Moni3z, thanks first for taking the time to give this feedback. It is important I preface my response with a repeat from my previous post: There are also options out there that are a better fit for high security needs. Gliph's intention is not to be the world's most secure messaging client. Gliph is focused on making fantastic compromises between privacy, security, real-world utility and great user experiences. We make these compromises to execute on Gliph's actual mission: to help people transact with their peers in a trusted, efficient and delightful way.
You could've just used the open sourced Textsecure client and server crypto engineering which is known to be secure/audited with your custom UI/app to also send coins. Much easier than rolling your own. You can still sell the app if a lot of people use it regardless if it's guts are entirely made up of Textsecure with some added bitcoin functionality.
Textsecure's iOS implementation remains in "
early development stage" and is not ready for production. Gliph has been cross-platform, (web, android, iOS for some time). Also, I would assert that technical integrations between multiple cloud wallet services and a secure and private social platform is more challenging than it may appear.
If the goal is to sell this software with custom crypto engineering you should consider message encryption using a fast native stream cipher like Salsa20 (or ChaCha) + polynomial MAC (Poly1305, VMAC). I would also use ephemeral keys, ECDH over Curve25519 or copy what Textsecure has done to create each session(s) with temporary keys. Ditch RSA +OAEP, just use a curve to derive a key it's much less complex. You save a lot of bandwidth too using Poly1305 which should be essential for any mobile app.
Again, the goal of Gliph is strictly not to sell it as security software, even though this is a value proposition compared to other popular options in the market today. I appreciate these specific technical implementation ideas, and will take them into consideration.
Indeed, our current Android app does do certificate pinning. Although it is worth mentioning that since we did do this additional security enhancement, making the fix for Heartbleed immediately broke all existing clients running Gliph for Android app with certificate pinning. This resulted in a lot of user frustration and created retention issues for the product. This is what I mean about needing to continuously make compromises between security and user experience. If you go too far out on a limb, the only folks you'll attract are hyper-security people and again, we are not after that group of folks. There are other products that are great at addressing those needs.
Finally pay somebody respected to audit your software since money transactions and private messaging is involved. Ask this guy who respected crypto engineers are that can be contracted for auditing:
https://twitter.com/matthew_d_green this will generate more interest in your app since none of us can verify the code.
I agree this is a terrific idea, and as soon as the company is capitalized to the point to offer this, we will perform the audit.
Just downloaded the app on iOS, pretty nice app. I am loving these new bitcoin apps hitting iOS lately! Great work, make sure to keep the security up. Is it possible to implement TOR?
Thanks for checking it out! Gliph does work in conjunction with TOR, so long as you have your device set up to route app traffic over the connection. We are unlikely to build native tor support in because it is not too hard to set up and toggle on as a device-wide choice and because every new security feature takes time and energy away from building new products and services that bring us closer to our mission.