A production-ready, end-to-end encrypted messaging platform designed for maximum security, reliability, and performance.
- End-to-End Encryption: Zero-knowledge architecture, servers never access plaintext
- Forward Secrecy: Double Ratchet protocol with per-message keys
- Post-Compromise Security: Automatic key rotation and secure recovery
- High Performance: Sub-100ms message delivery target
- Extreme Reliability: Guaranteed delivery, offline queueing, crash-safe design
- Formal Security: Explicit threat model and cryptographic correctness
See ARCHITECTURE.md for complete system design.
See SECURITY.md for threat model and security guarantees.
See PROTOCOL.md for complete protocol specification.
- Node.js >= 18.0.0
npm install
npm run buildnpm run serverThe server will start on ws://localhost:8080
-
Start the GUI server:
npm run client
-
Open your browser: Navigate to
http://localhost:8000 -
Connect:
- Enter server URL:
ws://localhost:8080 - Click "Connect"
- Generate or use your identity key
- Add recipients and start messaging!
- Enter server URL:
import { SecureMessengerClient, generateIdentityKeyPair } from './src/index.js';
const client = new SecureMessengerClient({
serverUrl: 'ws://localhost:8080',
identityKey: generateIdentityKeyPair(),
});
await client.connect();
await client.sendMessage(recipientId, 'Hello, secure world!');npm test
npm run test:coverageThis software is provided for security research and development. Before production use:
- Conduct a professional security audit
- Review all cryptographic implementations
- Test under adversarial conditions
- Verify key management and storage
Apache License Version 2.0 - See LICENSE file for details.