This repository contains the complete source code of the twonly apps.
- Offer a Snapchat™ like experience
- End-to-End encryption using the Signal Protocol
- No email or phone number required to register
- Privacy friendly - Everything is stored on the device
- For Android: Using UnifiedPush instead of FCM
- For Android: Reproducible Builds + Publishing on Github/F-Droid
- Implementing Sealed Sender to minimize metadata
- Maybe: Switching from the Signal Protocol to MLS.
If you discover a security issue in twonly, please adhere to the coordinated vulnerability disclosure model. Please send us your report to [email protected]. We also offer for critical security issues a small bug bounties, but we can not guarantee a bounty currently :/
Setup Instructions (macOS)
Some dependencies are downloaded directly from the source as there are some new changes which are not yet published on pub.dev or because they require some special installation.
flutter_secure_storage: We need the 10.0.0-beta version, but this version has some issues which are fixed but not yet published:
git submodule update --init --recursive
cd dependencies/flutter_zxing
git submodule update --init --recursive
./scripts/update_ios_macos_src.srun-as eu.twonly.testing ls /data/user/0/eu.twonly.testing/When you download the app via GitHub you can verify the signing keys using for example the AppVerifyer and the following SHA-256 fingerprint of the signing certificate.
eu.twonly E3:C4:4D:56:8C:67:F9:32:AC:8C:33:90:99:8A:B9:5E:E8:FF:2D:7A:07:3C:24:E3:66:77:93:E6:EA:CD:77:0A
This project is licensed under the GNU AGPL 3.0 license.