Simplex Privacy Protocol Research Lab: Portable Privacy-First Peer-to-Peer Communication Without Intermediaries
This repository is an experimental, open-source Privacy-First Peer-to-Peer Communication Protocol Research Lab focused on portable secure communication architecture, threat-surface transparency, and practical privacy engineering trade-offs.
Modern messaging systems often protect content cryptographically but still expose operational metadata, trust concentration, and endpoint coupling. This lab explores a different path: portable runtime + portable identity anchored to removable media, with public privacy-oriented transport substrate, designed for auditable engineering analysis.
A USB-anchored communication runtime can reduce host dependency and improve portability while enabling transparent study of metadata exposure, endpoint risk, and distributed trust boundaries.
- Portable macOS launcher (
Chat macOS) from USB. - Password-gated unlock flow with Argon2 verification.
- Fixed peer mapping (
SESSION_A<->SESSION_B). - Messaging over public SimpleX infrastructure.
- Offline queue behavior (recipient receives after reconnect).
- Runtime-to-USB state synchronization on clean exit.
- MVP is polling-based and CLI-coupled.
- Deletion semantics are best-effort.
- No formal app-layer cryptographic protocol specification yet.
- Endpoint compromise remains a high-impact risk.
This lab is not positioned as a replacement for established systems; it studies a specific architecture niche.
| Ecosystem | Primary Strength | Typical Trade-off | Relevance to this lab |
|---|---|---|---|
| Signal | Mature secure UX and protocol maturity | Mainstream endpoint/app model | Reference for usability/security balance |
| Briar | Resilience-focused decentralized comms patterns | Operational complexity in some scenarios | Reference for adversarial-context communication |
| Session | Privacy-oriented metadata minimization goals | Different trust/performance trade-offs | Reference for privacy-centric architecture |
| Tor ecosystem | Strong anonymity-routing primitives | Latency/operational complexity | Reference for traffic analysis resistance patterns |
Research niche here: portable identity/runtime architecture + threat-model-first documentation + reproducible security engineering workflow.
+-----------------------------+ +-----------------------------+
| USB Node A (SESSION_A) | | USB Node B (SESSION_B) |
|-----------------------------| |-----------------------------|
| Launcher + runtime binary | | Launcher + runtime binary |
| Local state/backup artifacts|<-----> | Local state/backup artifacts|
| SimpleX transport adapter | | SimpleX transport adapter |
+-----------------------------+ +-----------------------------+
Public privacy-oriented message infrastructure
Detailed docs:
docs/ARCHITECTURE.mddocs/COMMUNICATION_MODEL.mdthreat_model/THREAT_MODEL.mdcrypto/CRYPTO_STRATEGY.md
- User launches from USB and unlocks local state.
- Runtime boots transport process in temporary host runtime.
- Messages are delivered through SimpleX infrastructure.
- Offline recipient receives queued messages after reconnect.
- Runtime syncs data back to USB backup on clean shutdown.
This project explicitly tracks and documents:
- metadata leakage and timing correlation,
- traffic analysis windows,
- endpoint compromise risks,
- key management and identity continuity risks,
- replay/downgrade attack surfaces,
- physical USB compromise.
See threat_model/THREAT_MODEL.md for adversaries, trust boundaries, residual risks, and mitigation priorities.
This project is for lawful research, education, and defensive privacy engineering. It does not promote illegal use, abuse, harassment, or evasion of lawful investigations.
See:
DISCLAIMER.mdSECURITY.md
SECURITY.md: vulnerability reporting and disclosure process.DISCLAIMER.md: legal/ethical boundaries.ROADMAP.md: phased technical direction.CONTRIBUTING.md: contribution expectations and PR checklist.CODE_OF_CONDUCT.md: collaboration standards.docs/adrs/: architecture decision records.
- Formal app-layer E2EE lifecycle design.
- Forward secrecy and post-compromise recovery strategy.
- Secure key exchange and peer identity verification workflow.
- Replay/downgrade protections owned at protocol boundary.
- Modular cross-platform abstraction layer for macOS/Windows/Linux.
- Cleaner transport adapters and event-driven receive model.
cargo build --release
./tools/deploy_stage1_macos.sh
./tools/pair_usbs_simplex.sh
/Volumes/SESSION_A/Chat\ macOS
/Volumes/SESSION_B/Chat\ macOSThis repository demonstrates practical artifacts relevant to:
- Security Analysis: explicit threat modeling and honest limitation reporting.
- Network Engineering: transport assumptions, queueing semantics, and failure handling.
- Threat Research and SOC: adversary-centric framing and attack-surface mapping.
- Distributed Systems Security: state synchronization, trust boundaries, and portability constraints.
MIT (LICENSE).