- Removed unsafe exposure of internal objects:
• deleted all references to `window.fileTransferSystem`
• unified global API setup to a single immutable `safeGlobalAPI` via Object.freeze
• removed legacy branch with `delete window[name]`
- Logging improvements:
• eliminated all direct `console.*` calls (use `_secureLog` exclusively)
• fixed string templates with proper interpolation (``${var}``)
• prevented accidental fallback to raw console in production
- Cryptography enforcement:
• updated `_validateCryptographicSecurity()` to require ECDSA and PFS
• added emergency shutdown if critical crypto features are missing
• ensured consistent feature enabling for production
- Metadata of extracted keys is now marked encrypted: true
- Removed decryption bypass via _keyReferences, all keys are returned via decrypt
- Nested encryption uses random 96-bit IV instead of single byte increment
- Fixed _secureLogShim: correct argument destructuring (...args)
- Removed busy-wait in forceInitializeFileTransfer, replaced with async wait
- Replace unsafe console.error/warn calls with secure logging system
- Implement production-safe logging that masks sensitive data
- Add automatic sanitization for cryptographic keys and sensitive information
- Create secure logging infrastructure for EnhancedSecureWebRTCManager and EnhancedSecureCryptoUtils
- Prevent data leakage of internal logic and error details in production
- Add production/development mode detection for appropriate logging levels
- Implement server-side error logging for production environments
- Replace unsafe console.error/warn calls with secure logging system
- Implement production-safe logging that masks sensitive data
- Add automatic sanitization for cryptographic keys and sensitive information
- Create secure logging infrastructure for EnhancedSecureWebRTCManager and EnhancedSecureCryptoUtils
- Prevent data leakage of internal logic and error details in production
- Add production/development mode detection for appropriate logging levels
- Implement server-side error logging for production environments
BREAKING CHANGE: Enhanced key validation now performs complete ASN.1 parsing
Security improvements:
- Added complete ASN.1 DER parser for full structure validation
- Implemented OID validation for algorithms and curves (P-256/P-384 only)
- Added EC point format verification (uncompressed format 0x04)
- Validate SPKI structure elements count and types
- Check key size limits to prevent DoS attacks (50-2000 bytes)
- Verify unused bits in BIT STRING (must be 0)
- Added fallback support from P-384 to P-256
This fixes high-risk vulnerability where keys with valid headers but
modified data could be accepted. Now all structural elements are validated
according to PKCS standards.
Affected methods:
- validateKeyStructure() - complete rewrite with ASN.1 parsing
- All key import/export methods now use enhanced validation
Security Enhancements:
- Add salt entropy validation (minimum 16 unique bytes for 64-byte salts)
- Expand secure logging patterns to catch more sensitive data types
(fingerprint, mac, hash patterns)
- Implement random timing delays in verifyAuthProof() to mask execution timing
- Revert sanitizeMessage() to working regex-based approach
Validation Improvements:
- validateSalt() now checks both size and entropy quality
- secureLog.sanitizeContext() enhanced with additional sensitive patterns
- Added timing attack protection with 5-25ms random delays
- Improve installation status detection logic
- Add proper DOM cleanup when PWA is installed
- Enhance monitoring for installation state changes
- Fix shouldShowPrompt() logic to always check current status
- Add forceInstallationCheck() method for manual status updates
- Improve installation status detection logic
- Add proper DOM cleanup when PWA is installed
- Enhance monitoring for installation state changes
- Fix shouldShowPrompt() logic to always check current status
- Add forceInstallationCheck() method for manual status updates
- Eliminated unsafe global state (window.*)
- Added DoS protection with MessageSizeValidator
- Added race condition prevention with AtomicOperations
- Added rate limiting (10 files/minute)
- Added secure memory management with SecureMemoryManager
- Wrapped handleFileChunk in atomic operations
- Updated all methods with security enhancements
- New users now see install prompt automatically after 10 seconds
- Smart cancellation prevents duplicate prompts
- Added PWAUtils methods for delayed prompt management
- Enhanced user onboarding experience
- Respects installation status and user preferences
- Add production mode detection and secure logging system
- Replace console.log with _secureLog() that sanitizes sensitive data
- Hide encryption keys, message content, and security details from logs
- Implement log level control (production: warn+error only, dev: debug+)
- Add data sanitization for keys, tokens, buffers, and sensitive strings
- Prevent log spam with automatic rate limiting and cleanup
- Maintain useful debugging info while protecting user privacy
- Add automatic memory cleanup for log counters
Security Impact: HIGH - Prevents sensitive data exposure through browser console
Changes:
- Production: Only critical errors/warnings logged
- Development: Safe debugging info without sensitive content
- All message content, encryption keys, and tokens are now sanitized
- Automatic detection of production vs development environment
- Remove dangerous global window exposure of encryption keys and manager instance
- Replace window.webrtcManager/globalWebRTCManager with secure limited API
- Add window.secureBitChat with validated public methods only
- Implement automatic monitoring for unauthorized global exposure attempts
- Add security integrity checks and emergency shutdown capability
- Prevent access to sensitive data (encryption keys, session data, internal methods)
- Maintain full functionality while securing internal implementation
BREAKING CHANGE: window.webrtcManager is no longer available
MIGRATION: Use window.secureBitChat.sendMessage() instead of window.webrtcManager.sendMessage()
Security Impact: CRITICAL - Prevents XSS attacks from accessing encryption keys
Tested: All functionality preserved, file transfers working, connections stable
- File Transfer Integration: Refactored file transfer system initialization with better error handling and automatic retry mechanisms
- Message Filtering: Added comprehensive message filtering system to prevent file transfer and system messages from appearing in chat UI
- Callback System: Simplified file transfer callback system - removed progress notifications from chat to reduce noise
- System Message Deduplication: Implemented notification flags to prevent duplicate system messages (verification, security upgrades, etc.)
- Error Handling: Enhanced error handling with graceful fallbacks instead of throwing exceptions that could break connections
- UI Message Delivery: Added `deliverMessageToUI()` method with built-in filtering for system/file messages
- DataChannel Event Handling: Improved onmessage handler with early filtering for file transfer messages
- Global Integration: Better integration with global file transfer system (`window.fileTransferSystem`)
- Connection Stability: Removed aggressive reconnection attempts that could cause session closure
- Debug Logging: Enhanced debug logging for better troubleshooting
- File transfer messages now bypass chat UI entirely
- System messages are deduplicated using internal flags
- Better separation of concerns between WebRTC and file transfer systems
- More robust initialization sequence with proper cleanup
- Improved message routing and processing pipeline
- Fixed duplicate system notifications
- Resolved file transfer message leakage into chat
- Improved connection state management
- Better handling of initialization race conditions
- Reworked the core logic for encrypting and decrypting files exchanged between users
- Improved key derivation and session handling for file chunks
- Enhanced integrity checks to prevent tampering and replay attacks
- Work in progress: adding hardened encryption schemes and conducting fault-tolerance testing
Added an early implementation of secure file transfer using chunk-based encryption.
Files are split into encrypted chunks and transmitted over the chat channel.
This feature is still under active development and requires further changes and testing.
- Added a real verification system for active encryption modules, giving users full control over enabled modules.
- During session purchase or activation, the actual enabled modules are now displayed for both free and paid sessions.
- Refactored session timer initialization for proper functionality and accurate countdown.
- Optimized code structure related to session management and module verification.
- Add manifest.json with full PWA configuration
- Support for installation on all platforms (iOS, Android, Desktop)
- Custom app icons (72x72 to 512x512) with maskable support
- App shortcuts for quick actions (Create/Join Channel)
- Protocol handlers for web+securebit:// links
- Share target integration
- Implement enhanced Service Worker (v4.0)
- Smart caching strategies (cache-first, network-first, stale-while-revalidate)
- Security-aware caching (excludes sensitive endpoints)
- Background sync for failed requests
- Offline fallbacks with custom error handling
- Response cloning fixes and CORS handling
- Add PWA Install Prompt Manager
- Cross-platform install detection and prompts
- iOS Safari specific installation guide
- Smart dismissal logic with retry mechanisms
- Install success notifications and user guidance
- Persistent install preferences with localStorage
- Implement comprehensive Offline Manager
- IndexedDB for offline data persistence
- Automatic message queuing and sync when online
- Session state recovery after connection loss
- WebRTC reconnection handling
- Real-time connection status indicators
- Offline guidance and help system
- Add offline-first features
- Message queue with priority and retry logic
- Session data preservation during disconnection
- Application state recovery
- Background sync registration
- Periodic cleanup of old offline data
- Enhanced user experience
- Connection status notifications
- Offline mode guidance and help
- Automatic sync notifications
- Reconnection progress indicators
- Platform-specific installation instructions
This implementation ensures SecureBit.chat works seamlessly offline while maintaining security and providing a native app-like experience across all platforms.
- Updated demo mode: now includes basic protection features, still stronger than many competing messengers.
- Adjusted pricing for Basic and Premium sessions to better reflect security levels.
- Added restrictions to Basic session and enhanced Premium session to deliver maximum protection.
BREAKING CHANGE: Project renamed from LockBit.chat to SecureBit.chat
- Changed project name to avoid confusion with LockBit ransomware group
- Updated all documentation, branding, and references
- Maintained all existing functionality and security features
- Domain migration planned to securebit.chat
Reason: The LockBit name became associated with a notorious ransomware
group, causing conflicts on platforms and potential confusion for users.
SecureBit better reflects our mission of providing secure P2P messaging
while avoiding negative associations.
This change affects:
- README.md and all documentation
- Package.json name field
- Brand assets and logos
- Website references
- Social media handles
Core functionality remains unchanged:
✅ 12-layer military-grade security
✅ Lightning Network integration
✅ P2P WebRTC architecture
✅ Open source MIT license
