⚠️ WARNING !! ⚠️

There is a HUGE issue with the current setup.

The ntfy distributor generate a 12 char random string unified push topic. This topic is then used by the provider to send message to the distributor. This means that for one unique provider, there is a non-null chance that two or more user are subscribed to the same topic and receive the same notifications !

The solutions are :

• Tell the user the risk and tell him he can self-host the provider if he wants to. (way too complicated for the vast majority of users).
• Encrypt the notification to ensure only the targetted user can read the notif. But other users on the same topic will receive the encrypted notification (privacy issue)
• Create our own Distributer
  • From scratch, this is a big work. Especially to create an acrivity that stay open anytime and battery efficient.
  • Fork ntfy android client and adapt it for our usage (Apache 2 license)
• Go back to Firebase messaging but use E2EE to secure the message

The fork solution is probably my favorite.

The Pull Requests

• Server (Proxy, Entrypoint register, Notif Adapter, mongo user link translation…)
• ApplicationRunner (Setup the abstraction logic to send a notification)
• Client (Setup local_notification lib, Setup android authorization/config, Setup UnifiedPush lib)
• LenraUiRunner (deps update)
• client-common (Api Update)
• Example Lenra App to send a notification

Researches

What is UnifiedPush