Session watchOS
As one of my experiments with what you can run on Apple Watches, I decided to try to build the first truly independant watchOS client that works entirely on the device itself without requiring a companion iPhone app.
Challenges
As you might expect, there were a lot of challenges. At the very least, I had to reimplement everything from my JavaScript Session SDK in Swift, then run cryptographic dependencies such as OpenSSL and port libsession written in C++. This was even more difficult because I don't have Apple Watch, so I was mostly using an official simulator and once tried running it on my boyfriend's real Apple Watch. I also had to invent a way to allow user to securely input their private key (mnemonic/passphrase) without sending it in plaintext over the internet. I ended up building a small website that encrypts it client-side.
The final result
The app works and you can even send messages. Polling works poorly and it only allows for very basic operations. It also didn't work on real Apple Watches so it was more of proof-of-concept than a real app.
![Session Watchos linking website login page screenshot with text: Log in with existing account. [Input with placeholder: Mnemonic phrase]. "Continue" button. — Am I just sending you my mnemonic phrase? Is this secure? — See that tiny # character in your address bar? It's called URL fragment and what follows it - is a decryption key, which was generated along with qr code on your device. When you press Continue, this key is used to encrypt your mnemonic phrase and this gibberish is sent back to your watches where the same key is used to decrypt it. Basically, your browser sends encrypted mnemonic so we can't read it, then your watches turn it back. It's that simple and works on AES-256 symmetric encryption. Your mnemonic phrase never leaves your devices unencrypted.](/_app/immutable/assets/screenshot-2.BsK5fFEQ.avif)
