2025-08-14 15:54:11 -04:00
# Contributing to SecureBit.chat
2025-08-09 13:23:20 -04:00
2025-08-14 15:54:11 -04:00
🎉 **Thank you for your interest in contributing to SecureBit.chat! **
2025-08-09 13:23:20 -04:00
We're building the most secure P2P messenger with Lightning Network integration, and we need your help to make it even better.
## 🌟 Ways to Contribute
### 🐛 Bug Reports
Found a bug? Help us squash it!
### 💡 Feature Requests
Have an idea for improvement? We'd love to hear it!
### 🔒 Security Research
Help audit our cryptographic implementation
### 📖 Documentation
Improve guides, tutorials, and technical docs
### 🌍 Translations
2025-08-14 15:54:11 -04:00
Help make SecureBit.chat accessible worldwide
2025-08-09 13:23:20 -04:00
### 💻 Code Contributions
Submit pull requests for bug fixes and features
## 🚀 Getting Started
### Prerequisites
- **Browser:** Modern browser with WebRTC and WebCrypto support
- **Git:** For version control
- **Text Editor:** VS Code, Vim, or your favorite editor
- **Lightning Wallet:** For testing payment features (optional)
### Development Setup
``bash
# 1. Fork the repository on GitHub
# 2. Clone your fork
2025-08-14 15:54:11 -04:00
git clone https://github.com/yourusername/securebit-chat.git
cd securebit-chat
2025-08-09 13:23:20 -04:00
# 3. Create a development branch
git checkout -b feature/your-feature-name
# 4. Start development server
python -m http.server 8000
# or
npx serve .
# 5. Open http://localhost:8000
# Make your changes
# Test thoroughly
# Commit with descriptive messages
git commit -m "feat: add quantum-resistant key exchange
- Implement CRYSTALS-Kyber for post-quantum security
- Add fallback to classical ECDH
- Update security level calculations
- Add comprehensive test suite
Closes #123 "
📋 Contribution Guidelines
🔍 Before You Start
Check existing issues - avoid duplicate work
Create an issue - discuss your idea first
Get feedback - ensure alignment with project goals
Fork and branch - work on a feature branch
💻 Code Standards
JavaScript Style
// ✅ Good
const encryptionKey = await crypto.subtle.generateKey({
name: 'AES-GCM',
length: 256
}, false, ['encrypt', 'decrypt']);
// ❌ Bad
var key=crypto.subtle.generateKey({name:'AES-GCM',length:256},false,['encrypt','decrypt'])
Naming Conventions
Functions: camelCase - generateSecureKey()
Classes: PascalCase - EnhancedSecureCryptoUtils
Constants: UPPER_SNAKE_CASE - MAX_MESSAGE_LENGTH
Files: kebab-case - crypto-utils.js
Documentation
🔒 Security Considerations
Critical Areas
These areas require extra careful review:
Cryptographic functions - All crypto code must be reviewed
Key generation - Entropy and randomness
Message handling - Input validation and sanitization
P2P communication - WebRTC security
Lightning integration - Payment verification
Security Checklist
No hardcoded secrets or keys
Proper input validation
Safe cryptographic practices
No information leakage in logs
Rate limiting where appropriate
Memory cleanup for sensitive data
🧪 Testing
Manual Testing
# Test basic functionality
1. Create a connection
2. Send encrypted messages
3. Verify out-of-band codes
4. Test Lightning payments
5. Check security indicators
Security Testing
# Test attack scenarios
1. MITM attack simulation
2. Replay attack prevention
3. Rate limiting effectiveness
4. Input validation edge cases
5. Cryptographic key isolation
📝 Commit Message Format
We use Conventional Commits:
<type>[optional scope]: <description>
[optional body]
[optional footer(s)]
Types:
feat: New feature
fix: Bug fix
docs: Documentation changes
style: Code formatting
refactor: Code restructuring
test: Adding tests
security: Security improvements
perf: Performance improvements
Examples:
feat(crypto): add quantum-resistant key exchange
fix(webrtc): resolve connection timeout issues
docs(api): update cryptographic architecture guide
security(auth): strengthen MITM protection
🔄 Pull Request Process
1. Pre-submission Checklist
Code follows style guidelines
Security considerations addressed
Documentation updated
Commit messages follow convention
No merge conflicts
Testing completed
PR Template
## Description
Brief description of changes
## Type of Change
- [ ] Bug fix
- [ ] New feature
- [ ] Security improvement
- [ ] Documentation update
- [ ] Breaking change
## Security Impact
- [ ] No security implications
- [ ] Security enhancement
- [ ] Requires security review
## Testing
- [ ] Manual testing completed
- [ ] Security testing completed
- [ ] Cross-browser testing
## Checklist
- [ ] Code follows project guidelines
- [ ] Self-review completed
- [ ] Documentation updated
- [ ] No sensitive data exposed
3. Review Process
Automated checks - CI/CD pipeline
Code review - Maintainer review
Security review - For crypto/security changes
Testing - Manual verification
Approval - Maintainer approval
Merge - Squash and merge
🏷️ Issue Labels
Priority
🔴 critical - Security vulnerabilities, major bugs
🟠 high - Important features, significant bugs
🟡 medium - General improvements
🟢 low - Minor enhancements, cleanup
Type
🐛 bug - Something isn't working
✨ enhancement - New feature request
🔒 security - Security-related
📖 documentation - Documentation improvements
🌍 translation - Internationalization
🧪 testing - Testing improvements
Status
🔍 investigating - Under investigation
✅ ready - Ready for development
🚧 in-progress - Being worked on
⏸️ blocked - Blocked by dependencies
❓ question - Needs clarification
🌍 Translation Guidelines
Supported Languages
English (en) - Primary language
Ukraine (ua) - Primary language
Russian (ru) - Secondary language
Spanish (es) - Community maintained
Chinese (zh) - Community maintained
Translation Process
Check existing translations in /locales/
Create language file - locales/[lang].json
Translate keys - Keep technical terms consistent
Test in browser - Verify UI layout
Submit PR - Follow contribution guidelines
Translation Keys
json{
2025-08-14 15:54:11 -04:00
"header.title": "SecureBit.chat - Enhanced Security Edition",
2025-08-09 13:23:20 -04:00
"security.level.high": "HIGH",
"crypto.algorithm.ecdh": "ECDH P-384",
"error.connection.failed": "Connection failed"
}
🏆 Recognition
Contributors Wall
Outstanding contributors are featured in:
README.md - Contributors section
Website - Hall of fame page
Releases - Release notes credits
Contribution Rewards
Swag - Stickers, t-shirts for active contributors
Early Access - Beta features and releases
Lightning Tips - Small Bitcoin tips for quality contributions
References - LinkedIn recommendations
Conference Invites - Speaking opportunities
💬 Community
Communication Channels
GitHub Discussions - Technical discussions
GitHub Issues - Bug reports and features
Email - lockbitchat@tutanota .com
2025-08-14 15:54:11 -04:00
Security - security@SecureBit .chat
2025-08-09 13:23:20 -04:00
Code of Conduct
We follow the Contributor Covenant:
Be respectful - Treat everyone with respect
Be inclusive - Welcome diverse perspectives
Be constructive - Provide helpful feedback
Be patient - Remember everyone is learning
Getting Help
Documentation - Check /docs/ folder
GitHub Discussions - Ask questions
Email - Contact maintainers directly
📚 Resources
Technical Documentation
Cryptographic Architecture
API Reference
Security Model
Lightning Integration
External Resources
WebRTC Documentation
Web Crypto API
Lightning Network
WebLN Specification
Ready to contribute? 🚀
Star the repository ⭐
Fork the project 🍴
Create your feature branch 🌟
Make your changes 💻
Submit a pull request 🔄
Thank you for helping make the internet more private and secure! 🛡️
# docs/API.md
``markdown
2025-08-14 15:54:11 -04:00
# SecureBit.chat API Documentation
2025-08-09 13:23:20 -04:00
## 🏗️ Architecture Overview
2025-08-14 15:54:11 -04:00
SecureBit.chat is built as a client-side application with no backend servers. The "API" consists of JavaScript classes and methods that handle cryptography, P2P connections, and Lightning Network integration.
2025-08-09 13:23:20 -04:00
## 📚 Core Classes
### 🔐 EnhancedSecureCryptoUtils
Central cryptographic utilities class providing military-grade encryption.
#### Key Generation
##### `generateECDHKeyPair()`
``javascript
static async generateECDHKeyPair(): Promise<CryptoKeyPair>
Generates non-extractable ECDH P-384 key pair for secure key exchange.
Returns: CryptoKeyPair with P-384 keys
Throws: Error if key generation fails
Example:
javascriptconst keyPair = await EnhancedSecureCryptoUtils.generateECDHKeyPair();
console.log(keyPair.privateKey.algorithm.namedCurve); // "P-384"
generateECDSAKeyPair()
javascriptstatic async generateECDSAKeyPair(): Promise<CryptoKeyPair>
Generates non-extractable ECDSA P-384 key pair for digital signatures.
Returns: CryptoKeyPair for signing and verification
Throws: Error if key generation fails
Encryption/Decryption
encryptMessage()
javascriptstatic async encryptMessage(
message: string,
encryptionKey: CryptoKey,
macKey: CryptoKey,
metadataKey: CryptoKey,
messageId: string,
sequenceNumber: number = 0
): Promise<EncryptedMessage>
Encrypts a message with metadata protection and sequence numbers.
Parameters:
message - Plaintext message (max 2000 chars)
encryptionKey - AES-GCM 256-bit key
macKey - HMAC key for authentication
metadataKey - Key for metadata encryption
messageId - Unique message identifier
sequenceNumber - Message sequence for replay protection
Returns:
typescriptinterface EncryptedMessage {
messageIv: number[];
messageData: number[];
metadataIv: number[];
metadataData: number[];
mac: number[];
version: string;
}
decryptMessage()
javascriptstatic async decryptMessage(
encryptedPayload: EncryptedMessage,
encryptionKey: CryptoKey,
macKey: CryptoKey,
metadataKey: CryptoKey,
expectedSequenceNumber?: number
): Promise<DecryptedMessage>
Decrypts and verifies an encrypted message.
Returns:
typescriptinterface DecryptedMessage {
message: string;
messageId: string;
timestamp: number;
sequenceNumber: number;
}
Key Exchange
deriveSharedKeys()
javascriptstatic async deriveSharedKeys(
privateKey: CryptoKey,
publicKey: CryptoKey,
salt: Uint8Array
): Promise<SharedKeys>
Derives shared encryption keys using ECDH + HKDF.
Parameters:
privateKey - Local ECDH private key
publicKey - Remote ECDH public key
salt - 64-byte cryptographic salt
Returns:
typescriptinterface SharedKeys {
encryptionKey: CryptoKey;
macKey: CryptoKey;
metadataKey: CryptoKey;
fingerprint: string;
timestamp: number;
version: string;
}
Digital Signatures
signData()
javascriptstatic async signData(
privateKey: CryptoKey,
data: string | Uint8Array
): Promise<number[]>
Signs data with ECDSA P-384.
verifySignature()
javascriptstatic async verifySignature(
publicKey: CryptoKey,
signature: number[],
data: string | Uint8Array
): Promise<boolean>
Verifies ECDSA signature.
Authentication
generateMutualAuthChallenge()
javascriptstatic generateMutualAuthChallenge(): AuthChallenge
Generates cryptographic challenge for mutual authentication.
Returns:
typescriptinterface AuthChallenge {
challenge: number[];
timestamp: number;
nonce: number[];
version: string;
}
createAuthProof()
javascriptstatic async createAuthProof(
challenge: AuthChallenge,
privateKey: CryptoKey,
publicKey: CryptoKey
): Promise<AuthProof>
Creates cryptographic proof for challenge response.
Utility Functions
generateSalt()
javascriptstatic generateSalt(): number[]
Generates 64-byte cryptographically secure salt.
sanitizeMessage()
javascriptstatic sanitizeMessage(message: string): string
Sanitizes user input to prevent XSS attacks.
calculateSecurityLevel()
javascriptstatic async calculateSecurityLevel(securityManager: any): Promise<SecurityLevel>
Calculates real-time security level based on active protections.
Returns:
typescriptinterface SecurityLevel {
level: 'HIGH' | 'MEDIUM' | 'LOW' | 'UNKNOWN';
score: number; // 0-100
color: 'green' | 'yellow' | 'red';
verificationResults: Record<string, VerificationResult>;
timestamp: number;
details: string;
}
🌐 EnhancedSecureWebRTCManager
Manages P2P connections with enhanced security features.
Constructor
javascriptnew EnhancedSecureWebRTCManager(
onMessage: (message: string, type: string) => void,
onStatusChange: (status: string) => void,
onKeyExchange: (fingerprint: string) => void,
onVerificationRequired: (code: string) => void
)
Connection Management
createSecureOffer()
javascriptasync createSecureOffer(): Promise<SecureOffer>
Creates encrypted connection offer with ECDH keys and authentication.
Returns:
typescriptinterface SecureOffer {
type: 'enhanced_secure_offer';
sdp: string;
ecdhPublicKey: SignedPublicKey;
ecdsaPublicKey: SignedPublicKey;
salt: number[];
verificationCode: string;
authChallenge: AuthChallenge;
sessionId: string;
timestamp: number;
version: string;
securityLevel: SecurityLevel;
}
createSecureAnswer()
javascriptasync createSecureAnswer(offerData: SecureOffer): Promise<SecureAnswer>
Creates encrypted response to connection offer.
handleSecureAnswer()
javascriptasync handleSecureAnswer(answerData: SecureAnswer): Promise<void>
Processes encrypted answer and establishes connection.
Message Handling
sendSecureMessage()
javascriptasync sendSecureMessage(message: string): Promise<void>
Sends encrypted message through secure channel.
Parameters:
message - Plaintext message (auto-sanitized)
Features:
Automatic encryption with metadata protection
Sequence number tracking
Rate limiting (60 messages/minute)
Perfect Forward Secrecy key rotation
Connection States
typescripttype ConnectionState =
| 'disconnected'
| 'connecting'
| 'verifying'
| 'connected'
| 'failed'
| 'reconnecting'
| 'peer_disconnected';
Security Features
calculateSecurityLevel()
javascriptasync calculateSecurityLevel(): Promise<SecurityLevel>
Real-time security assessment with verification of:
✅ Encryption functionality
✅ ECDH key exchange
✅ ECDSA signatures
✅ Mutual authentication
✅ Metadata protection
✅ Replay protection
✅ Non-extractable keys
✅ Rate limiting
✅ Perfect Forward Secrecy
shouldRotateKeys()
javascriptshouldRotateKeys(): boolean
Determines if PFS key rotation is needed (every 5 minutes or 100 messages).
⚡ PayPerSessionManager
Handles Lightning Network payment integration.
Constructor
javascriptnew PayPerSessionManager()
Session Types
typescriptinterface SessionPricing {
free: { sats: 0, hours: 1/60, usd: 0.00 };
basic: { sats: 500, hours: 1, usd: 0.20 };
premium: { sats: 1000, hours: 4, usd: 0.40 };
extended: { sats: 2000, hours: 24, usd: 0.80 };
}
Payment Methods
createInvoice()
javascriptcreateInvoice(sessionType: string): LightningInvoice
Returns:
typescriptinterface LightningInvoice {
amount: number; // satoshis
memo: string;
sessionType: string;
timestamp: number;
paymentHash: string;
lightningAddress: string;
}
verifyPayment()
javascriptasync verifyPayment(preimage: string, paymentHash: string): Promise<boolean>
Verifies Lightning payment preimage.
activateSession()
javascriptactivateSession(sessionType: string, preimage: string): Session
Activates paid session.
Returns:
typescriptinterface Session {
type: string;
startTime: number;
expiresAt: number;
preimage: string;
}
Session Management
hasActiveSession()
javascripthasActiveSession(): boolean
getTimeLeft()
javascriptgetTimeLeft(): number
Returns milliseconds remaining in current session.
🔧 Integration Examples
Basic P2P Chat Setup
javascript// Initialize WebRTC manager
const webrtcManager = new EnhancedSecureWebRTCManager(
(message, type) => console.log(`${type}: ${message}` ),
(status) => console.log(`Status: ${status}` ),
(fingerprint) => console.log(`Key fingerprint: ${fingerprint}` ),
(code) => console.log(`Verification code: ${code}` )
);
// Create secure offer
const offer = await webrtcManager.createSecureOffer();
console.log('Share this encrypted offer:', offer);
// Send message (after connection established)
await webrtcManager.sendSecureMessage('Hello, secure world!');
Lightning Payment Integration
javascript// Initialize session manager
const sessionManager = new PayPerSessionManager();
// Create invoice for premium session
const invoice = sessionManager.createInvoice('premium');
console.log(`Pay ${invoice.amount} sats to: ${invoice.lightningAddress}` );
// Verify payment and activate session
const preimage = 'user_provided_preimage';
const isValid = await sessionManager.verifyPayment(preimage, invoice.paymentHash);
if (isValid) {
const session = sessionManager.activateSession('premium', preimage);
console.log(`Session active until: ${new Date(session.expiresAt)}` );
}
Custom Cryptographic Operations
javascript// Generate fresh key pairs
const ecdhKeys = await EnhancedSecureCryptoUtils.generateECDHKeyPair();
const ecdsaKeys = await EnhancedSecureCryptoUtils.generateECDSAKeyPair();
// Create signature
const data = 'Important message to sign';
const signature = await EnhancedSecureCryptoUtils.signData(
ecdsaKeys.privateKey,
data
);
// Verify signature
const isValid = await EnhancedSecureCryptoUtils.verifySignature(
ecdsaKeys.publicKey,
signature,
data
);
console.log('Signature valid:', isValid);
🔒 Security Considerations
Key Security
All keys are non-extractable - Cannot be exported from WebCrypto
Hardware security module - Keys protected by browser's HSM
Perfect Forward Secrecy - Old messages stay secure even if current keys compromised
Automatic key rotation - Keys change every 5 minutes
Message Security
Authenticated encryption - AES-GCM provides confidentiality + integrity
Metadata protection - Message metadata separately encrypted
Replay protection - Sequence numbers prevent message replay
Rate limiting - Prevents spam and DoS attacks
Connection Security
Out-of-band verification - Manual code verification prevents MITM
Mutual authentication - Both parties prove identity
Direct P2P - No intermediate servers to compromise
WebRTC encryption - DTLS transport layer security
Payment Security
Lightning Network - No credit card or banking data exposure
Preimage verification - Cryptographic proof of payment
No payment data stored - Payments verified and discarded
🐛 Error Handling
Common Error Types
typescript// Cryptographic errors
throw new Error('Key generation failed');
throw new Error('Encryption failed: invalid key');
throw new Error('Signature verification failed');
// Connection errors
throw new Error('WebRTC connection failed');
throw new Error('MITM attack detected');
throw new Error('Session expired');
// Payment errors
throw new Error('Invalid payment preimage');
throw new Error('Session not paid');
throw new Error('Lightning verification failed');
Error Recovery
javascripttry {
await webrtcManager.sendSecureMessage(message);
} catch (error) {
if (error.message.includes('Session expired')) {
// Redirect to payment
showPaymentModal();
} else if (error.message.includes('Rate limit')) {
// Show rate limit warning
showRateLimitWarning();
} else {
// Generic error handling
console.error('Message send failed:', error);
}
}
🧪 Testing
Unit Testing Examples
javascript// Test encryption/decryption
const originalMessage = 'Test message';
const encrypted = await EnhancedSecureCryptoUtils.encryptMessage(
originalMessage, encKey, macKey, metaKey, 'test-id', 0
);
const decrypted = await EnhancedSecureCryptoUtils.decryptMessage(
encrypted, encKey, macKey, metaKey
);
assert.equal(decrypted.message, originalMessage);
// Test key generation
const keyPair = await EnhancedSecureCryptoUtils.generateECDHKeyPair();
assert.equal(keyPair.privateKey.algorithm.name, 'ECDH');
assert.equal(keyPair.privateKey.extractable, false);
Integration Testing
javascript// Test full P2P flow
const manager1 = new EnhancedSecureWebRTCManager(/*...*/);
const manager2 = new EnhancedSecureWebRTCManager(/*...*/);
const offer = await manager1.createSecureOffer();
const answer = await manager2.createSecureAnswer(offer);
await manager1.handleSecureAnswer(answer);
// Both should be connected
assert.equal(manager1.isConnected(), true);
assert.equal(manager2.isConnected(), true);
📊 Performance Metrics
Cryptographic Performance
Key Generation: ~50ms (ECDH P-384)
Encryption: ~5ms per message
Signature: ~20ms (ECDSA P-384)
Key Derivation: ~30ms (HKDF)
Connection Performance
WebRTC Setup: 2-5
econds (depends on NAT)
Key Exchange: ~100ms total
First Message: ~500ms (includes verification)
Subsequent Messages: ~10ms
Memory Usage
Base Application: ~2MB
Active Connection: +1MB (keys, buffers)
Message History: ~1KB per message
Total Runtime: ~5-10MB typical
🔍 Debugging
Debug Logging
javascript// Enable debug mode
EnhancedSecureCryptoUtils.secureLog.log('info', 'Debug message', {
keySize: 256,
algorithm: 'AES-GCM'
});
// View security logs
const logs = EnhancedSecureCryptoUtils.secureLog.getLogs('error');
console.table(logs);
// Monitor security level changes
webrtcManager.calculateSecurityLevel().then(level => {
console.log('Security verification results:');
Object.entries(level.verificationResults).forEach(([check, result]) => {
console.log(`${check}: ${result.passed ? '✅' : '❌'} ${result.details}` );
});
});
Connection Debugging
javascript// Monitor connection state changes
const webrtcManager = new EnhancedSecureWebRTCManager(
(message, type) => console.log(`Message [${type}]: ${message}` ),
(status) => {
console.log(`Connection state: ${status}` );
if (status === 'failed') {
console.log('Connection info:', webrtcManager.getConnectionInfo());
}
},
(fingerprint) => console.log(`Key fingerprint: ${fingerprint}` ),
(code) => console.log(`Verification code: ${code}` )
);
// Check WebRTC connection details
console.log('Ice connection state:', webrtcManager.peerConnection?.iceConnectionState);
console.log('Connection state:', webrtcManager.peerConnection?.connectionState);
Payment Debugging
javascript// Debug Lightning payments
const sessionManager = new PayPerSessionManager();
// Check session status
console.log('Has active session:', sessionManager.hasActiveSession());
console.log('Time left:', sessionManager.getTimeLeft());
// Verify payment manually
const invoice = sessionManager.createInvoice('premium');
console.log('Invoice details:', {
amount: invoice.amount,
hash: invoice.paymentHash,
address: invoice.lightningAddress
});
Feature Detection
javascript// Check WebRTC support
const hasWebRTC = !!(window.RTCPeerConnection ||
window.webkitRTCPeerConnection ||
window.mozRTCPeerConnection);
// Check WebCrypto support
const hasWebCrypto = !!(window.crypto && window.crypto.subtle);
// Check WebLN support
const hasWebLN = !!(window.webln);
console.log('Browser capabilities:', {
webrtc: hasWebRTC,
webcrypto: hasWebCrypto,
webln: hasWebLN
});
Polyfills
javascript// WebRTC adapter for cross-browser compatibility
// Include: https://webrtc.github.io/adapter/adapter-latest.js
// WebCrypto polyfill for older browsers
if (!window.crypto?.subtle) {
console.error('WebCrypto not supported - security features disabled');
}
🚀 Advanced Usage
Custom Security Validation
javascript// Implement custom security checks
class CustomSecurityValidator {
static async validateConnection(webrtcManager) {
const securityLevel = await webrtcManager.calculateSecurityLevel();
// Enforce minimum security requirements
if (securityLevel.score < 80) {
throw new Error(`Security level too low: ${securityLevel.score}%` );
}
// Check specific security features
const { verificationResults } = securityLevel;
if (!verificationResults.encryption?.passed) {
throw new Error('Encryption verification failed');
}
if (!verificationResults.pfs?.passed) {
console.warn('Perfect Forward Secrecy not active');
}
return true;
}
}
// Use custom validator
try {
await CustomSecurityValidator.validateConnection(webrtcManager);
console.log('Security validation passed');
} catch (error) {
console.error('Security validation failed:', error.message);
}
Custom Message Protocols
javascript// Implement custom message types
class CustomMessageProtocol {
static async sendFileShare(webrtcManager, fileData, fileName) {
const message = JSON.stringify({
type: 'file_share',
fileName: fileName,
fileSize: fileData.length,
data: Array.from(new Uint8Array(fileData))
});
// Split large messages if needed
const maxSize = 1500; // bytes
if (message.length > maxSize) {
return this.sendChunkedMessage(webrtcManager, message);
}
return webrtcManager.sendSecureMessage(message);
}
static async sendChunkedMessage(webrtcManager, largeMessage) {
const chunks = [];
const chunkSize = 1000;
const messageId = Date.now().toString();
for (let i = 0; i < largeMessage.length; i += chunkSize) {
chunks.push({
type: 'chunk',
messageId: messageId,
index: Math.floor(i / chunkSize),
total: Math.ceil(largeMessage.length / chunkSize),
data: largeMessage.slice(i, i + chunkSize)
});
}
// Send chunks sequentially
for (const chunk of chunks) {
await webrtcManager.sendSecureMessage(JSON.stringify(chunk));
await new Promise(resolve => setTimeout(resolve, 100)); // Rate limiting
}
}
}
Session Management
javascript// Advanced session management
class AdvancedSessionManager extends PayPerSessionManager {
constructor() {
super();
this.sessionHistory = [];
this.analytics = {
totalSessions: 0,
totalSatsSpent: 0,
averageSessionLength: 0
};
}
activateSession(sessionType, preimage) {
const session = super.activateSession(sessionType, preimage);
// Track session history
this.sessionHistory.push({
type: sessionType,
startTime: session.startTime,
duration: this.sessionPrices[sessionType].hours * 3600000,
cost: this.sessionPrices[sessionType].sats
});
// Update analytics
this.updateAnalytics();
return session;
}
updateAnalytics() {
this.analytics.totalSessions = this.sessionHistory.length;
this.analytics.totalSatsSpent = this.sessionHistory.reduce(
(sum, session) => sum + session.cost, 0
);
this.analytics.averageSessionLength = this.sessionHistory.reduce(
(sum, session) => sum + session.duration, 0
) / this.sessionHistory.length;
}
getSessionAnalytics() {
return {
...this.analytics,
sessionsThisMonth: this.getSessionsInPeriod(30),
averageCostPerHour: this.calculateAverageCostPerHour()
};
}
getSessionsInPeriod(days) {
const cutoff = Date.now() - (days * 24 * 60 * 60 * 1000);
return this.sessionHistory.filter(s => s.startTime > cutoff).length;
}
calculateAverageCostPerHour() {
const totalHours = this.sessionHistory.reduce(
(sum, session) => sum + (session.duration / 3600000), 0
);
return totalHours > 0 ? this.analytics.totalSatsSpent / totalHours : 0;
}
}
📱 Mobile Integration
PWA Support
javascript// Service worker for offline capability
// sw.js
self.addEventListener('install', event => {
event.waitUntil(
2025-08-14 15:54:11 -04:00
caches.open('securebit-chat-v1').then(cache => {
2025-08-09 13:23:20 -04:00
return cache.addAll([
'/',
'/index.html',
'/manifest.json'
]);
})
);
});
// Mobile-specific optimizations
class MobileOptimizations {
static detectMobile() {
return /Android|iPhone|iPad|iPod|BlackBerry|IEMobile|Opera Mini/i.test(
navigator.userAgent
);
}
static optimizeForMobile(webrtcManager) {
if (this.detectMobile()) {
// Reduce message history for memory
webrtcManager.maxMessageHistory = 50;
// More aggressive cleanup
webrtcManager.cleanupInterval = 30000; // 30 seconds
// Battery optimization
webrtcManager.heartbeatInterval = 60000; // 1 minute
}
}
}
Mobile Wallet Integration
javascript// Deep link integration for mobile Lightning wallets
class MobileLightningIntegration {
static async payInvoice(invoice) {
const lightningUrl = `lightning:${invoice.lightningAddress}?amount=${invoice.amount}&message=${encodeURIComponent(invoice.memo)}` ;
if (this.isMobile()) {
// Try to open Lightning app
window.location.href = lightningUrl;
// Fallback to clipboard copy
setTimeout(() => {
navigator.clipboard.writeText(lightningUrl).then(() => {
alert('Lightning invoice copied to clipboard');
});
}, 1000);
} else {
// Desktop: try WebLN first
if (window.webln) {
try {
await window.webln.enable();
return await window.webln.sendPayment(invoice);
} catch (error) {
console.log('WebLN failed, falling back to manual');
}
}
// Manual payment flow
this.showManualPaymentDialog(invoice);
}
}
static isMobile() {
return /Android|iPhone|iPad|iPod/i.test(navigator.userAgent);
}
}
🔧 Configuration
Environment Configuration
javascript// Configuration object
const LockBitConfig = {
// Cryptographic settings
crypto: {
keySize: 256,
curve: 'P-384',
hashAlgorithm: 'SHA-384',
keyRotationInterval: 300000, // 5 minutes
maxOldKeys: 3
},
// Connection settings
connection: {
iceServers: [
{ urls: 'stun:stun.l.google.com:19302' },
{ urls: 'stun:stun1.l.google.com:19302' }
],
maxRetries: 3,
heartbeatInterval: 30000,
connectionTimeout: 10000
},
// Security settings
security: {
maxMessageLength: 2000,
rateLimitMessages: 60, // per minute
rateLimitConnections: 5, // per 5 minutes
sessionMaxAge: 3600000, // 1 hour
verificationCodeLength: 6
},
// Lightning settings
lightning: {
defaultAddress: 'lockbitchat@tutanota .com',
invoiceExpiry: 3600, // 1 hour
minPayment: 1, // 1 satoshi
maxPayment: 10000 // 10000 satoshis
},
// UI settings
ui: {
maxMessagesDisplayed: 100,
messageHistoryLimit: 1000,
animationDuration: 200,
scrollThreshold: 100
}
};
// Apply configuration
EnhancedSecureCryptoUtils.config = LockBitConfig.crypto;
PayPerSessionManager.config = LockBitConfig.lightning;
Custom Configuration
javascript// Override default settings
const customConfig = {
...LockBitConfig,
crypto: {
...LockBitConfig.crypto,
keyRotationInterval: 600000 // 10 minutes instead of 5
},
security: {
...LockBitConfig.security,
maxMessageLength: 5000 // Longer messages
}
};
// Apply custom configuration
LockBitChat.configure(customConfig);
📈 Analytics & Monitoring
Security Metrics
javascript// Security monitoring dashboard
class SecurityMonitor {
constructor() {
this.metrics = {
connectionsTotal: 0,
connectionsFailed: 0,
messagesEncrypted: 0,
keyRotations: 0,
mitmattempts: 0,
averageSecurityScore: 0
};
}
recordConnection(success) {
this.metrics.connectionsTotal++;
if (!success) {
this.metrics.connectionsFailed++;
}
}
recordMessage() {
this.metrics.messagesEncrypted++;
}
recordKeyRotation() {
this.metrics.keyRotations++;
}
recordSecurityScore(score) {
this.metrics.averageSecurityScore =
(this.metrics.averageSecurityScore + score) / 2;
}
getSecurityReport() {
return {
...this.metrics,
connectionSuccessRate: this.metrics.connectionsTotal > 0 ?
1 - (this.metrics.connectionsFailed / this.metrics.connectionsTotal) : 0,
securityGrade: this.getSecurityGrade()
};
}
getSecurityGrade() {
const score = this.metrics.averageSecurityScore;
if (score >= 90) return 'A+';
if (score >= 80) return 'A';
if (score >= 70) return 'B';
if (score >= 60) return 'C';
return 'F';
}
}
// Usage
const monitor = new SecurityMonitor();
webrtcManager.on('connection', (success) => monitor.recordConnection(success));
webrtcManager.on('message', () => monitor.recordMessage());
🔄 Migration & Updates
Version Migration
javascript// Handle version migrations
class VersionMigration {
static getCurrentVersion() {
return localStorage.getItem('lockbit-version') || '4.0.0';
}
static async migrateToLatest() {
const currentVersion = this.getCurrentVersion();
const latestVersion = '4.0.0';
if (this.compareVersions(currentVersion, latestVersion) < 0) {
await this.performMigration(currentVersion, latestVersion);
localStorage.setItem('lockbit-version', latestVersion);
}
}
static async performMigration(from, to) {
console.log(`Migrating from ${from} to ${to}` );
// Clear old data that might be incompatible
if (this.compareVersions(from, '4.0.0') < 0) {
localStorage.removeItem('lockbit-session-data');
console.log('Cleared incompatible session data');
}
// Future migrations would go here
}
static compareVersions(a, b) {
const aParts = a.split('.').map(Number);
const bParts = b.split('.').map(Number);
for (let i = 0; i < Math.max(aParts.length, bParts.length); i++) {
const aPart = aParts[i] || 0;
const bPart = bParts[i] || 0;
if (aPart < bPart) return -1;
if (aPart > bPart) return 1;
}
return 0;
}
}
// Run migration on startup
VersionMigration.migrateToLatest();
📞 Support & Community
Getting Help
Documentation: Full API docs at /docs/
GitHub Issues: Bug reports and feature requests
Community: Discussions and Q&A
2025-08-14 15:54:11 -04:00
Security: security@SecureBit .chat for vulnerabilities
2025-08-09 13:23:20 -04:00
Contributing
Code: Submit PRs following contribution guidelines
Documentation: Help improve these docs
Security: Audit cryptographic implementations
Testing: Help test new features
Roadmap
v4.5: Native mobile/desktop apps
v5.0: Quantum-resistant cryptography
v5.5: Group chat support
v6.0: Fully decentralized network
This API documentation is continuously updated. Last revision: January 2025
