Quarks: decentralized and blockchain-secured instant messaging

• Blockchain
• Cybersecurity
• Networks
• Research

Share on Twitter : Quarks: decentralized and blockchain-secured instant messaging (New window) Share on Linkedin : Quarks: decentralized and blockchain-secured instant messaging (New window)

Data leaks from instant messaging tools constitute a real risk to users’ privacy, as illustrated by the breach of the Discord network in 2023, which exposed the personal details of 760,000 people. “Numerous research papers have highlighted the existence of security vulnerabilities in widely used messaging services like WhatsApp,” explains Shuhan Mirza, a researcher and the assistant lead software engineer for the mobile bank bKash Limited in Bangladesh. With a team of five other researchers, four Americans from Syracuse University and Tennessee State University and another computer scientist from the Asia Pacific University of Technology and Innovation in Kuala Lumpur, all of whom were working in their free time, Mirza recently took part in the development of a new architecture for a secure blockchain-based messaging network. “We aimed to respond to two problems. On the one hand, systems that do not use open-source code raise issues with regard to transparency and security. On the other hand, companies are finding it increasingly difficult to trust in messaging applications they do not own.” Businesses want to regain control of their systems, and to be able to evaluate the level of security provided by messaging applications. Open-source software can fulfil both these needs.

Every interaction on Quarks that takes place on a channel is executed by a smart contract.

A more robust decentralized system

For the researcher, Quarks, which is designed to provide decentralized messaging via a blockchain, offers the reliability and confidentiality expected by businesses. With an architecture that eliminates all central control, third parties, that is to say governments and service providers, will not be able to access users’ data or messages exchanged via the platform. And given that Quarks network nodes will be located all over the world, attackers will not be able to penetrate the service or obtain sensitive data by targeting single sources or nodes, which will limit the impact of distributed denial-of-service attacks (DDoS). “Every interaction on Quarks that takes place on a channel is executed by a smart contract,” points out Mirza. To join the system, a user must create a wallet with a private key and a public key and register, using their public key, at the node of their choice. Conversation channels are hosted by nodes, and the data contained in their ledgers is encrypted with secret keys managed by the users of individual channels. Given that they are stored in a blockchain, if messages are deleted or modified, it will still be possible to see them and trace their history, which adds to the security of exchanges on the network. “In addition, non-repudiation plays a central role in the system, i.e. it is impossible for any user to deny having received or sent a message, since each message is digitally signed by users and verified by smart contracts,” which makes the tool all the more suitable for official use.

More tests will be needed in the run-up to deployment

“The advantage of Quarks is that its algorithms are lightweight, and the resources required to run it are proportional to the use of the system,” points out Shuhan Mirza, who has ambitious plans for future development: “My aim is for Quarks to become a standardised and recognised protocol.” The next step will be to test the system’s architecture in larger datacentres and to implement new functionalities. “We will be publishing a new research paper in the next few months before producing a minimum viable product (MVP) for commercial use.” For now, Quarks is still a prototype, and scale-up of the system will be a major challenge, given that the researcher intends to make the instant messaging service available to a billion users.