| Thanks for the kind words! > Presumably, your server stores a registry of Device IDs and IPs to route messages? Not IPs but Push API registration objects. > What about replacing this with some sort of partitioned DHT to make it decentralized? I guess this could be done but it's a task I can't tackle at this point. > Also, the messages flow through your servers? Yes but I don't store them. My API just dispatches the message to the recipient's push service. Which means the message exists on my server only in the form of an in-memory variable for several microseconds between being received and sent further. > Would it be possible to set up WebSocket connections between the users instead, and how would that compare from a security model perspective? This generally can't be done in a PWA. OS won't allow a persistent WebSocket to run in background. Also, this would disclose too much information about a client to all the other clients. Currently, all I know about other clients is their Device IDs which are just random strings. |