diff --git a/README.md b/README.md index cd171aa..dc7fb8d 100644 --- a/README.md +++ b/README.md @@ -15,12 +15,38 @@ --- +## ✨ What's New in v4.01.222 + +### πŸ“± Progressive Web App (PWA) +* **Install directly** on mobile and desktop devices +* **Offline mode support** with session persistence +* **Improved performance** through smart caching and service workers +* **Native app experience** without app store requirements + +### πŸ“‚ Secure File Transfer +* **End-to-end encrypted** file transfers over pure P2P WebRTC channels +* **File chunking** with individual encryption per block +* **Hash validation** for every chunk to prevent tampering or MITM attacks +* **Automatic recovery** for lost packets and interrupted transfers +* **AES-GCM 256-bit + ECDH P-384** encryption for files +* **SHA-384 checksums** for integrity enforcement + +### πŸ” Enhanced Security Testing +* **Comprehensive data leakage testing** of chat sessions +* **Verified MITM and replay attack resistance** +* **Enhanced memory cleanup algorithms** for session termination +* **Isolated file streams** separated from chat channels + +--- + ## πŸš€ Try It Now ### 🌐 [Live Demo β€” SecureBit.chat](https://securebitchat.github.io/securebit-chat/) *No installation required β€” works directly in your browser with military-grade encryption.* +**New:** Install as PWA for native app experience on mobile and desktop! + --- ## ✨ What Makes SecureBit.chat Unique @@ -31,6 +57,7 @@ * **First messenger** with Lightning Network integration * **Military-grade cryptography** exceeding government standards * **Zero servers** β€” truly decentralized P2P architecture +* **PWA technology** β€” install like native apps without app stores ### ⚑ Lightning Network Pioneer @@ -61,6 +88,7 @@ * **Traffic analysis resistance** β€” fake traffic generation * **Censorship resistance** β€” no servers to block * **Instant anonymous channels** β€” connect in seconds +* **Secure file transfers** β€” encrypted P2P file sharing --- @@ -70,6 +98,8 @@ | --------------------------- | ----------------------------- | ---------------------------- | --------------------- | ---------------------- | | **Architecture** | πŸ† Pure P2P WebRTC | ❌ Centralized servers | ❌ Centralized servers | ⚠️ Onion network | | **Payment Integration** | πŸ† Lightning Network | ❌ None | ❌ None | ❌ None | +| **File Transfer** | πŸ† P2P encrypted + chunked | βœ… Encrypted via servers | βœ… Encrypted via servers | βœ… Encrypted via servers | +| **PWA Support** | πŸ† Full PWA installation | ❌ None | ❌ None | ❌ None | | **Registration** | πŸ† Anonymous | ❌ Phone required | βœ… ID generated | βœ… Random ID | | **Traffic Obfuscation** | πŸ† Advanced fake traffic | ❌ None | ❌ None | βœ… Onion routing | | **Censorship Resistance** | πŸ† Hard to block | ⚠️ Blocked in some countries | ⚠️ May be blocked | βœ… Onion routing | @@ -89,10 +119,11 @@ ### Option 1: Use Online (Recommended) 1. **Visit:** [https://securebitchat.github.io/securebit-chat/](https://securebitchat.github.io/securebit-chat/) -2. **Choose:** *Create Channel* or *Join Channel* -3. **Complete:** Secure key exchange with verification -4. **Select:** Session type (Demo / Basic / Premium) -5. **Communicate:** With military‑grade encryption +2. **Install PWA:** Click "Install" button for native app experience +3. **Choose:** *Create Channel* or *Join Channel* +4. **Complete:** Secure key exchange with verification +5. **Select:** Session type (Demo / Basic / Premium) +6. **Communicate:** With military‑grade encryption + secure file transfers ### Option 2: Self‑Host @@ -112,6 +143,34 @@ open http://localhost:8000 --- +## πŸ“‚ Secure File Transfer + +### Features + +* **P2P Direct Transfer** β€” No servers involved, direct WebRTC channels +* **Military-Grade Encryption** β€” AES-GCM 256-bit + ECDH P-384 +* **Chunk-Level Security** β€” Each file chunk individually encrypted +* **Hash Validation** β€” SHA-384 checksums prevent tampering +* **Automatic Recovery** β€” Retry mechanisms for interrupted transfers +* **Stream Isolation** β€” Separate channels from chat messages + +### Supported File Types + +* **Documents:** PDF, DOC, TXT, MD +* **Images:** JPG, PNG, GIF, WEBP +* **Archives:** ZIP, RAR, 7Z +* **Media:** MP3, MP4, AVI (size limits apply) +* **General:** Any file type up to size limits + +### Security Guarantees + +* End-to-end encryption with perfect forward secrecy +* MITM attack prevention through hash validation +* Zero server storage β€” files transfer directly P2P +* Complete cleanup after transfer completion + +--- + ## ⚑ Lightning Network Integration ### Session Types @@ -140,11 +199,13 @@ open http://localhost:8000 ### Cryptographic Stack ``` +πŸ“‚ File Transfer Layer: AES-GCM 256-bit + SHA-384 + Chunking πŸ” Application Layer: AES-GCM 256-bit + ECDSA P-384 πŸ”‘ Key Exchange: ECDH P-384 (Perfect Forward Secrecy) πŸ›‘οΈ Transport Layer: WebRTC DTLS 1.2 🌐 Network Layer: P2P WebRTC Data Channels ⚑ Payment Layer: Lightning Network + WebLN +πŸ“± PWA Layer: Service Workers + Cache API ``` ### Security Standards @@ -153,33 +214,36 @@ open http://localhost:8000 * NIST SP 800‑186 β€” Elliptic Curve Cryptography * RFC 6090 β€” Fundamental ECC Algorithms * RFC 8446 β€” TLS 1.3 for WebRTC +* RFC 3874 β€” SHA-384 Hash Algorithm ### Browser Requirements * Modern browser with WebRTC support (Chrome 60+, Firefox 60+, Safari 12+) -* HTTPS connection (required for WebRTC) +* HTTPS connection (required for WebRTC and PWA) * JavaScript enabled * Lightning wallet with WebLN (for payments) +* Service Worker support for PWA features --- ## πŸ—ΊοΈ Development Roadmap -**Current:** v4.0 β€” Enhanced Security Edition βœ… +**Current:** v4.01.222 β€” PWA & File Transfer Edition βœ… -* 12‑layer military‑grade security -* Lightning Network payments -* Pure P2P WebRTC architecture -* Advanced traffic obfuscation +* Progressive Web App installation +* Secure P2P file transfer system +* Enhanced security testing and MITM protection +* Improved memory cleanup algorithms **Next Releases** ### v4.5 (Q2 2025) β€” Mobile & Desktop Apps -* PWA with offline support +* Native mobile applications (iOS/Android) * Electron desktop application * Push notifications * Cross‑device synchronization +* Enhanced PWA features ### v5.0 (Q4 2025) β€” Quantum‑Resistant Edition @@ -194,6 +258,7 @@ open http://localhost:8000 * Mesh networking topology * Group Lightning payments * Anonymous group administration +* Group file sharing ### v6.0 (2027) β€” Decentralized Network @@ -211,12 +276,26 @@ open http://localhost:8000 ``` securebit-chat/ β”œβ”€β”€ index.html # Main application +β”œβ”€β”€ manifest.json # PWA manifest +β”œβ”€β”€ sw.js # Service worker +β”œβ”€β”€ browserconfig.xml # Browser configuration for PWA β”œβ”€β”€ src/ β”‚ β”œβ”€β”€ components/ui/ # React UI components +β”‚ β”‚ β”œβ”€β”€ DownloadApps.js # PWA download/install component +β”‚ β”‚ β”œβ”€β”€ FileTransfer.js # File transfer UI component +β”‚ β”‚ └── ... # Other UI components β”‚ β”œβ”€β”€ crypto/ # Cryptographic utilities β”‚ β”œβ”€β”€ network/ # WebRTC P2P manager β”‚ β”œβ”€β”€ session/ # Payment session manager +β”‚ β”œβ”€β”€ transfer/ # File transfer system +β”‚ β”‚ └── EnhancedSecureFileTransfer.js # Secure P2P file transfer +β”‚ β”œβ”€β”€ pwa/ # PWA management +β”‚ β”‚ β”œβ”€β”€ install-prompt.js # PWA installation prompts +β”‚ β”‚ β”œβ”€β”€ offline-manager.js # Offline mode management +β”‚ β”‚ └── pwa-manager.js # PWA lifecycle management β”‚ └── styles/ # CSS styling +β”‚ β”œβ”€β”€ pwa.css # PWA-specific styles +β”‚ └── ... # Other stylesheets β”œβ”€β”€ logo/ # Wallet logos and icons β”œβ”€β”€ docs/ # Documentation └── README.md # This file @@ -225,10 +304,13 @@ securebit-chat/ ### Technology Stack * **Frontend:** Pure JavaScript + React (via CDN) +* **PWA:** Service Workers + Cache API + Web App Manifest + Install Prompts * **Cryptography:** Web Crypto API + custom ECDH/ECDSA * **Network:** WebRTC P2P Data Channels +* **File Transfer:** Enhanced secure P2P streaming with chunked encryption * **Payments:** Lightning Network via WebLN -* **Styling:** TailwindCSS + custom CSS +* **Offline Support:** Smart caching with offline-manager +* **Styling:** TailwindCSS + custom CSS + PWA-specific styles ### Development Setup @@ -255,6 +337,8 @@ python -m http.server 8000 * βœ… Internal cryptographic review completed * βœ… P2P protocol security analysis completed +* βœ… File transfer security validation completed +* βœ… MITM and replay attack resistance verified * πŸ”„ Professional security audit planned Q3 2025 * πŸ”„ Post‑quantum cryptography review for v5.0 @@ -265,11 +349,13 @@ Contact: **[SecureBitChat@proton.me](mailto:SecureBitChat@proton.me)** ### Security Features -* Perfect Forward Secrecy β€” Past messages secure even if keys compromised +* Perfect Forward Secrecy β€” Past messages and files secure even if keys compromised * Out‑of‑band verification β€” Prevents man‑in‑the‑middle attacks * Traffic obfuscation β€” Defeats network analysis * Memory protection β€” No persistent storage of sensitive data * Session isolation β€” Complete cleanup between sessions +* File integrity β€” SHA-384 hash validation prevents tampering +* Chunked encryption β€” Individual encryption per file block --- @@ -279,15 +365,18 @@ Contact: **[SecureBitChat@proton.me](mailto:SecureBitChat@proton.me)** * Connection setup: < 3 seconds * Message latency: < 100 ms (P2P direct) +* File transfer speed: Up to 5 MB/s per connection * Throughput: Up to 1 MB/s per connection * Memory usage: < 50 MB for active session * Battery impact: Minimal (optimized WebRTC) +* PWA install size: < 2 MB ### Scalability * Concurrent connections: Limited by device capabilities * Message size: Up to 2000 characters -* File transfer: Planned for v4.5 +* File size: Up to 100 MB per file +* File types: All formats supported * Group size: Up to 8 participants (v5.5) --- @@ -322,8 +411,9 @@ We welcome contributions from the community! * πŸ” Cryptography β€” Security improvements and audits * 🌐 Network β€” P2P optimization and reliability * ⚑ Lightning β€” Payment integration enhancements -* 🎨 UI/UX β€” Interface improvements and accessibility -* πŸ“± Mobile β€” PWA and mobile optimizations +* πŸ“‚ File Transfer β€” EnhancedSecureFileTransfer improvements +* πŸ“± PWA β€” Install prompts, offline management, and PWA lifecycle +* 🎨 UI/UX β€” Interface improvements, FileTransfer and DownloadApps components * πŸ“š Documentation β€” Guides, tutorials, translations ### Development Guidelines @@ -332,6 +422,7 @@ We welcome contributions from the community! * Add tests for new features * Update documentation * Respect security‑first principles +* Test PWA functionality across devices --- @@ -351,60 +442,78 @@ We welcome contributions from the community! --- -⚠️ Important Disclaimers -Security Notice +## ⚠️ Important Disclaimers + +### Security Notice While SecureBit.chat implements military-grade cryptography and follows security best practices, no communication system is 100% secure. Users should: -Always verify security codes out-of-band -Keep devices and browsers updated -Be aware of endpoint security risks -Use reputable Lightning wallets +* Always verify security codes out-of-band +* Keep devices and browsers updated +* Be aware of endpoint security risks +* Use reputable Lightning wallets +* **File transfers are protected with the same military-grade cryptography as chat messages** -Legal Notice +### Legal Notice This software is provided "as is" for educational and research purposes. Users are responsible for compliance with local laws and regulations regarding: -Cryptographic software usage -Private communications -Bitcoin/Lightning Network transactions +* Cryptographic software usage +* Private communications +* Bitcoin/Lightning Network transactions +* File sharing and transfer -Privacy Statement +### Privacy Statement SecureBit.chat: -Collects zero data - no analytics, tracking, or telemetry -Stores nothing - all data exists only in browser memory -Requires no registration - completely anonymous usage -Uses no servers - direct P2P connections only +* Collects zero data - no analytics, tracking, or telemetry +* Stores nothing - all data exists only in browser memory +* Requires no registration - completely anonymous usage +* Uses no servers - direct P2P connections only +* **Files are transferred directly P2P with zero server storage** +--- -🎯 Why Choose SecureBit.chat? -For Privacy Advocates +## 🎯 Why Choose SecureBit.chat? -True zero-knowledge architecture -Military-grade encryption standards -Complete anonymity and untraceability -Resistance to censorship and surveillance +### For Privacy Advocates -For Bitcoin/Lightning Users +* True zero-knowledge architecture +* Military-grade encryption standards +* Complete anonymity and untraceability +* Resistance to censorship and surveillance +* **Secure P2P file sharing without servers** -Native Lightning Network integration -Sustainable pay-per-session model -Support for all major Lightning wallets -No KYC or account requirements +### For Bitcoin/Lightning Users -For Developers +* Native Lightning Network integration +* Sustainable pay-per-session model +* Support for all major Lightning wallets +* No KYC or account requirements -100% open source transparency -Modern cryptographic standards -Clean, auditable codebase -Extensible modular architecture +### For Mobile Users -For Everyone +* **Progressive Web App installation** +* **Offline mode support** +* **Native app experience without app stores** +* **Works on all modern mobile devices** -No installation required -Works on all modern devices -Intuitive user interface -Professional security standards +### For Developers +* 100% open source transparency +* Modern cryptographic standards +* Clean, auditable codebase +* Extensible modular architecture +* **PWA best practices implementation** + +### For Everyone + +* **Install like native apps** +* **Works offline with session persistence** +* Works on all modern devices +* Intuitive user interface +* Professional security standards +* **Secure file transfers included** + +---
@@ -414,4 +523,8 @@ Professional security standards **Report vulnerabilities:** SecureBitChat@proton.me +--- + +**Latest Release: v4.01.222** β€” PWA & Secure File Transfer +