Quiet Alternatives

quiet reviews and mentions

• Open source P2P alternative to Slack and Discord built on Tor and IPFS
  18 projects | news.ycombinator.com | 11 Sep 2023

  > do you have an individual username for each community, or will your profile eventually be the same across all the communities you're in?

  We're starting with names specific to each community, since that is simplest/cleanest and best for privacy.

  > profiles you can customize to servers can be useful, so long as you can still trace them back to the user's actual profile. otherwise that might enable masquerading as other users

  There are some decentralization-friendly ways you could link your profile to other profiles, like a Discord or HN account. tlsnotary.org is one example. Would that be good for preventing masquerading?

  > users able to mark as invisible (appearing offline without actually being so)? good to have in many situations imo, obscuring information from people who may be a danger to you

  we do plan to do this, but it's some complexity to really hide it from a tech-savvy malicious user, so the first version of invisibility will be weak and we'll tell users this. Here's the open issue and there are links to proposed designs in there if you'd like to give feedback! https://github.com/TryQuiet/quiet/issues/1504

  > how is name collision handled? in a large community, you're bound to have a few people who want the same name (and i get it, your screen name can be very personal) discord's old solution, a username and 4 digit id (e.g. felix#1234), seemed convenient and effective to me, but there must be tons of solutions; i like having a way to easily distinguish two users with the same screen name

  we're not allowing name collisions for registered users. in the coming release there will also be unregistered users who will have a badge until they register with the community owner. if the community owner lets registered users' names collide we treat that as an impersonation attack and warn everyone. since names aren't global you'll usually be able to get the name you want!

  > personally blocking users you are uncomfortable interacting with, kicking users from communities vs. banning repeat offenders in a more permanent way, temporarily muting a spamming user? kicking vs. banning can be an important distinction; i'd rather kick you if you're just inactive all the time, you're free to rejoin whenever you like

  we don't have user removal yet but obviously that's a big priority for us.

  since we don't have usernames, to ban somebody you would kick them and reset the invite link. blocking and muting and silencing people will all be very straightforward. as will roles and other kinds of moderation, and external identity linking would be helpful for this too. you'd be able to make someone link another profile and approve who you are letting in.

  > i like keeping it very, very clear what does (or does not) happen when you block, kick, ban, etc; a user shouldn't have to "test" features like these

  this is a great note, thank you!

  > important to keep in mind that you rarely (or never) want a user to completely disappear; i always want to leave the option to get back in touch, unban, unmute, etc.

  hmmmm. this is an interesting and cool idea I have not run into before. yeah, unban and unmute are possible.

  > a friends system is useful for this; maybe i don't want anyone i haven't marked as a friend to DM me

  Our first plan is to not allow DMs at all outside a community, but there are some ways we could do this.

  > selectively muting different portions of the app (e.g. i only want to be notified of a DM or @ mention, or only notifications from this community, or no notifications from this channel except @ mentions)

  this is planned, and thanks for the details! Here's the issue for channel notifications: https://github.com/TryQuiet/quiet/issues/623

  > what if i want to be notified whenever this phrase pops up in a community? might be a question of how easily you can build your own scripts on top of Quiet (which i would quite like to do)

  i'd love to enable this someday but we have no immediate plans to. but it is one exciting thing about a fully user-controlled app: you can give users a lot of flexibility. Imagine a team chat that was as flexible as Wordpress!

  > are voice and/or video planned, both in communities as well as dms?

  yes, but I'm not sure if we'll do unlimited group calls for free, since we'll need servers for this piece so it's a natural place for us to charge money (we'll need to). And I don't really have clear plans for how voice or video will work yet, since it's far off.

  > i've seen many communities in other applications where multiple "owners" existed, as it can make a more safe/welcoming community. if one owner in any way becomes untrustworthy, having someone with equal permissions in place to get rid of them and undo damage can help; whether they can remove each other or not seems like an important decision

  yes, we'll allow multiple owners at some point, though the naming role will belong to one user. https://github.com/TryQuiet/quiet/issues/1758

  > question about the threat model; members are not capable of sending messages that appear to be from another member, which implies that owners are capable of this? that could become a serious issue if true

  this is an issue right now yeah. what we can and will do very soon is show an aggressive warning almost immediately in most circumstances if this happens. see: https://github.com/TryQuiet/quiet/issues/119. but there are edge cases where spoofing could happen that are hard to reason about or convey, so it's unlikely we'll fully address this weakness soon.

  > user discovery outside of communities, preferably just typing in a username they send you elsewhere?

  Global naming features like this exist in tension with decentralization, unless you make people pay for usernames, which isn't a great experience.

  > will it be possible to delete an entire community? can an owner do this in situations where members don't agree?

  Yes. A member could block deletion by not going online or by modifying their Quiet app, but deletion is important enough for activists that we want to make it easy. Maybe this is a setting on the community level or user level.

  > searching channels (and more advanced searches; sent by this user, with an image attached, in this channel; hopefully accessible to users even if they can't do regex on the fly, lol)

  we'll definitely have search but don't yet!

  > i've found it frustrating not to be able to search every community i'm in at once for something i said; is that feasible?

  yes! it's all on your computer so totally feasible and this is a helpful note! i feel this way about email all the time when using gmail so I get it.

  > any distinction between a community and a DM with 3+ users in it?

  DMs will exist within a community; a community is at the level of a Discord server, e.g. We're not planning to do the Slack thing of giving ad hoc group chats their own special status, but 1:1 DMs will be special probably.

  > dark mode, and in my opinion, ideally a way to customize everything more thoroughly. if thorough customization, maybe a way to save/export those settings to share?

  We already have designs for dark mode: https://github.com/TryQuiet/quiet/issues/1502. what app or site does customization great? what approach can we follow, if any?

  > maybe the ability to see separate messages sent in a row - is that a message in 3 lines, or 3 messages? just hovering and seeing one line highlighted (and the timestamp for just that line)?

  these two things drive me crazy too! See: https://github.com/TryQuiet/quiet/issues/505 & https://github.com/TryQuiet/quiet/issues/1403

  > embedding video and audio files in a convenient manner? replying to messages, pinning them to channels (so they can be easily found again) seem very useful

  we'll definitely do this!

  > channel organization and categories; i don't always want the art channels open, i want #announcements at the top, etc.

  Cool, I'll make an issue for this!

  > messages marked as read/unread can be useful, something to carefully think about. client side unread; i'd like to pick up from the last message i read in this channel

  we have a floating "unread" notification but there's more on this to do!

  > sometimes i like knowing that someone has read my message; sometimes i like the safety that comes with people not being able to know. if i had to pick, it'd be the latter, users can always prove they have read something by responding to it

  We can do either but now we don't show who has read your messages, with the same caveats as above about strict invisibility of your online status being tricky.

  > keyboard navigation beyond pressing tab is super useful; a screen you can reach to describe these shortcuts is equally so

  Yeah! Ctrl-K works right now for jumping to channels but we don't make it discoverable enough.

  18 projects | news.ycombinator.com | 11 Sep 2023

  I've got to do a deeper dive on Tox and see what we can learn from it, and add an entry to the "comparisons" section in our FAQ!

  I've been meaning to write one for BitTorrent Bleep too, which is also interesting prior art.

  https://github.com/TryQuiet/quiet/wiki/Quiet-FAQ#how-quiet-c...

  18 projects | news.ycombinator.com | 11 Sep 2023

  (Quiet founder here)

  I agree with the objection that not everybody can just contribute patches for major features to an open source project, and I think it's fair to say that the comparison to Slack and Discord is not 1:1 without voice and video calls (which we do plan to offer someday, FWIW) and to feel disappointed by that. Though I think when an open source alternative emerges it is usually understood that it could take a while to get to feature parity, and we try to be very clear about what Quiet already does and doesn't do yet on our homepage.

  That said, Quiet is written in TypeScript and built on a web stack almost every engineer is somewhat familiar with, so it's really easy to get hacking on, and we'd love the help. :)

  Here are the instructions to build Quiet desktop: https://github.com/TryQuiet/quiet/blob/develop/packages/desk...

  And here are some good first issues! https://github.com/orgs/TryQuiet/projects/3/views/1?filterQu...

  18 projects | news.ycombinator.com | 11 Sep 2023

  > Thank you for this gift to humanity.

  Aw thanks. That is what we're going for. One that makes sure others will always be able to give their gifts to humanity.

  > I'm glad to see you are thoughtful about many protocols here. Will you be adding i2pd support?

  There is no current plan to. I'd be super curious to see how well it works, but we have so many bigger fish to fry! My guess is that adding i2p support on desktop would be straightforward and that on mobile it would be costly. Would desktop-only i2p support be useful to you?

  > Could you make explicit for us what parts of this tool are the least decentralized?

  Our source control, update server, and CI! It would be awesome to have a p2p github alternative that could ship builds over BitTorrent or IPFS. Someday! :)

  Beyond that, there are some pieces of Tor that are less decentralized (Guard nodes, e.g.) but everything else is just client code running over Tor talking to other clients.

  > Do you need computational donations to the network?

  Right now, the best way to donate to the Quiet network is to run a Tor relay. Beyond participating in Tor, Quiet does not allow you to help any network you're not a member of!

  If you have access to a large number of machines, rigorous performance testing with hundreds of nodes could possibly be helpful? In the past we've used Fargate for this, but this is expensive so it would be nice to have something running in an ongoing way. Also, manual and automated testing on many diverse Android devices; that would be helpful!

  > How can I assist?

  The thing we need most are real communities of people who desperately want to switch away from Slack, Discord, or Signal but don't have a satisfactory solution. Specifically, we want to learn about their use cases and tailor Quiet to their needs as much as possible. Know anyone?

  > Do you intend to provide users complete control over private/public keys within the interface?

  Yes. Right now user keys are stored on their machines and nowhere else, but you have to just copy a directory to move them or back them up. Soon we'll let people recover accounts from their linked devices (e.g. from your computer if your phone is lost) and we may have some social recovery solution within communities for DMs, though that might not be feasible. We'll also do the crypto wallet thing of encouraging people to write down passphrases, but most users won't do that.

  > Will you be providing significant command-line access to the tooling?

  The backend is its own Node module, but we don't have a good CLI for it yet and it's not a current priority: https://github.com/TryQuiet/quiet/tree/develop/packages/back...

  > How far have you attempted to scale this up?

  We've run tests with 200-300 nodes on Amazon Fargate, and our frontend was the bottleneck, not the p2p layer. Libp2p currently handles 800,000 nodes on the Ethereum beacon chain. Phones will need to be given some more limited view of the network for large communities to remain performant, and we will need to add retention limits for messages and images otherwise drive space will be the bottleneck, but there is no reason why we cannot handle very large communities.

  > Will you be working toward collaborative text environments like Etherpad Latency seems too high for that, right?

  For text documents, latency isn't the issue, but CRDT performance is because every character is a new CRDT transaction. We would love to pursue this if our users ask for it. So far there isn't a strong signal that users need it. Many people I talk to use documents to prepare things for intended eventual publication, while they use messaging for in-progress thoughts, so docs are not as sensitive as messages. It's like, docs are an organization's mouth and messaging is an organization's brain. You care more about the privacy of your brain. But technically this would be a fun challenge and I'm sure we could build something great. There are other CRDTs we could use.

  > Do you intend to enable the synchronization of larger sets of files, something like mutable torrents?

  This would probably be straightforward. What's your use case?

  18 projects | news.ycombinator.com | 11 Sep 2023

  Well, for one you can avoid messing with NAT traversal and port forwarding if you just use onion services.

  They list some more reasons here, mostly just for privacy/anonymity: https://github.com/TryQuiet/quiet/wiki/Quiet-FAQ#why-does-qu...

  18 projects | news.ycombinator.com | 11 Sep 2023
• Tor’s shadowy reputation will only end if we all use it
  4 projects | news.ycombinator.com | 28 Jul 2023

  My team is building Quiet, an alternative to team chat apps like Slack and Discord that works as you describe:

  https://github.com/TryQuiet/quiet/#readme

  > Granted, sending a message would require all parties to be online at the same time, but there could be a set of relay servers to hold messages until they get fetched.

  We actually do a bit better than this! We use a gossip network (libp2p gossipsub) so all peers don't have to connect directly, and a CRDT over a private IPFS network so that everyone in a community eventually syncs all messages. As long as there's a continuity of online peers, the availability of messages is the same as a central server, and with a few Android users in the mix it's pretty easy to get to that level of continuity.

  (The battery impact of staying connected all the time isn't as bad as you'd think, and we haven't even begun to optimize it.)

  And yes, it builds on the maturity of Tor rather than trying to roll its own onion routing layer as Session is doing.

• A note from our sponsor - InfluxDB
  www.influxdata.com | 24 Sep 2023

  Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge. Learn more →