End-to-end encrypted communication requires the public key of the other party. This key is provided by the server you are connected to. If the server is attacked, the key may be deliberately forged to hack your communications (such an attack is called Man In The Middle - MITM).
If you want to prevent this attack, you need to verify the key with the contact (for example, to call and read the verification codes). This is the only way we can be sure that we use the right keys for encryption.
Our application uses an unique mechanism for key authentication that works with a modern, secure repository, where it is not possible to modify once inserted data at anytime by anybody. Such a repository is called a Blockchain database.
Public Blockchain DBs are currently used exclusively for cryptocurrencies. The largest and safest of those is the DB used by Bitcoin. Apart from the fact that this DB is used to record individual Bitcoin transactions, other data may be written into it. In our case, the endpoint device with BabelApp app writes into this database the information needed to authenticate the public key that can be read at any time by other participants in the communication.
So if the BabelApp server has active Bitcoin network protection, anyone can communicate with you without worrying about the MITM attack without having to call and authenticate public keys before communications.
A fee is charged for entering a transaction into the Bitcoin Network, how is it with sending the key information?
Writing into the DB (uploading data to the Bitcoin network) requires a fee every time. The BabelApp app writes into the DB only when you change important data such as your public key or BabelApp address. Changes occur only in exceptional cases (for example, when losing the phone) – which means most people only pay once. The amount per transaction varies according to the current network usage and Bitcoin price. The price of each transaction usually ranges around 1$ (about 20 CZK in September 2018).
Does the client need a Bitcoin wallet?
No. Payments to the network are handled by the BabelApp server that the user is connected to.
Is it necessary for all clients (or servers) to use the Bitcoin network?
No. But the more servers and clients will use this protection more secure the network will be. If you want to communicate with someone who is not in this network, the application will notify you that you need to verify the keys in a different way (for example, over the phone).
Are there any sensitive data written into the network?
No. Only the data needed to verify the key is written there. No contact, message, or call data is ever recorded.
Bitcoin database has several hundred gigabytes. Does the app need to download all of it?
No. The mobile application does not connect directly to the Bitcoin network, but to the BabelApp servers that filter the blocks and send only those parts that are needed. This will reduce the size to megabytes. It is important to say that while filtering and forwarding data to the server – it does not reduce or lower the security.
How long does it take to write to Bitcoin Network?
Writing public key data takes about an hour.