Groups are also represented by a twincode.

To be part of a group, it is necessary to have been invited by the group owner or a member that is allowed to invite users. The invitation is sent only throught a contact relation and therefore by using WebRTC direct peer-to-peer message exchanged. Nobody except the sender and receiver can see the group invitation.

When the group invitation is accepted, the device creates a group member twincode from the user's profile by copying the nickname and avatar. The group member twincode is signed by a new Ed2259 key ensuring secure and unique group membership. The new group member twincode and its public key is then sent to the inviter through the WebRTC data channel to proceed with the invitation. The inviter signs the new member twincode and its public key and adds the new member in the secure roster associated with the group.

Because each member has its twincode, public key and permissions signed by either the group owner or a member who has the right to invite, it is not possible to introduce malicious users in our groups.