Skip to main content
SPR by Supernetworks

The Bitchat Update

· 3 min read
Alex Radocea

Bitchat Plugin Support on SPR

I've released a proof of concept for Bitchat running on Linux, along with a plugin configuration for SPR!

Background

Since we last wrote about Bitchat, the security response for Bitchat been pretty much perfect. Jack quickly added prominent warnings that Bitchat was in development, and very quickly (as in within a week or so), the protocol moved to use Noise Encryption, providing strong security guarantees. Not long after Bitchat made it to the App Store. And even more impressively a little while later support for Nostr made it in. Recently I got a patch in for a small security fix for handling plaintext DMs.

How to make bitchat better

Bitchat is improving but it is not perfect even though the security response is good. I'd like to see more focus on tracking prevention since bitchat users will move through the world advertising a beacon. Devices do ID randomization but the plaintext ids or permanent identifiers could expose users, along with automated link unfurling. Nostr needs cryptographic improvements as well.

The Vibe Update

Frankly it's been impressive to see how quickly Bitchat has progressed. The linux plugin I created was written by claude code and modeled after Jack's bitchat iOS client along with bitchat-tui. Jack has been using Goose for helping develop BitChat.

One of the key things about the plugin is that it uses bluez/bluer for publishing GATT services. Other linux implementations floating around try to pair a little aggressively and are using rust frameworks more geared towards clients than servers. It's containerized and should work on most linux systems with bluetooth and bluez. Having a linux client makes it easy to prototype ideas that make more sense on always-powered devices where battery life isn't a problem and additional technology like a LoRa radio could be available.

The SPR Integration

As a proof of concept, I added the ability to use a SPR to provision a per-user WiFi password over Noise. The PSK is derived from the user's Bitchat identity key, making the key unique to that user, and securely sent over e2e. If a second user asks for a password, they'll get one provisioned to them uniquely.

This prevents them from being able to decrypt each other's WiFi traffic over WPA2.

The plugin can be installed seamlessly with an OTP code from the url https://github.com/spr-networks/bitchat-plugin.

Next Steps

What would you like to see ? Give us a shout out! Like the project? Star it on github and share it and submit your PRs.

For next steps I am considering adding a teleport over udp feature, allowing users to relay traffic over UDP/Wireguard between remote instances. Or perhaps multicast support as well for the local subnet.

This linux client can serve as a relay to expand the range and availability for Bitchat without needing centralized services. Many opportunities exist for bridging