Implement WhisperSystems Encryption for Voice and Text


9 條評論

  • KungPaoTigger

    I totally agree with this.  It's not necessary for all chats, and would be pretty impossible to do that in a user friendly way anyway.  However, PMs should have the option for E2E encryption at least.  It does present a problem with the mobile app, but I think there is a trade off that can make for a good middle ground.

    For any devs that might see this, I think I have a method of making things work.


    1. Let users that care about security generate their own GPG encryption keys.
    2. Have them upload the public key to the Discord Server and store it tied to their user ID (i.e.  notBob#1234).  This could easily be done under the "Privacy & Safety" as it's nothing more than a blob of data.
    3. Implement a way to point the app at the private key stored at whatever location it is stored at on the users computer for later decryption.  Or store the private key locally on the app but DO NOT SYNC IT TO THE CLOUD!
    4. Add a checkbox (and probably a global, server, and/or per channel setting) on the PM system to encrypt a message (and/or REQUIRE a sender to do so based on the settings above).
    5. Have the system automatically check to see if the recipient has a public PGP key uploaded to their account. 
    6. If yes, use it to encrypt the message.  If not, generate a message to the recipient with a link to a webpage explaining how to generate a key and upload it.  Send it on the PM channel so the recipient can let the person know when they have a key available (or have the system automatically notify the person that requested one to be generated).
    7. IF THERE WAS NO KEY:  Let the sender know that the message will not be encrypted and that the recipient will be prompted to generate and upload a public encryption key and that they will be notified when this is done.  Give them the option to send anyway or cancel the message and wait until a key is available.



    1. Since there's not really a way to store the private key locally (not and still have it be secure), wrap the message up and instead display a button that triggers the app to look for the private key at whatever location was specified in step 3 above.
    2. If on a mobile device, just disable the button.  Let the user follow up when they get home.  Some form of automatic way to remind the user would be a good idea.  I would suggest either some form of "Snooze" option or making encrypted messages show as unread until the button has been clicked.  Add an automatic timeout that resets the button to an active state and re-encrypts the message after some fixed interval, say 15 minutes, but without the unread flag.
  • Félix An

    I agree. I sometimes use Discord to share confidential information with my IRL friends and don't want Discord employees to see it.

  • stefanieshiller

    Why do you guys think discord is free? They need access to your texts so they can sell the info they gathered to advertisers and so on, they're not going to strengthen the encryption anytime soon

  • Cpt.Dinosaur

    That wouldn't work for trust and safety team.
    Imagine those child abuse servers if all communications were encrypted.


    It has a place on some platforms like telegram/signal/whatsapp, but I don't think discord needs to be encrypted in that way too.

    Sure, user -> discord, discord -> user (which they already do), but the trust and safety team need to read messages for ToS and law breaches.

  • bop

    Seems unlikely since most of Discord's investors are advertisers and people who would care about spying on people, but I'll still upvote it. Maybe Discord can improve ethically and be a nicer company

  • Сосо Νinjа

    Calls and screen shares should also be encrypted end to end.

    Let's make discord a private platform!

  • Chris Taylor

    Make it so that E2E Encryption is a paid service, maybe as part of Nitro.

    Then those that don't want it and are happy to continue as normal, fine no problems they get un-encrypted data. 

    However those such as my political organisation, that want to be able to debate in private without the possibility of having their words taken out of context can pay for an encrypted service, and relax with the certainty they they can debate all side of any argument without people taking what they say as "their own opinion", and causing unnecessary hurt and suffering.

  • Ryan6578

    +1 for end-to-end encrypted DMs and private groups!

  • SherloxTV

    For now, what you can do is to put published PGP keys fingerprint in the new "About" section, and send encrypted messages by sending the file (+ Discord has a really great text files interface)