Under the Radar - Architecture

Written by David Banham

These are the architectural tenets of UTR:

UTR assumes the platform on which it is being executed is trusted.

All messages are encrypted on the client. This encryption is maintained at-rest and in transit.

Messages can be safely stored by an intermediary in order to enable asynchronous delivery and multi-device synchronisation.

It is not obvious to an attacker who is corresponding with whom.

Clients work offline and synchronise their state when the network becomes available.

Push notifications can be utilised to ensure a good mobile experience.

The components of UTR are:


Users can create any number of Identities. An Identity is a database that contains a document with a public key.

When the user creates their Identity as a local PouchDB, they also provide a remote CouchDB instance to replicate to and from. This remote forms the user’s public Identity and they can share the URL describing it with people they wish to correspond with.


In order to start a Conversation with another user, you post an Invitation to their Identity database. This Invitation should be a JSON document describing the URL of the Conversation you are inviting them to, the Secret that is used to encrypt messages in that Conversation and (optionally) your Identity, a signature proving the veracity of your claim on your Identity and some text enticing the user to accept your Invitation. The document should be encrypted with the recipient’s public key such that they are the only ones able to read it.


A Conversation is a CouchDB database. Participants in the Conversation hold local copies which replicate with the public database. The Conversation contains Messages.


Messages are JSON documents that are encrypted with a Secret. The JSON documents contain a textual payload and some metadata describing who posted them, what time they were posted, etc.


Secrets are passwords of sufficient length and complexity that data encrypted with them is unfeasible for an attacker to break. They are automatically generated by clients and should never need to be remembered by humans. Now go read about how this is implemented.