̗̘e͙p͠r̼̞̻̭̗e̺̠̣͟s̘͇̳͍̝͉e͉̥̯̞̲͚̬͜ǹ̬͎͎̟̖͇̤t͍̬̤͓̼̭͘ͅi̪̱n͠g̴͉ ͏͉ͅc̬̟h͡a̫̻̯͘o̫̟̖͍̙̝͉s̗̦̲.̨̹͈?

Fuzzbot also support some light mutation in addition to packaging predefined corpuses.

Also on the horizon, the return of the optional 2-column layout courtesy of @errorinn

Fuzz Bot is the focus of this weeks Discreet Log - if you would like to get involved with Cwtch security testing I've linked to the code & documented some of the current limitations/future plans - feel free to get in touch with ideas (or start hacking).

The last few days in #cwtchdev has focused on lots of small improvements and fixes e.g. Contact search and filtering has been ported to the new UI!

I've also made some improvements and fixes to the handling of groups (thanks fuzzbot...)

The list of tasks before Beta is getting ever smaller, we've been using Cwtch as our primary chat tool for several weeks now, and I'm becoming ever happier with the feel of it all.

Also, not exactly Cwtch related, but yesterday I dropped an experimental prototype for a new experimental prototype metadata resistant / anonymous communication system which I'm hoping to divert some research time to later this Summer.

Also, at the risk of getting sentimental, I ran across this post recently which I think is the first time I talked about Cwtch back in 2017. Before @OpenPriv existed. It's amazing how far everything has come.

Today, I have a list of comments from our staff designer that have come out of testing Cwtch over the last few weeks, and my goal is to get as many of them fixed as possible.

Well that was a day.

Mostly lots of little UI improvements, a few fixes for small bugs that have been lower priority. Two big changes: upgrading flutter sdk, and the new message compose widget:

Today in #cwtchdev

After finally solving the high cpu usage bug, today I am back on fixing paper cut issues - intuitive autofocus, theming consistency, action feedback etc.

I love this part.

Some behind the scenes notes from @errorinn in our Discreet Log development blog this week: diving into overlays, actions and expanding Cwtch beyond decentralized, anonymous chat.

The last few days I've mostly been filling in some of the few remaining feature gaps around groups - wiring in group creation / leaving groups / confirmation dialogs etc.

Looking for a few volunteers to help test cwtch beta release candidates - if you can spare a few hours over the next week or so please DM me with the platform you are interested in testing on (linux/android/windows).

Talking to testers is one of the best parts of my job, it's always so interesting.

Such a successful first full day of release candidate testing! Logged a lot of small bugs that we will fix over the next few days, and had a lot of great conversations.

So excited!

Starting to think we might actually pull this off.

Now running the play store internal test version on my tablet! A few more rough edges to sand down, but all the hard work from the last few years is starting to come together now!

Today in #cwtchdev, more issue fixing driven by the feedback of our amazing testers!

Also, integrating the amazing custom icons that our staff design Marcia has been working on.

Today in #cwtchdev more fixes resulting from feedback by our awesome testers!

Also the return of ephemeral message warnings + some more context for offline contacts.

Really loving this new invite icon.

Today in #cwtchdev I am pushing updates to the Cwtch Secure Development Handbook to capture all the changes over the last few months, and some new changes in the underlying protocols. 

If you read the secure development handbook and anything is not clear, please let me know. It's main purpose is to allow researchers and developers to get up to speed with the underlying security of cwtch (and help find bugs!) so I want it to be as clear as possible.

Also I really love the work that our staff designer Marcia has been doing on the icon language around Cwtch.

Today in #cwtchdev, @dan_ballard
has been looking back over the last few months and documenting the work we did getting our cwtch go libraries working on desktop and Android via Flutter.

Today in #CwtchDev, after some more successful testing over the weekend (including the new android service / stability fixes) we have finally whittled the number of tasks marked "before-beta" down to a number that can be assigned to people in a single planning sprint.

Busy week in #cwtchdev! Keep an eye out for exciting news very soon!

You can follow @SarahJamieLewis.


Tip: mention @threader on a Twitter thread with the keyword “compile” to get a link to it.

Follow Threader