Build end-to-end encrypted chat application with Flutter, DhiWise, and Cryptography API



January 16, 2023


January 16, 2023

Chat applications such as WhatsApp, and Signal are no doubt the most convenient and secure way of communication with your friends, family, and colleagues. According to Statista, as of January 2022, two billion users were accessing WhatsApp messenger monthly. And Signal had around 20 million app installations at the end of last year. 

But do you know what makes these apps so secure for private messaging and media sharing? Let's take a look at why these end-to-end encrypted chat application platforms are dominating other similar app platforms. 

WhatsApp and Signal are end-to-end-encrypted messaging apps, which means the platform can not access private messages or media, or store them on their server without encryption. And this is the most important feature of the real-time chat application. 

In this article, we will cover the following things:

  1. How Real-time chat application work?
  2. What does end-to-end encryption mean?
  3. What is the Web Cryptography API?
  4. How to build an end-to-end encrypted Flutter chat application with DhiWise and Web Cryptography API?

1. How Real-time chat application work?

A real-time chat application sends and receives data instantly over the network among multiple clients. This enables users to connect immediately with anyone and exchange messages and media files like images, audio, and videos. 

Real-time chat applications mostly use client-server architecture for data transfer. The software displays messages in real-time to one or more people in a channel or group. However, how those messages are processed, manipulated, and maintained differs from platform to platform. 

Having end-to-end encrypted chat applications ensures users' data security, as users are more likely to exchange their personal information through chats like financial details, passwords, user IDs, etc. 

So, let's take a look at what end-to-end encryption means and how it works.

2. What does end-to-end encryption means

End-to-end encryption is the mechanism where the messages are secured in a way so that no third party can access or tamper them. Only the sender and receiver can access those messages. The messages are stored in encrypted form on the server running a chat application.

The only way to access these messages is by decrypting them through signing with the known public key and the corresponding private key pair. 

So how do the encryption and decryption of messages take place using public and private keys?

Each user in the chat app has their own public and private key pair. The Public key (distributed publicly) is used to encrypt the sender's message, while the receiver can only decrypt the sender’s message with the matching private key.

For implementing end-to-end encryption in the chat application you can use cryptography API that helps you to perform basic cryptographic operations in the chat application.

3. What is Web Cryptography API?

The Web Cryptography API is the JavaScript API that can be used to perform basic cryptographic operations such as hashing, encryption, and decryption. It is a low-level interface recommended by the World Wide Web Consortium. 

For using the Web Cryptographic API in your Flutter application use the webcrypto 0.5.3 package. It provides a cross-platform implementation of the Web Cryptography APIs for Flutter. 

Outside the browser, this package features a native implementation embedding BoringSSL using dart:ffi. And when used inside the web browser this package wraps the window.crypto APIs and provides the same Dart API as the native implementation. In this way, it provides the same API on multiple platforms such as the Web, Android, and iOS. 

4. How to build an end-to-end encrypted Flutter chat application with DhiWise and Web Cryptography API?

To build the Flutter app using DhiWise, first Sign up with DhiWise using a Google or GitHub account and then follow the steps below.

1. Select app development technology as Flutter and select the design platform

To start building a mobile application you need to select the app development technology (from Flutter, Android, and iOS) and the design platform (from Figma, Sketch, and Adobe-XD). 

DhiWise allows its users to directly use their Figma design inside the DhiWise platform moreover if the users don't have their design ready DhiWise provides them with ready-to-use app templates and screen libraries. 

To access their Figma design they just need a Figma design URL and then the design components are automatically fetched into the DhiWise platform.


2. Select the screen/screens to fetch design components

If you have your Figma design ready, use the Figma file URL to fetch Figma components in the app design. You can select a number of screens that you want to customize inside DhiWise to generate the Flutter application code. 


So this is how the platform identifies chat application components once the screens are selected. 


Next, you can set up a splash screen and the screen next to it. 

3. Configure chat application screens 

The platform empowers developers to customize UI components and styling at the code level. Just select the component, and it will be highlighted in the code editor. The code editor provides suggestions similar to any other IDE, so you can customize the code in the way you want. 

To make things faster and easier, the platform enables you to synchronize the Figma design changes for a single screen or all screens. Its component detection algorithm auto-detects the interactions in the design prototype like navigation and actions. 

In fact, it allows you to set up lifecycle methods, and navigation and add arguments with just a click.


4. Integrating web cryptography API to the chat app using DhiWise

As the chat application starts users should be able to connect with the real-time stream chat. For that developers need to store the user’s public key as extra data. Anyone with the user's public key can encrypt a message using it and the same can be decrypted using the corresponding private key. That's the reason why private keys should be saved securely. 

To generate a key add webcrypto 0.5.3 package to your pubspec.yaml file under dependencies. 

  sdk: flutter
  cupertino_icons: ^1.0.2
  webcrypto: ^0.5.3 

Next, write a function that generates a key pair using the ECDH algorithm and the P-256 elliptic curve. Also, you will need to create widgets for the users and channels in the chat application. 

Finally, to encrypt and decrypt messages one needs to use the Crypto Key generated using the key pair used by the two communicating users. 

In case you want to create your own API, or upload Postman collections of files, DhiWise Flutter builder lets you do that with its API integration feature. 

Read our help doc to know more about API integration in the Flutter application with DhiWise. 

5. Generate boilerplate code for the Flutter chat application

Once your UI customization is done for all app screens, you can quickly preview your application and share the preview with team members. Next to generate the code click build app and the platform will start generating your application code.


The Build option gives you two choices for selecting build type, developers can select generate only UI that includes responsive UI, Stateless and Custom widgets, or they can select the UI+ State management Code which includes responsive UI, Stateless widgets, Custom reusable widgets, Models GetX state manager, Navigation and other integration. 


After you choose the option DhiWise will start generating the final code that can be downloaded or synchronized with the GitHub and GitLab repositories. 


Summing Up: 

In this article, we have learned everything about building end-to-end encrypted chat applications. We have also seen how to use the webcrypto API package for building the Flutter chat application and how DhiWise simplifies the entire process of building the Flutter app with advanced features and an Intuitive user interface.  

If you are looking for something efficient and easy-to-use platform for Flutter application development DhiWise Flutter builder is what you need. 

Sign up now!