# Signal Group User Activity

"How active is each user in the signal groups I'm in?"

This project reads the configuration directory from the Signal for Desktop app
and generates a spreadsheet that looks like this:

|                  | Alice | Bob | ... |
|------------------|-------|-----| ----|
| Neighborhod Chat | 1     | 5   | ... |
| Roomate Chat     | 12    | 0   | ... |
| ...              | ...   | ... | ... |

Each cell is the total message count for a user in a chat.

The goal is to afford distributed collection of group participation metadata
from a community that uses disparate signal groups. No one member of the
community is a member of every signal group, so we need to make use of multiple
users' signal data.

I personally would not at all feel comfortable sending someone my decrypted
signal database, so I implemented this as a dockerized python command line tool
that runs locally. It generates a simple csv file that's easily inspectable
before sharing.

## Usage

### Build the container

First build the docker container for the tool. You should do this once every
time you pull from the repo again.

    $ ./build.sh
    Sending build context to Docker daemon  716.3kB
    Step 1/12 : FROM archlinux:base-20241110.0.278197
    ---> 8f94599caa7b
    [...]
    Successfully built 1c3e3a1b45f5
    Successfully tagged sigint:latest


### Run the tool

The following command will run the analysis against the signal config directory
you point it to, and dump the output to ./output/table.csv

#### Linux

    $ ./run.sh -c ~/.config/Signal

    INFO:main:writing message count table to /output/table.csv

#### Macos

    $ ./run.sh -c ~/Library/Application\ Support/Signal

    INFO:main:writing message count table to /output/table.csv

#### Providing a Password

If you get the following error while running the command:

    Exception: you must use the -p option to pass the password in for your signal db

Then you need to find the `Signal Safe Storage` [^1] entry in your keychain (on
macos) and pass that as an argument to the script:

    $ ./run.sh -c ~/Library/Application\ Support/Signal -p YOURPASSWORD

### Group Filtering

Adding -f will filter the groups under consideration to only those listed in
config/chat_list.txt

    $ ./run.sh -c ~/.config/Signal -f

You might want to run the command once without filtering, then paste the chat
name column from the spreadsheet into config/chat_list.txt and narrow down to
only the ones you care about and run it again with -f. This will ensure the
output spreadsheet only has columns for users in the groups you care about, and
not every single user you ever saw on Signal.

[^1]: [after some alarmist press](https://candid.technology/signal-encryption-key-flaw-desktop-app-fixed/)
    about Signal Desktop not encrypting data at rest securely, they
    [switched to using](https://github.com/signalapp/Signal-Desktop/issues/6944#issuecomment-2243704263)
    Electron's [safe storage api](https://www.electronjs.org/docs/latest/api/safe-storage)
    which automatically creates a per-application private key when used, and
    stores that key in the OS keychain. I found the docs to be lacking on
    details but [this blogpost](https://control-plane.io/posts/abusing-vscode-from-malicious-extensions-to-stolen-credentials-part-2/#electron-safestorage)
    and [this gist](https://gist.github.com/flatz/3f242ab3c550d361f8c6d031b07fb6b1) were both helpful.