chat-e2ee icon indicating copy to clipboard operation
chat-e2ee copied to clipboard
verified publisher icon muke1908

AES key should be encrypted before exchange

Open muke1908 opened this issue 1 year ago • 0 comments

https://github.com/muke1908/chat-e2ee/blob/905c8c0f1048d9a78509a7bcfed75bda361d8c54/service/src/sdk.ts#L148

Right now AES encryption key is sent to server for exchange which is a vulnerability. It should be send via end-to-end encrypted channel.

muke1908 avatar Sep 19 '24 19:09 muke1908