BrightChain represents a revolutionary approach to blockchain technology, combining advanced cryptography with innovative governance mechanisms. Built on Ethereum's foundation but departing from traditional proof-of-work systems, BrightChain delivers a comprehensive suite of decentralized services designed for security, privacy, and democratic participation.
BrightChain has evolved beyond a blockchain alternative into a complete platform for building decentralized digital societies. The system provides all essential infrastructure for secure, private, and democratic online communities:
- Foundation: Owner-Free Filesystem with plausible deniability, unlimited file sizes via Super CBL, and BIP39/32 identity management
- Communication: Encrypted messaging with gossip protocol, RFC-compliant email, and Discord-competitive chat with Signal-grade encryption
- Applications: BrightPass password manager (1Password-competitive), real-time communication (DMs, groups, channels), and secure collaboration tools
- Governance: Homomorphic voting with 15+ methods, quorum-based decision-making, and privacy-preserving elections with verifiable results
- Security: Brokered anonymity (accountability via quorum consensus), end-to-end encryption everywhere, and enterprise-grade credential management
The Storage vs. Power Density Advantage: Every blockchain has waste somewhere. BrightChain cuts down on waste in every way possible, but does have some overhead in the way of its storage mechanism. However, storage is one of the areas that has been the most cost-effective and where we've achieved massive density in recent years, whereas datacenters are struggling to achieve the needed power density for CPU requirements of blockchains and AI. The tradeoff of minimal storage overhead for anonymity and absolution of concern from copyright lawsuits and the like, or hosting inappropriate material, enables everyone to be all in and make the most out of our vast storage resources spread out across the globe.
BrightChain integrates several groundbreaking technologies:
- Advanced Blockchain Architecture: Built on Ethereum's keyspace and foundation but engineered without proof-of-work constraints, offering improved efficiency and sustainability
- Hierarchical Storage System: Super CBL (Constituent Block List) architecture enabling efficient storage of files of any size through recursive hierarchical structures
- Decentralized Storage: A peer-to-peer distributed file system enabling secure, resilient data storage across the network
- Messaging System: Secure, decentralized message passing with encryption, routing, delivery tracking, and gossip protocol for epidemic-style propagation built on the block store
- Email System: RFC 5322/2045 compliant email with threading, BCC privacy, attachments, inbox operations, delivery tracking, and multiple encryption schemes (ECIES, shared key, S/MIME)
- Communication System: Discord-competitive communication platform with Signal-grade encryption, featuring direct messaging, group chats, and channels with real-time presence, typing indicators, role-based permissions, and four visibility modes
- BrightPass Password Manager: Next-generation password keychain with vault management, TOTP/2FA, breach detection, and emergency access using VCBL (Vault Constituent Block List) architecture for efficient encrypted credential storage. Supports import from 1Password, LastPass, Bitwarden, Chrome, Firefox, KeePass, and Dashlane
- Identity Management: A sophisticated decentralized identity provider ensuring user privacy and control
- Owner-Free File System: Complete TUPLE storage implementation (3-block storage: data + 2 randomizers) for true plausible deniability and legal protection
- Homomorphic Voting System: Revolutionary cryptographic voting infrastructure utilizing Paillier homomorphic encryption with ECDH-derived keys, enabling secure vote tallying without revealing individual votes. Supports 15+ voting methods from simple plurality to complex ranked choice, with government compliance features including immutable audit logs, public bulletin board, and verifiable receipts
- Enhanced File Security: State-of-the-art encryption combining ECIES for key derivation with AES-256-GCM for file security
- Digital Governance Framework: Revolutionary quorum-based system supporting configurable majority requirements for secret reconstruction
- UPnP / NAT Traversal: Automatic port forwarding via UPnP and NAT-PMP so nodes behind consumer routers can accept inbound connections without manual configuration
BrightChain introduces "Brokered Anonymity," a sophisticated privacy mechanism that enables anonymous operations while maintaining accountability through encrypted identity information. This information can only be reconstructed through majority quorum consensus, typically in response to legal processes like FISA warrants. After a specified period, this identifying information becomes permanently inaccessible, ensuring long-term privacy protection.
BrightChain implements a cutting-edge homomorphic voting system that enables secure, privacy-preserving elections. The system features:
- ECDH-to-Paillier Bridge: Novel cryptographic bridge that derives Paillier homomorphic encryption keys from existing ECDSA/ECDH keys
- Privacy-Preserving Tallying: Vote aggregation without revealing individual votes through homomorphic addition
- Cross-Platform Determinism: Identical cryptographic operations across Node.js and browser environments
- Cryptographic Security: 128-bit security level with Miller-Rabin primality testing (256 rounds, error probability < 2^-512)
- Timing Attack Resistance: Constant-time operations and deterministic random bit generation (HMAC-DRBG)
The system implements advanced document sealing and unsealing mechanisms, allowing groups to protect sensitive information with customizable threshold requirements for access restoration. This feature ensures both security and flexibility in document management.
BrightChain is currently implemented as an NX monorepo, with the core functionality contained in the "brightchain-lib" project. The system incorporates:
- Authentication: Robust implementation using BIP39/32 and SECP256k1
- Identity Management: Complete Member system with public/private key pairs and document storage
- Encryption: Advanced ECIES encryption with AES-256-GCM and multi-recipient support
- TUPLE Storage: All data stored as 3-block TUPLEs for complete Owner-Free Filesystem compliance
- Data Integrity: Verified block-level integrity with SHA3-512 checksums and XOR functionality
- Super CBL Architecture: Hierarchical Constituent Block Lists enabling unlimited file sizes through recursive sub-CBL structures with automatic threshold detection
- Message Passing: Complete messaging system with encryption, routing, delivery tracking, and WebSocket events
- Quorum Governance: Full Shamir's Secret Sharing implementation for document sealing with configurable thresholds (2 to 1,048,575 members)
- Homomorphic Voting: Integrated Paillier homomorphic encryption system with ECDH-to-Paillier key bridge for privacy-preserving vote aggregation
- Forward Error Correction: Reed-Solomon erasure coding for data recovery and redundancy
- Cross-Platform Cryptography: Unified cryptographic operations across Node.js and browser environments with deterministic key generation
- Modular Architecture: Extends base cryptographic constants from @digitaldefiance libraries, ensuring consistency and reducing duplication
BrightChain follows a layered constants architecture:
- brightchain-lib: Extends
@digitaldefiance/ecies-libfor core cryptographic constants - brightchain-api-lib: Extends
@digitaldefiance/node-express-suitefor API and Express constants - BrightChain-specific: Only defines blockchain-specific constants (CBL, FEC, TUPLE, SEALING, VOTING, etc.)
This architecture ensures:
- Single source of truth for cryptographic constants
- Reduced code duplication
- Consistent security practices across the @digitaldefiance ecosystem
- Easy maintenance and updates
BrightChain implements Keybase-inspired identity and cryptographic features while advancing beyond Keybase's centralized model into a fully decentralized architecture.
| Feature | Keybase | BrightChain |
|---|---|---|
| Identity Proofs | Centralized verification server | Decentralized ECDSA-signed proofs verified peer-to-peer |
| Paper Keys | Single 64-char hex key | BIP39 24-word mnemonic with Shamir's Secret Sharing for split custody |
| Device Provisioning | Server-mediated device chain | BIP32 HD key derivation (m/44'/60'/0'/1/<index>) per device |
| Key Directory | Centralized Keybase server | Decentralized public key directory with privacy mode |
| Cryptocurrency | Stellar wallet (custodial) | Non-custodial Ethereum wallet derived from member identity (BIP44) |
| Git Signing | PGP-based via Keybase | ECDSA signing with GPG-compatible output from member keys |
| Exploding Messages | Server-enforced deletion | Client-enforced with time-based and read-count expiration |
| Encryption | NaCl (Curve25519) | ECIES (secp256k1) + AES-256-GCM with multi-recipient support |
| Architecture | Centralized servers | Fully decentralized with Owner-Free Filesystem |
| Anonymity | Pseudonymous | Brokered anonymity with quorum-based de-anonymization |
| Governance | Company-controlled | Democratic quorum-based governance |
| Open Source | Client only | Full stack open source |
Key advantages of BrightChain's approach:
- No single point of failure or trust — identity proofs are cryptographically self-verifying
- Paper keys support split custody via Shamir's Secret Sharing for organizational recovery scenarios
- Device keys are deterministically derived, enabling offline provisioning without server coordination
- Ethereum wallet integration provides non-custodial access to DeFi and dApp ecosystems
- Exploding messages support both time-based and read-count expiration with scheduled cleanup
BrightChain is currently in pre-alpha stage with 70-80% of core functionality complete. Major achievements include:
- Owner-Free Filesystem: Complete TUPLE storage implementation (3 blocks per data item) for true plausible deniability
- Super CBL System: Hierarchical storage supporting unlimited file sizes through recursive sub-CBLs
- Identity Management: Full member system with BIP39/32 key derivation and SECP256k1 cryptography
- Quorum Governance: Complete Shamir's Secret Sharing implementation with configurable thresholds
- Homomorphic Voting: Paillier encryption with ECDH-to-Paillier bridge for privacy-preserving elections. Supports 15+ voting methods (Plurality, Approval, Weighted, Borda, Score, Ranked Choice, IRV, STAR, STV, Quadratic, Consensus, etc.) with government compliance features (immutable audit logs, public bulletin board, verifiable receipts, hierarchical aggregation)
- Messaging System: Complete encrypted messaging with routing, delivery tracking, gossip protocol (epidemic-style propagation with priority-based delivery, automatic retry with exponential backoff), discovery protocol (Bloom filter-based block location), and WebSocket transport
- Email System: RFC 5322/2045 compliant email with threading (In-Reply-To/References), BCC privacy (cryptographically separated copies), attachments (multiple with Content-ID support), inbox operations (query/filter/sort/search with pagination), delivery tracking (per-recipient via gossip), encryption (ECIES per-recipient, shared key, S/MIME), signatures (digital signatures for authentication), and forward/reply (RFC-compliant with Resent-* headers)
- Communication System: Discord-competitive platform with Signal-grade encryption. Features direct messaging (person-to-person encrypted), group chats (multi-member with shared encryption and key rotation), channels (topic-based with four visibility modes: public/private/secret/invisible), presence system (online/offline/idle/DND), role-based permissions (Owner/Admin/Moderator/Member), real-time events (typing indicators, reactions, edits via WebSocket), invite system (time-limited, usage-limited tokens), message search, and conversation promotion (DMs to groups)
- BrightPass Password Manager: 1Password-competitive keychain with VCBL architecture, multiple entry types (login/note/card/identity), password generation (cryptographically secure with constraints), TOTP/2FA (with QR codes), breach detection (k-anonymity via Have I Been Pwned), audit logging (append-only encrypted), emergency access (Shamir's Secret Sharing), vault sharing (multi-member with ECIES), import support (1Password, LastPass, Bitwarden, Chrome, Firefox, KeePass, Dashlane), and browser extension autofill API
- Encryption Suite: ECIES + AES-256-GCM with multi-recipient support
- Forward Error Correction: Reed-Solomon erasure coding for data recovery
- Block Store: Content-addressed storage with SHA3-512 checksums and automatic deduplication
- Reputation System: Algorithms designed but not yet implemented
- Network Layer: P2P infrastructure partially complete
- Economic Model: Storage market and energy tracking concepts defined
- Smart Contracts: Planned CIL/CLR-based contract system
- Docker Desktop (optional)
- NodeJS 20+ (if not using Docker)
- Clone the repository
- Open in VSCode
- For Docker users:
- Install Dev Container extension
- Select "Remote-Containers: Reopen in Container"
- Run
yarnin repository root and brightchain-lib - Execute tests:
npx nx test brightchain-lib
For comprehensive understanding:
-
Core Architecture:
- BrightChain Summary: High-level system overview
- Brightchain Writeup: Detailed technical documentation
- TUPLE Storage Architecture: Complete OFF compliance with 3-block storage
- OFF System Comparison Analysis: Detailed comparison with Owner-Free File System and "government in a box" assessment
-
Communication & Messaging:
- Messaging System Architecture: Message passing and event system design
- Gossip Delivery Protocol: Epidemic-style message propagation with priority-based delivery and automatic retry
- Communication System Architecture: Discord-style communication with end-to-end encryption
-
Applications:
- BrightPass Password Manager: Secure password keychain with VCBL architecture and emergency access
- Voting System Architecture: Homomorphic voting with 15+ methods and government compliance
-
Networking:
- UPnP Configuration: Enable automatic port forwarding, configuration options, and troubleshooting
-
Development:
- Implementation Roadmap: Development roadmap and future plans
-
Keybase-Inspired Features:
- User Guide: Paper keys, identity proofs, device provisioning, wallets, exploding messages
- Developer Guide: API reference, service integration, testing
- Architecture: Data flows, security model, key derivation
This project leverages Nx build system for enhanced development efficiency. For detailed information about working with Nx:
nx list # View available plugins
nx list <plugin-name> # View plugin-specific generatorsnx <target> <project> # Single target
nx run-many -t <target1> <target2> # Multiple targets
nx run-many -t <target1> <target2> -p <proj1> <proj2> # Filtered projectsEnhance your development experience with Nx Console extensions, providing:
- Autocomplete support
- Task & generator UI
- VSCode, IntelliJ, and Vim LSP support
Build your application with:
nx build demoappBuild artifacts will be available in the dist/ directory.
Nx supports advanced CI features:
Join the Nx community:
BrightChain is the technology behind The Revolution Network—a protocol and ecosystem designed to bring out the best in collaborators through incentive-driven participation. Users are rewarded for philanthropic behavior, quality content, and resource contributions while aberrant behaviors are disincentivized through proof-of-work throttling and reputation penalties.
The platform provides:
- True Anonymity with Accountability: Brokered anonymity via quorum consensus
- Democratic Moderation: Community-driven governance with configurable thresholds
- Privacy by Design: Owner-Free Filesystem with plausible deniability
- Secure Communication: Signal-grade encryption across all channels
- Democratic Decision-Making: Privacy-preserving voting with verifiable results
- Personal Security: Enterprise-grade password management
BrightChain is not just a blockchain alternative—it's a complete platform for building the next generation of digital societies, where privacy, security, and democracy are fundamental rights, not afterthoughts.