Skip to content

Add end-to-end encryption for telemedicine chat messages in messagingService.ts #578

Description

@success-OG

Labels: backend security enhancement

Background
backend/services/messagingService.ts (3 KB) stores chat messages in plaintext. Telemedicine chat between pet owners and vets may contain sensitive health information that should be encrypted at rest.

What "Done" Looks Like

  • Messages encrypted client-side before sending using the recipient's public key (stored in the user profile)
  • Backend stores ciphertext only — cannot read message content
  • Key exchange: use X25519 (Diffie-Hellman) for shared secret, AES-256-GCM for message encryption
  • Message decryption happens client-side in telemedicineService.ts
  • Key rotation: new keypair generated on device change; old messages remain readable via key history
  • Update backend/services/__tests__/messagingService.test.ts to verify ciphertext is stored (not plaintext)

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions