@ericmoritz have you looked at Secure Scuttlebutt? I'm not sure that functionality is currently available yet, but IIRC e2ee group messages are planned and can now send e2ee messages to one recipient.
This podcast has an overview. Its a bit old but I think most stuff is still correct/relevant.
Oktahedron: OH004 – Secure Scuttlebutt https://oktahedron.diskordia.org/?podcast=oh004-secure-scuttlebutt
@ericmoritz @dazinism There's other metadata to consider when shuttling encrypted stuff around, even besides the server owner's view. For example, if you have a single index of posts, a technically savvy friend may notice that they can't access many of the posts. They must be off of some of your filters! Or if you have one index per friend, named by their public key hash, they can see that their index file is smaller or larger than your other friends' index files. Possibly drama source. >_>
@ericmoritz @dazinism But even without the spectre of metadata analysis for surveillance or social intrigue purposes, there's the simple matter that the hardest encrypted file to crack is the one you can't access.
So ideally you'd have encryption + access control: Each index file also requires a (static?) access token conveyed in the URL, possibly like https:// alice-token @ some server .net / username / indexes / alice-pubkey
That could be done by configuring existing server software.
@ericmoritz @dazinism If you're interested in pursuing this idea, I've been writing down goals and implementation ideas as well as just starting to build out an exploratory client. Let me know if you're interested in contributing to the design discussion or playing with the client.
(I suspect an application server is inevitable, by the way, but it would still only pass around encrypted blobs.)
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!