The OWND Project is a non-profit project that aims to realize more trustworthy communication through the social implementation of individual-centered digital identities.
This project was created as part of the "Trusted Web" use case demonstration project promoted by the Digital Market Competition Headquarters, Cabinet Secretariat.
We will develop a white-label digital identity wallet that complies with international standards and a federated messaging application that supports E2E encryption as open source software, and discuss governance to ensure trust.
OWND Project Briefing Material
- OWND Messenger Server
- It is a product of this repository.
- OWND Messenger Client
- OWND Messenger React SDK
This procedure is for developers. For deploying to the production environment, you should refer to codebuild/Dockerfile and create an appropriate procedure for the environment you are deploying to.
Since OWND Messenger Server is based on Synapse, please also refer to the Synapse environment setup instructions if necessary.
https://matrix-org.github.io/synapse/latest/development/contributing_guide.html
Before executing the following commands, you must fork the repository on Github
$ git clone git@github.com:YOUR_GITHUB_USER_NAME/synapse.git
$ git checkout develop
As a dependency management tool, Poetry must be installed.
$ pip install --user pipx
$ pipx install poetry==1.5.1 # Problems with Poetry 1.6, see https://github.com/matrix-org/synapse/issues/16147
$ cd path/where/you/have/cloned/the/repository
$ poetry install --extras all
A sample configuration is shown below.
homeserver.yaml
server_name: "localhost"
public_baseurl: "http://localhost:8008/"
request_object_signing_kid: "kid123"
pid_file: DATADIR/homeserver.pid
listeners:
- port: 8008
tls: false
type: http
x_forwarded: true
bind_addresses: ['::1', '127.0.0.1']
resources:
- names: [client, federation]
compress: false
database:
name: sqlite3
args:
database: DATADIR/homeserver.db
serve_server_wellknown: true
enable_registration: true
enable_registration_without_verification: true
log_config: "log_config.yaml"
media_store_path: DATADIR/media_store
signing_key_path: "signing.key"
trusted_key_servers:
- server_name: "localhost"
registration_shared_secret: secretstring
report_stats: false
# WORKAROUND: ###############################################################
# The combination of SIOPv2 and Matrix's original authentication method
# (User Interactive Authentication) is not working properly in some cases.
# This is a temporary configuration to reduce the frequency of this problem.
ui_auth:
session_timeout: "90d"
#############################################################################
# WORKAROUND ################################################################
# SIOPv2 sign-up and sign-in was implemented as a variant of GitHub
# login with OIDC. Therefore, the following settings must remain in the configuration.
# After the SIOPv2 and OIDC related implementations are properly modified,
# the following contents will also be modified.
oidc_providers:
- idp_id: github
idp_name: SIOPv2
discover: false
issuer: "https://self-issued.me/v2"
client_id: "your-client-id"
client_secret: "your-client-secret"
authorization_endpoint: "https://example.com/oauth/authorize"
token_endpoint: "https://example.com/oauth/access_token"
userinfo_endpoint: "https://api.example.com/user"
scopes: ["read:user"]
#############################################################################
user_mapping_provider:
config:
subject_claim: "sub"
confirm_localpart: true
log_config.yaml
version: 1
formatters:
precise:
format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s'
handlers:
console:
class: logging.StreamHandler
formatter: precise
loggers:
synapse.storage.SQL:
# beware: increasing this to DEBUG will make synapse log sensitive
# information such as access tokens.
level: INFO
root:
level: INFO
handlers: [console]
disable_existing_loggers: false
For more information on each item in the configurations, see the following pages.
https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html
$ poetry run python -m synapse.app.homeserver -c homeserver.yaml