Kizuna empowers people to message each other completely privately, without the involvement of a central server. The app is open-source and is being developed by a non-profit group called the Holochain Institute of Japan.
This is the first article in a series of mini-spotlights on projects using Holochain. Many of these projects, like Kizuna, are quietly but busily working away towards a public product. They’re actively building, testing, and refining their prototypes as they get ready for Holochain’s beta release. You may not hear much from them, which is one reason I’ve chosen to write these updates.
Kizuna at a glance
Description: Kizuna is a messaging application for one-on-one or group conversations. Messages are kept private by high-strength encryption.
- GitHub: https://github.com/hc-institute-japan/kizuna
- Demo videos: 1 and 2
- Website: https://kizuna.foundation/en/
- Twitter: https://twitter.com/kizuna_fndn/
- Newsletter: https://kizuna.foundation/en/newsletter/
We asked the Kizuna development team a few questions about their project, and the answers were intriguing.
Why is Kizuna being built?
You might ask, why another private messenger? There are a lot of them out there already — Telegram, Matrix, WhatsApp, Facebook Messenger, Signal, Viber, and so on, all give you various promises of message privacy. What’s different about Kizuna? What does it hope to contribute?
Well, all of these services have one common feature: you connect with your contacts through central servers. (Matrix is somewhat of an exception; their software is open-source and you can run your own server if you like.) Sure, the server may not be able to read your encrypted messages, but it can still see who’s connecting with whom, who belongs to what group, how often you send messages, and other bits of extra information about you. This sort of data is candy for companies who build their businesses on selling insights about your behaviour to advertisers.
You may not be worried about this, but advertisers aren’t the only customers. If you live in an oppressive regime that’s secured the cooperation of one of these messenger services, your privacy could be a matter of survival.
But maybe you’ve found a messenger service that you trust. They’ve promised not to reveal your private metadata to anybody, and you believe them. But they can still go out of business, suffer a server crash, get hacked, or get bought up by a less honest company (along with all your data). What happens to the connections you’ve made then?
To the developers who came up with Kizuna, these compromises were unacceptable. They believed that we ought to be able to simply talk to each other. Form our own connections and take care of them ourselves. Without someone in the middle.
As Tatsuya Sato, lead developer and a faithful Holochain supporter who’s translated many of our articles into Japanese, explained to us:
We believe that the conversations we have with others reflect our private lives. Messaging applications built in the last two decades allowed us to make hundreds of those conversations instantaneously. However, the messages we send in those conversations are being used as a tool for companies to sell our data, serve ads, and influence our choices. We've also seen an increase in messaging and social media applications getting hacked by attackers since they have an incentive to target applications that store millions of people's data in one place. Kizuna is a Japanese word that roughly translates in English to "deep bond" (there really is no direct translation that catches the full nuance of the word Kizuna in English) among people. We believe that humans have the innate desire to build and nourish this deep bond with others. A belief that this bond that we nurture with others should never be capitalized on.
He and his colleague Nicko Pangarungan go on to say that “without the fear of data compromise, we can share our deep and intimate selves with others — which is the very nature of kizuna”. And that’s their ultimate goal — to enable deep bonds online.
On the practical level, here’s a feature-by-feature comparison to other popular private messengers.
Why did they choose Holochain?
Because the Kizuna team were committed so deeply to putting users in control, it made sense to build the service on peer-to-peer networking technology. This kind of internet communication doesn’t need servers, except in limited cases to punch through home firewalls and help people discover each other.
They could’ve designed from scratch, but that would have been a lot of work. If there were already a set of basic building blocks they could use for the networking layer, that would let them focus on the things that matter most to them — giving people a simple, reliable, private way of talking to each other. Fortunately, Sato had already been introduced to Holochain by his colleagues, and it seemed to be an appropriate starting point.
So, why is Holochain important for the Kizuna team?
Perhaps most importantly, it embodies the very principles they’re building into their product. I’ll let Sato and Pangarungan explain it themselves:
Holochain is not just another development framework for making things easier (in some ways it does not 😅). But what makes us root for Holochain are the very principles it represents and the ideals of an online community that strives to realize – agent centricity, data security, peer-to-peer networks. These principles align themselves with what we believe are essential for a messaging app or any online application.
To put it simply, they chose Holochain because it puts users first by design.
In particular, they like the fact that applications and their data are hosted by the people who use them, which means that your ability to access them can never be restricted by someone else. You and your group are in charge.
As they hinted at the beginning of that quote, it has come with its challenges. As a young technology, Holochain is still changing rapidly, which means they've had to rewrite pieces of their code. And a lot of the things that make Holochain work—for instance, the 'deterministic validation' that forms the foundation of an application's 'immune system'—have been quite a learning journey.
But through all this, they're still committed. Besides all the reasons Holochain was the right fit for their needs, they say there are other benefits. The learning they've invested in has paid off in new ways of thinking about problems. And they love the supportiveness of the community, core dev team, and learning materials (something Mike Gamble of RedGrid also mentioned in a previous article). They also love the Rust programming language and WebAssembly, and feel that they're both a good bet for future-proofing their work.
How are they using Holochain?
There are a few specific Holochain features that they're putting to good use in the design of Kizuna.
- As part of its deterministic validation rules, a Holochain application can add a 'membrane' that controls who can join its network and communicate with other members. The team uses this to restrict access to messages—each group conversation is a separate copy of the core messaging code with its own isolated, encrypted network. This is what lets Kizuna claim it has 'spy-proof group messaging' --- if you can't join the network, you can't access its messages. And unlike server-based private messengers, even your metadata (group membership, for instance) is safe from prying eyes.
- Holochain exposes best-practice cryptographic functions to applications for further security. You may wonder, if each group's messages are encrypted as they travel, why does this matter? Well, in spite of the fact that Holochain encrypts network messages with TLS (the same protocol that secures your banking and online shopping), there's a slim chance that a session could be compromised. Kizuna uses Holochain's crypto functions as an extra layer of protection. Additionally, they plan to use Holo hosting to support web and mobile users, and this prevents hosts from reading users' stored messages.
- The team appreciate how well Holochain supports inter-application interoperability. As long as the application is designed to support it, a user can access the functionality and data of any application they have installed from any of their other applications. This means that Kizuna's core could be embedded into other Holochain applications, and it also means that it could gain surprising new features thanks to the creativity of other developers.
How can I get involved?
If you're interested in supporting the team, the best thing to do right now is sign up for their mailing list and follow them on Twitter. They did public release of their app in 2021 but Holochain has advanced sine then and their codebase has followed. They are preparing for a public release soon!