@wireapp/proteus

Wire

This repository is part of the source code of Wire. You can find more information at wire.com or by contacting opensource@wire.com.

You can find the published source code at github.com/wireapp.

For licensing information, see the attached LICENSE file and the list of third-party licenses at wire.com/legal/licenses/.

Proteus

Installation

yarn add @wireapp/proteus

Usage

import {init, keys} from '@wireapp/proteus';

await init();

const yourIdentity = keys.IdentityKeyPair.new();

Performance Benchmark

Run benchmark on main thread:

yarn start:benchmark

Run benchmark with worker threads:

yarn start:benchmark --workers [amount]

Results:

Scenario	MacBook Air M1 (2020) A2337 (8C CPU, 16 GB RAM) Node v16.0.0
Generating "4000" pre-key bundles (single-threaded)	1461ms
Initializing "4000" sessions (single-threaded)	2967ms
Encrypting "4000" texts (single-threaded)	200ms

Decryption Errors

Error Code	Type/Error	Reason
2	RangeError Offset is outside the bounds of the DataView	Remote side failed to encrypt message (undefined text or similar error), thus we receive a 💣 from Cryptobox.
200	DecryptError Unknown message type	Remote side does not follow proteus specification
201	DecryptError.InvalidMessage Can't initialise a session from a CipherMessage.	Occurs when the remote party thinks we have an initialised session, but it does not/no longer exist locally. We must have confirmed the session with the remote party by sending them a message. Until then then they continue to send us PreKeyMessages instead of CipherMessages. We prematurely deleted the session before decrypting all events.
202	DecryptError.InvalidMessage Unknown message format: The message is neither a "CipherMessage" nor a "PreKeyMessage".	Remote side does not follow proteus specification
203	DecryptError.PrekeyNotFound Could not delete PreKey
204	DecryptError.RemoteIdentityChanged Remote identity changed	Client of the user has changed without informing us (Man in the middle attack? or database conflicts on the remote side: sessions get mixed with new client)
205	DecryptError.InvalidMessage No matching session tag.	Usually happens when we receive a message intended for another client.
206	DecryptError.InvalidSignature Decryption of a message in sync failed	Envelope mac key verification failed
207	DecryptError.InvalidSignature Decryption of a newer message failed	Envelope mac key verification failed. Session broken or out of sync. Reset the session and decryption is likely to work again!
208	DecryptError.OutdatedMessage Message is out of sync	Opposite of "Too distant future" error
209	DecryptError.DuplicateMessage Duplicate message	Happens if an encrypted message is decrypted twice
210	DecryptError.InvalidSignature Decryption of a previous (older) message failed	Envelope mac key verification
211	DecryptError.TooDistantFuture Message is from too distant in the future	More than 1000 messages at the beginning of the receive chain were skipped
212	DecryptError.TooDistantFuture Message is from too distant in the future	More than 1000 messages on the receive chain were skipped
213	DecryptError.InvalidMessage Sender failed to encrypt a message.	Error on receiver side when remote side sends a 💣
300	DecryptError.InvalidMessage The received message was too big.