Platform-agnostic cryptographic kernel for secure peer-to-peer communication.
securebit_core is a pure Rust crate that provides cryptographic primitives and protocol implementation for secure WebRTC-based peer-to-peer communication. It is designed to be the single source of truth for all security-critical operations, reusable across desktop, mobile, and headless deployments.
SecureBit Chat desktop applications are now available for Windows, macOS, and Linux!
Download native desktop apps built on this secure core:
- Windows 10/11 - NSIS Installer
- macOS 11+ - Universal App (Intel + Apple Silicon)
- Linux - AppImage (Universal)
- ECDH Key Exchange (P-384): Ephemeral key exchange with perfect forward secrecy
- ECDSA Signatures (P-384): Cryptographic authentication of protocol messages
- HKDF Key Derivation (SHA-256): Deterministic key derivation from shared secrets
- AES-256-GCM Encryption: Authenticated encryption for message confidentiality and integrity
- HMAC-SHA-256: Message authentication codes for integrity verification
- SAS (Short Authentication String): MITM detection via DTLS fingerprint verification
- Protocol Version Enforcement: Strict validation of protocol version (v4.0)
- Message Structure Validation: All protocol messages are validated before processing
- State Machine Integrity: Connection state transitions are enforced
- Replay Protection: Sequence numbers prevent message replay attacks
- Metadata Protection: Message metadata (timestamps, IDs) are encrypted separately
- Zero Platform Dependencies: No Tauri, no UI frameworks, no OS-specific APIs
- Cross-Platform: Works on Windows, macOS, Linux, Android, iOS
- Headless Support: Can be used in CLI tools, daemons, and background services
- Thread-Safe: Uses
Arc<Mutex<>>for thread-safe state management
- Public Core: All security-critical code is in this public repository
- Auditable: Designed for independent security review
- No Backdoors: Zero external network calls, zero file system access
- Deterministic: Same inputs produce the same security-relevant outputs
SecureBit Core powers multiple official applications:
Native desktop apps for Windows, macOS, and Linux
- Repository: securebit-desktop
- Platforms: Windows 10/11, macOS 11+, Linux (AppImage)
- Status: Public Beta v0.1.0 Available
- License: Proprietary (free for personal & commercial use)
Browser-based secure chat (fully open source)
- Repository: securebit-chat
- Platforms: All modern browsers
- Status: Production Ready
- License: MIT
- Mobile Apps (iOS/Android) - Q2 2026
- Store Distribution (Windows Store, Mac App Store, Snap Store) - Q1 2026
Add to your Cargo.toml:
[dependencies]
securebit_core = { path = "../core" } # Local path
# Or from crates.io (when published):
# securebit_core = "0.1.0"use securebit_core::Core;
// Create a new Core instance
let core = Core::new();
// Create a secure offer (for initiator)
let offer = core.create_secure_offer(Some(web_rtc_sdp))?;
println!("Offer: {}", offer);
// Join a connection (for responder)
let answer = core.join_secure_connection(offer_data, Some(web_rtc_answer_sdp))?;
println!("Answer: {}", answer);
// Handle answer (for initiator)
let result = core.handle_secure_answer(answer_data)?;
// Encrypt a message
let encrypted = core.encrypt_enhanced_message(
"Hello, world!".to_string(),
"msg-123".to_string(),
1
)?;
// Decrypt a message
let decrypted = core.decrypt_enhanced_message(encrypted)?;use securebit_core::Core;
use std::sync::Arc;
use tauri::{State, Manager};
#[tauri::command]
fn create_secure_offer(
core: State<Arc<Core>>,
offer_sdp: Option<String>
) -> Result<String, String> {
core.create_secure_offer(offer_sdp)
}use securebit_core::Core;
#[no_mangle]
pub extern "C" fn create_secure_offer_ffi(
offer_sdp: *const c_char,
output: *mut c_char,
output_len: usize,
) -> i32 {
// FFI wrapper implementation
}securebit_core/
├── src/
│ ├── core.rs # Main Core struct and public API
│ ├── crypto.rs # Cryptographic utilities
│ ├── session.rs # Session management (encryption/decryption)
│ ├── webrtc.rs # WebRTC protocol (offer/answer/join)
│ ├── error.rs # Error types
│ ├── logger.rs # Optional logging trait
│ └── lib.rs # Public API exports
├── SECURITY_MODEL.md # Security guarantees and boundaries
├── THREAT_MODEL.md # Threats mitigated and not mitigated
└── README.md # This file
The core manages three types of state:
- Crypto State: Key pairs, encryption keys
- Offer State: ECDH secrets, session salts, DTLS fingerprints
- Session Keys: Encryption keys, MAC keys, metadata keys
All state is thread-safe via Arc<Mutex<>> and is never persisted to disk.
- Cryptographic Security: ECDH, ECDSA, HKDF, AES-GCM, HMAC
- Protocol Security: Version enforcement, message validation, state machine
- Key Management: Ephemeral keys, secure derivation, key isolation
- SAS Security: Deterministic SAS computation for MITM detection
- Input Validation: Strict validation of all inputs
- ❌ Platform Security: Protection against compromised OS/hardware
- ❌ Network Security: Protection against network-level attacks
- ❌ UI Security: Protection against malicious UI code
- ❌ Application Logic: Protection against application-level vulnerabilities
- ❌ Side-Channel Attacks: Protection against timing/power/cache attacks
See SECURITY_MODEL.md for detailed security guarantees.
- MITM Attacks: ECDH key exchange, ECDSA signatures, SAS verification
- Eavesdropping: AES-256-GCM encryption with ephemeral keys
- Message Tampering: HMAC-SHA-256, AES-GCM authentication
- Replay Attacks: Sequence numbers, timestamp validation
- Perfect Forward Secrecy: Ephemeral ECDH keys
- Protocol Attacks: Version enforcement, message validation
- ❌ Compromised OS/Hardware: Platform-level attacks
- ❌ Malicious UI: UI-level attacks (XSS, spoofing, phishing)
- ❌ Side-Channel Attacks: Timing, power, cache attacks
- ❌ Memory Dump Attacks: Process memory extraction
- ❌ Denial of Service: Resource exhaustion, crashes
See THREAT_MODEL.md for detailed threat analysis.
-
create_secure_offer(offer_sdp: Option<String>) -> Result<String, String>- Creates a secure offer for peer-to-peer connection initiation
- Returns: Encrypted offer in
SB1:gz:format
-
join_secure_connection(offer_data: String, answer_sdp: Option<String>) -> Result<String, String>- Joins a connection by processing an offer and creating an answer
- Returns: Encrypted answer in
SB1:gz:format
-
handle_secure_answer(answer_data: String) -> Result<String, String>- Handles an answer from the responder (for initiator)
- Returns: Connection result with session keys established
-
parse_secure_offer(offer_data: String) -> Result<String, String>- Parses an offer to extract SDP and metadata
- Returns: JSON string with parsed offer data
-
encrypt_enhanced_message(message: String, message_id: String, sequence_number: u64) -> Result<String, String>- Encrypts a message with AES-256-GCM and HMAC-SHA-256
- Returns: JSON string with encrypted message data
-
decrypt_enhanced_message(encrypted_message: String) -> Result<String, String>- Decrypts a message and verifies integrity
- Returns: JSON string with decrypted message data
-
generate_key_pair() -> Result<String, String>- Generates a new cryptographic key pair
- Returns: Key ID
-
encrypt_data(data: &str, key_id: &str) -> Result<String, String>- Encrypts data using a key pair
- Returns: JSON string with encrypted data
-
decrypt_data(encrypted_data: &str) -> Result<String, String>- Decrypts data using a key pair
- Returns: Decrypted data string
-
generate_secure_password(length: usize) -> Result<String, String>- Generates a cryptographically secure random password
- Returns: Random password string
p384: P-384 elliptic curve (ECDH, ECDSA)aes-gcm: AES-256-GCM authenticated encryptionhkdf: HKDF key derivation (SHA-256)hmac: HMAC-SHA-256 message authenticationsha2: SHA-256, SHA-384 hashing
serde,serde_json: Serializationrand: Cryptographically secure random number generationbase64: Base64 encoding/decodinghex: Hexadecimal encoding/decodingchrono: Timestamp handlinguuid: UUID generationflate2: Compression (zlib)serde_cbor: CBOR serializationregex: Regular expressions
No platform-specific dependencies (no Tauri, no UI frameworks, no OS APIs).
This core is used in production by:
- SecureBit Desktop - Native desktop applications
- SecureBit Web - Browser-based chat application
You can integrate this core into:
- Desktop Applications (Tauri, Electron, Qt)
- Mobile Applications (React Native, Flutter, native iOS/Android)
- Web Applications (WASM, JavaScript bindings)
- CLI Tools (Headless bots, automation)
- Backend Services (Message relays, bridge services)
This crate has been audited for public security review. See:
- SECURITY_MODEL.md - Security guarantees and boundaries
- THREAT_MODEL.md - Threat analysis
License: Apache-2.0
This is a security-critical crate. All contributions must:
- Maintain platform independence (no platform-specific code)
- Preserve security guarantees (no weakening of security)
- Follow Rust security best practices (no
unsafe, proper error handling) - Include tests for new functionality
- Update documentation (README, SECURITY_MODEL, THREAT_MODEL)
- Report Security Issues: Email security@securebit.chat (PGP key available)
- Submit Bug Reports: Open an issue on GitHub
- Propose Features: Open a discussion on GitHub
- Submit Pull Requests: Follow our contribution guidelines
- Improve Documentation: Help make docs clearer
See CONTRIBUTING.md for detailed guidelines.
This project is licensed under the Apache License, Version 2.0 - see the LICENSE file for details.
SPDX-License-Identifier: Apache-2.0
We chose Apache License 2.0 because it:
- Provides explicit patent protection
- Allows commercial use without restrictions
- Protects contributors from patent claims
- Is compatible with most other licenses
- Is trusted by enterprise users
- Core cryptographic primitives
- P2P protocol implementation
- Desktop application support
- Web application support
- Mobile FFI bindings (iOS/Android)
- WASM support for web
- Performance optimizations
- Additional test coverage
- Post-quantum cryptography (CRYSTALS-Kyber)
- Multi-device sync protocol
- Group chat cryptography
- Hardware security module support
- Formal verification (selected modules)
- Side-channel resistance improvements
- Memory-hard key derivation
- Advanced metadata protection
- Built with Rust's excellent cryptographic ecosystem
- Designed for independent security review and white-label distribution
- Inspired by Signal Protocol and OTR (Off-the-Record) messaging
- Thanks to all contributors and security researchers
- Rust Crypto Team: For excellent cryptographic primitives
- Tauri Team: For the desktop application framework
- WebRTC Community: For peer-to-peer technology
- Security Researchers: For audits and feedback
- Desktop Apps - Windows, macOS, Linux
- Web App - Browser-based chat
- RustCrypto - Cryptographic algorithms in Rust
- ring - Safe, fast crypto using Rust & BoringSSL
- sodiumoxide - Rust bindings to libsodium
The security-critical code (all cryptography, protocol implementation) is 100% open source in this repository. The desktop applications are proprietary wrappers around this core, containing only UI code and platform integrations. This means:
- You can audit all security-critical operations
- No cryptographic operations happen in closed-source code
- Business sustainability through proprietary UI
- Open core enables trust and transparency
Yes! This core is licensed under Apache 2.0, which allows:
- Commercial use
- Modification and distribution
- Private use
- Patent grant
Just make sure to include the license and copyright notice.
Yes! This core is used in production by:
- SecureBit Desktop (public beta)
- SecureBit Web (production)
However, we recommend:
- Independent security audit for critical applications
- Thorough testing in your specific use case
- Performance testing under expected load
Please DO NOT open public issues for security vulnerabilities.
Instead:
- Email: security@securebit.chat
- Include: Detailed description, reproduction steps, impact assessment
- Expect: Response within 24 hours
- We follow: Responsible disclosure (90-day window)
Version: 0.1.0
License: Apache-2.0
Last Updated: December 28, 2025
Built for Security, Designed for Transparency
Desktop Apps • Web App • Security Model • Threat Model
Made with 🦀 by the SecureBit Team