specs/status-payloads-spec.md

# Status Message Payloads Specification

> Version: 0.1 (Draft)
>
> Authors: Adam Babik <adam@status.im>, Oskar Thorén <oskar@status.im> (alphabetical order)

## Abstract

This specifications decribes how the payload of each message in Status looks
like. It is primarly centered around chat and chat-related use cases.

The payloads aims be flexible enough to support messaging but also cases
described in the [Status Whitepaper](https://status.im/whitepaper.pdf) as well
as various clients created using different technologies.

## Table of Contents

- [Abstract](#abstract)
- [Table of Contents](#table-of-contents)
- [Introduction](#introduction)
- [Wrapper](#wrapper)
- [Encoding](#encoding)
- [Message types](#message-types)
- [Message](#message)
    - [Payload](#payload)
    - [Content types](#content-types)
    - [Message types](#message-types-1)
    - [Clock vs Timestamp and message ordering](#clock-vs-timestamp-and-message-ordering)
- [Upgradability](#upgradability)
- [Security Considerations](#security-considerations)

## Introduction

In this document we describe the payload format and some special considerations.

## Payload wrapper

All payloads are wrapped in a [protobuf record](https://developers.google.com/protocol-buffers/)
record:

```protobuf
message StatusProtocolMessage {
  bytes signature = 1;
  bytes payload = 2;
}
```

`signature` is the bytes of the signed `SHA3-256` of the payload, signed with the key of the author of the message.
The signature is needed to validate authorship of the message, so that the message can be relayed to third parties.
If a signature is not present but an author is provided by a layer below, the message is to be relayed to third parties and its considered plausibly deniable.

## Encoding

The payload is encoded using [Transit format](https://github.com/cognitect/transit-format). Transit was chosen over JSON in order to reduce the bandwidth.

Example of a valid encoded payload:

```
["~#c4",["abc123","text/plain","~:public-group-user-message",154593077368201,1545930773682,["^ ","~:chat-id","testing-adamb","~:text","abc123"]]]
```

The message is an array and each index value has its meaning:
* 0: `c4` is a decoder handler identification for the current payload format. Identifications allow to register handlers for many different types of payload
* 1: array which items correspond to the described payload fields above

For more details regarding serialization and deserialization please consult [transit format](https://github.com/cognitect/transit-format) specification.

<!-- TODO: This requires a lot more detail since c4 is only one of several types, and also possibly links to implementation -->

## Message

The type `Message` represents a text message exchanged between clients.

<!-- TODO: It is not clear how this relates to StatusProtocolMessage above -->

### Payload

Payload is a struct (a compound data type) with the following fields (order is important):

<!-- TODO: Be more precise in struct description, a la RFC, e.g. TLS style https://tools.ietf.org/html/rfc8446 -->

| Field | Name | Type |
| ----- | ---- | ---- |
| 1 | text | `string` |
| 2 | content type | `enum` (more in [Content types](#content-types)) |
| 3 | message type | `enum` (more in [Message types](#message-types)) |
| 4 | clock | `int64` |
| 5 | timestamp | `int64` |
| 6 | content | `struct { chat-id string, text string }` |

### Content types

Content types are required for a proper interpretation of incoming messages. Not each message is a plain text but may carry a different information.

The following content types MUST be supported:
* `text/plain` identifies a message which content is a plain text.

There are also other content types that MAY be implemented by the client:
* `sticker`
* `status`
* `command`
* `command-request`
* `emoji`

These are currently underspecified. We refer to real-world implementations for clients who wish to interoperate.

<!-- TODO: Ideally specify this, but barring that, link to implementation. -->

### Message types

Message types are required to decide how a particular message is encrypted and what metadata needs to be attached when passing a message to the transport layer. For more on this, see [Status Whisper Usage Specification](./status-whisper-usage-spec.md).

<!-- TODO: This reference is a bit odd, considering the layer payloads should interact with is Secure Transport, and not Whisper. This requires more detail -->


The following messages types MUST be supported:
* `public-group-user-message` is a message to the public group
* `user-message` is a private message
* `group-user-message` is a message to the private group.

### Clock vs Timestamp and message ordering

`timestamp` MUST be Unix time calculated when the message is created. Because the peers in the Whisper network should have synchronized time, `timestamp` values should be fairly accurate among all Whisper network participants.

`clock` SHOULD be calculated using the algorithm of [Lamport timestamps](https://en.wikipedia.org/wiki/Lamport_timestamps). When there are messages available in a chat, `clock`'s value is calculated based on the last received message in a particular chat: `last-message-clock-value + 1`. If there are no messages, `clock` is initialized with `timestamp`'s value.

`clock` value is used for the message ordering. Due to the used algorithm and distributed nature of the system, we achieve casual ordering which might produce counterintuitive results in some edge cases. For example, when one joins a public chat and sends a message before receiving the exist messages, their message `clock` value might be lower and the message will end up in the past when the historical messages are fetched.

<!-- TODO: Document section on replies -->

## Upgradability

The current protocol format is hardly upgradable without breaking backward compatibility. Because Transit is used in this particular way described above, the only reliable option is to append a new field to the Transit record definition. It will be simply ignored by the old clients.

## Security Considerations

TBD.

## Design rationale

### Why are you using Transit and Protobuf?

Transit was initially chose for encoding, and Protobuf was added afterwards. This is partly due to the history of the protocol living inside of `status-react`, which is written in Clojurescript. In future versions of payload and data sync client specifications it is likely we'll move towards Protobuf only. See e.g. [Dasy](https://github.com/vacp2p/dasy) for a research proof of concept.
tweak title 2019-08-29 11:07:19 +00:00			`# Status Message Payloads Specification`
x8: Add payload overview skeelton 2019-04-22 04:22:25 +00:00
payloads spec formatting, rfc etc 2019-08-29 10:42:43 +00:00			`> Version: 0.1 (Draft)`
			`>`
			`> Authors: Adam Babik <adam@status.im>, Oskar Thorén <oskar@status.im> (alphabetical order)`

			`## Abstract`

payload add abstract 2019-08-29 11:05:55 +00:00			`This specifications decribes how the payload of each message in Status looks`
			`like. It is primarly centered around chat and chat-related use cases.`

			`The payloads aims be flexible enough to support messaging but also cases`
			`described in the [Status Whitepaper](https://status.im/whitepaper.pdf) as well`
			`as various clients created using different technologies.`
payloads spec formatting, rfc etc 2019-08-29 10:42:43 +00:00
			`## Table of Contents`

			`- [Abstract](#abstract)`
			`- [Table of Contents](#table-of-contents)`
			`- [Introduction](#introduction)`
Update x8.md 2019-08-27 11:33:02 +00:00			`- [Wrapper](#wrapper)`
			`- [Encoding](#encoding)`
payloads spec formatting, rfc etc 2019-08-29 10:42:43 +00:00			`- [Message types](#message-types)`
			`- [Message](#message)`
			`- [Payload](#payload)`
			`- [Content types](#content-types)`
			`- [Message types](#message-types-1)`
			`- [Clock vs Timestamp and message ordering](#clock-vs-timestamp-and-message-ordering)`
Update x8.md 2019-08-27 11:33:02 +00:00			`- [Upgradability](#upgradability)`
payloads spec formatting, rfc etc 2019-08-29 10:42:43 +00:00			`- [Security Considerations](#security-considerations)`

			`## Introduction`
x8: Add payload overview skeelton 2019-04-22 04:22:25 +00:00
payload add abstract 2019-08-29 11:05:55 +00:00			`In this document we describe the payload format and some special considerations.`
x4: protocol overview move payload stuff 2019-04-22 04:56:11 +00:00
payload fmt and add transit faq 2019-08-29 11:06:19 +00:00			`## Payload wrapper`
spelling 2019-08-26 13:33:09 +00:00
payload fmt and add transit faq 2019-08-29 11:06:19 +00:00			`All payloads are wrapped in a [protobuf record](https://developers.google.com/protocol-buffers/)`
Add v1 message wrapper 2019-07-17 06:33:45 +00:00			`record:`

Update x8.md 2019-08-27 09:34:42 +00:00			```protobuf
			`message StatusProtocolMessage {`
			`bytes signature = 1;`
			`bytes payload = 2;`
			`}`
Add v1 message wrapper 2019-07-17 06:33:45 +00:00			```

Update x8.md 2019-08-27 11:26:21 +00:00			`signature` is the bytes of the signed `SHA3-256` of the payload, signed with the key of the author of the message.
Add v1 message wrapper 2019-07-17 06:33:45 +00:00			`The signature is needed to validate authorship of the message, so that the message can be relayed to third parties.`
spelling 2019-08-26 13:33:09 +00:00			`If a signature is not present but an author is provided by a layer below, the message is to be relayed to third parties and its considered plausibly deniable.`
x4: protocol overview move payload stuff 2019-04-22 04:56:11 +00:00
payloads spec formatting, rfc etc 2019-08-29 10:42:43 +00:00			`## Encoding`
x8: Add payload overview skeelton 2019-04-22 04:22:25 +00:00
Update x8.md 2019-08-27 11:38:09 +00:00			`The payload is encoded using [Transit format](https://github.com/cognitect/transit-format). Transit was chosen over JSON in order to reduce the bandwidth.`
x8: Add payload overview skeelton 2019-04-22 04:22:25 +00:00
			`Example of a valid encoded payload:`

			```
			`["~#c4",["abc123","text/plain","~:public-group-user-message",154593077368201,1545930773682,["^ ","~:chat-id","testing-adamb","~:text","abc123"]]]`
			```

tweaks and todos 2019-08-29 11:13:42 +00:00			`The message is an array and each index value has its meaning:`
x8: Add payload overview skeelton 2019-04-22 04:22:25 +00:00			* 0: `c4` is a decoder handler identification for the current payload format. Identifications allow to register handlers for many different types of payload
			`* 1: array which items correspond to the described payload fields above`

			`For more details regarding serialization and deserialization please consult [transit format](https://github.com/cognitect/transit-format) specification.`

tweaks and todos 2019-08-29 11:13:42 +00:00			`<!-- TODO: This requires a lot more detail since c4 is only one of several types, and also possibly links to implementation -->`
Update status-payloads-spec.md 2019-08-28 14:45:42 +00:00
payloads spec formatting, rfc etc 2019-08-29 10:42:43 +00:00			`## Message`
Add v1 message wrapper 2019-07-17 06:33:45 +00:00
			The type `Message` represents a text message exchanged between clients.

tweaks and todos 2019-08-29 11:13:42 +00:00			`<!-- TODO: It is not clear how this relates to StatusProtocolMessage above -->`
Add v1 message wrapper 2019-07-17 06:33:45 +00:00
payloads spec formatting, rfc etc 2019-08-29 10:42:43 +00:00			`### Payload`
Add v1 message wrapper 2019-07-17 06:33:45 +00:00
spelling 2019-08-26 13:33:09 +00:00			`Payload is a struct (a compound data type) with the following fields (order is important):`
Add v1 message wrapper 2019-07-17 06:33:45 +00:00
add todo inline 2019-08-27 12:22:50 +00:00			`<!-- TODO: Be more precise in struct description, a la RFC, e.g. TLS style https://tools.ietf.org/html/rfc8446 -->`

Update x8.md 2019-08-27 11:41:25 +00:00			`\| Field \| Name \| Type \|`
			`\| ----- \| ---- \| ---- \|`
			\| 1 \| text \| `string` \|
			\| 2 \| content type \| `enum` (more in [Content types](#content-types)) \|
			\| 3 \| message type \| `enum` (more in [Message types](#message-types)) \|
			\| 4 \| clock \| `int64` \|
			\| 5 \| timestamp \| `int64` \|
			\| 6 \| content \| `struct { chat-id string, text string }` \|
Add v1 message wrapper 2019-07-17 06:33:45 +00:00
payloads spec formatting, rfc etc 2019-08-29 10:42:43 +00:00			`### Content types`
x8: Add payload overview skeelton 2019-04-22 04:22:25 +00:00
spelling 2019-08-26 13:33:09 +00:00			`Content types are required for a proper interpretation of incoming messages. Not each message is a plain text but may carry a different information.`
x8: Add payload overview skeelton 2019-04-22 04:22:25 +00:00
			`The following content types MUST be supported:`
clean up Message Payload Specification (closes #15) (#18) 2019-07-08 06:08:32 +00:00			* `text/plain` identifies a message which content is a plain text.

			`There are also other content types that MAY be implemented by the client:`
tweaks and todos 2019-08-29 11:13:42 +00:00			* `sticker`
			* `status`
			* `command`
			* `command-request`
			* `emoji`

			`These are currently underspecified. We refer to real-world implementations for clients who wish to interoperate.`

			`<!-- TODO: Ideally specify this, but barring that, link to implementation. -->`
x8: Add payload overview skeelton 2019-04-22 04:22:25 +00:00
Add v1 message wrapper 2019-07-17 06:33:45 +00:00			`### Message types`
x8: Add payload overview skeelton 2019-04-22 04:22:25 +00:00
tweaks and todos 2019-08-29 11:13:42 +00:00			`Message types are required to decide how a particular message is encrypted and what metadata needs to be attached when passing a message to the transport layer. For more on this, see [Status Whisper Usage Specification](./status-whisper-usage-spec.md).`

			`<!-- TODO: This reference is a bit odd, considering the layer payloads should interact with is Secure Transport, and not Whisper. This requires more detail -->`

x8: Add payload overview skeelton 2019-04-22 04:22:25 +00:00
			`The following messages types MUST be supported:`
			* `public-group-user-message` is a message to the public group
			* `user-message` is a private message
			* `group-user-message` is a message to the private group.

payloads spec formatting, rfc etc 2019-08-29 10:42:43 +00:00			`### Clock vs Timestamp and message ordering`
x8: Add payload overview skeelton 2019-04-22 04:22:25 +00:00
			`timestamp` MUST be Unix time calculated when the message is created. Because the peers in the Whisper network should have synchronized time, `timestamp` values should be fairly accurate among all Whisper network participants.

			`clock` SHOULD be calculated using the algorithm of [Lamport timestamps](https://en.wikipedia.org/wiki/Lamport_timestamps). When there are messages available in a chat, `clock`'s value is calculated based on the last received message in a particular chat: `last-message-clock-value + 1`. If there are no messages, `clock` is initialized with `timestamp`'s value.

			`clock` value is used for the message ordering. Due to the used algorithm and distributed nature of the system, we achieve casual ordering which might produce counterintuitive results in some edge cases. For example, when one joins a public chat and sends a message before receiving the exist messages, their message `clock` value might be lower and the message will end up in the past when the historical messages are fetched.

tweak 2019-08-29 11:14:07 +00:00			`<!-- TODO: Document section on replies -->`
x8: Add payload overview skeelton 2019-04-22 04:22:25 +00:00
payloads spec formatting, rfc etc 2019-08-29 10:42:43 +00:00			`## Upgradability`
x8: Add payload overview skeelton 2019-04-22 04:22:25 +00:00
clean up Message Payload Specification (closes #15) (#18) 2019-07-08 06:08:32 +00:00			`The current protocol format is hardly upgradable without breaking backward compatibility. Because Transit is used in this particular way described above, the only reliable option is to append a new field to the Transit record definition. It will be simply ignored by the old clients.`
payloads spec formatting, rfc etc 2019-08-29 10:42:43 +00:00
			`## Security Considerations`

			`TBD.`
payload fmt and add transit faq 2019-08-29 11:06:19 +00:00
			`## Design rationale`

			`### Why are you using Transit and Protobuf?`

			Transit was initially chose for encoding, and Protobuf was added afterwards. This is partly due to the history of the protocol living inside of `status-react`, which is written in Clojurescript. In future versions of payload and data sync client specifications it is likely we'll move towards Protobuf only. See e.g. [Dasy](https://github.com/vacp2p/dasy) for a research proof of concept.