{"id":42521450,"url":"https://github.com/confy-security/cli","last_synced_at":"2026-01-28T15:19:51.162Z","repository":{"id":308786496,"uuid":"958051386","full_name":"confy-security/cli","owner":"confy-security","description":"CLI client for the Confy encrypted communication system","archived":false,"fork":false,"pushed_at":"2026-01-24T11:29:29.000Z","size":414,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-01-24T22:11:21.914Z","etag":null,"topics":["chat","chat-application","chat-cli","cli","confy","prompt-toolkit","typer","websocket"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/confy-security.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":"CITATION.cff","codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-03-31T15:05:31.000Z","updated_at":"2026-01-24T11:29:28.000Z","dependencies_parsed_at":"2025-11-29T03:07:46.955Z","dependency_job_id":null,"html_url":"https://github.com/confy-security/cli","commit_stats":null,"previous_names":["confy-security/cli"],"tags_count":12,"template":false,"template_full_name":null,"purl":"pkg:github/confy-security/cli","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/confy-security%2Fcli","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/confy-security%2Fcli/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/confy-security%2Fcli/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/confy-security%2Fcli/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/confy-security","download_url":"https://codeload.github.com/confy-security/cli/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/confy-security%2Fcli/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28846221,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-28T15:15:36.453Z","status":"ssl_error","status_checked_at":"2026-01-28T15:15:13.020Z","response_time":57,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["chat","chat-application","chat-cli","cli","confy","prompt-toolkit","typer","websocket"],"created_at":"2026-01-28T15:19:51.104Z","updated_at":"2026-01-28T15:19:51.156Z","avatar_url":"https://github.com/confy-security.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003ch1 align=\"center\"\u003e\n  \u003ca href=\"https://github.com/confy-security/cli\" target=\"_blank\" rel=\"noopener noreferrer\"\u003e\n    \u003cpicture\u003e\n      \u003cimg width=\"80\" src=\"https://github.com/user-attachments/assets/d95cfc93-8a78-4545-a9ba-ba6b9000795b\"\u003e\n    \u003c/picture\u003e\n  \u003c/a\u003e\n  \u003cbr\u003e\n  Confy CLI\n\u003c/h1\u003e\n\n\u003cp align=\"center\"\u003eA command-line client for the Confy encrypted communication system.\u003c/p\u003e\n\n\u003cdiv align=\"center\"\u003e\n\n[![Test](https://github.com/confy-security/cli/actions/workflows/test.yml/badge.svg)](https://github.com/confy-security/cli/actions/workflows/test.yml)\n[![PyPI - Version](https://img.shields.io/pypi/v/confy-cli?color=blue)](https://pypi.org/project/confy-cli/)\n[![AUR Version](https://img.shields.io/aur/version/confy-cli)](https://aur.archlinux.org/packages/confy-cli)\n[![PyPI - Python Version](https://img.shields.io/pypi/pyversions/confy-cli)](https://pypi.org/project/confy-cli/)\n[![GitHub License](https://img.shields.io/github/license/confy-security/cli?color=blue)](/LICENSE)\n[![Visitors](https://api.visitorbadge.io/api/visitors?path=confy-security%2Fcli\u0026label=repository%20visits\u0026countColor=%231182c3\u0026style=flat)](https://github.com/confy-security/cli)\n  \n\u003c/div\u003e\n\n---\n\nA secure command-line interface for peer-to-peer encrypted messaging using the Confy communication system. This CLI enables users to establish encrypted connections with other peers, exchange cryptographic keys, and communicate with end-to-end encryption using industry-standard algorithms.\n\nLearn more about the project at [github.com/confy-security](https://github.com/confy-security)\n\nMade with dedication by students from Brazil 🇧🇷.\n\n## ⚡ Features\n\n- **End-to-End Encryption** - Messages are encrypted using AES-256 in CFB mode\n- **Digital Signatures** - Messages are signed using RSA with PSS padding for authenticity\n- **Secure Key Exchange** - RSA-4096 key exchange with OAEP padding\n- **Interactive Terminal** - User-friendly command-line interface using prompt-toolkit and Typer\n- **Debug Mode** - Detailed logging for troubleshooting and development\n- **Cross-Platform** - Works on Windows, macOS, and Linux\n- **WebSocket Support** - Secure peer-to-peer communication over WebSocket (WSS)\n\n## ⚙️ Requirements\n\n- **Python:** 3.13 or higher\n- **OS:** Windows, macOS, or Linux\n\n## 📦 Installation\n\nInstall the CLI globally with your Python package manager of choice.\n\n```shell\npipx install confy-cli\n```\n\n### With AUR (Arch Linux)\n\nYou can install the CLI from the AUR using an AUR helper like `yay`:\n\n```bash\nyay -S confy-cli\n```\n\n### 🐳 Using Docker\n\nAlternatively, you can use the CLI via a Docker container:\n\n```bash\ndocker run -it ghcr.io/confy-security/cli:latest\n```\n\nOnce inside the container, you can use the CLI normally:\n\n```bash\nconfy start your-user-id recipient-user-id\n```\n\nTo build the Docker image locally:\n\n```bash\ndocker build -t confy-cli .\ndocker run -it confy-cli\n```\n\n## 🚀 Quick Start\n\n### Basic Usage\n\nStart a secure conversation with another peer:\n\n```bash\nconfy start your-user-id recipient-user-id\n```\n\nWhen prompted, enter the server address:\n\n```txt\nServer address: wss://secure-server.example.com\n```\n\n\u003e [!TIP]\n\u003e To learn how to deploy your own self-hosted Confy server, see [github.com/confy-security/server](https://github.com/confy-security/server).\n\n### Interactive Commands\n\nOnce connected, you can:\n\n- **Send messages** - Type your message and press Enter\n- **Receive messages** - Messages from peers appear in real-time\n- **Exit** - Type `exit` to end the session\n\n### Example Session\n\n```bash\n$ confy start alice bob\nServer address: wss://secure-server.example.com\n[SYSTEM] Waiting for recipient to connect...\n[SYSTEM] The recipient is now connected.\n\u003e Hello Bob, this is Alice!\n[RECEIVED] Hi Alice! I received your message.\n\u003e exit\n```\n\n## 🔒 Security Architecture\n\n### Key Exchange Process\n\n1. **RSA Key Generation** - Each client generates a 4096-bit RSA key pair\n2. **Public Key Exchange** - Public keys are exchanged securely over WebSocket\n3. **AES Key Generation** - A random 256-bit AES key is generated\n4. **Encrypted Key Distribution** - AES key is encrypted with peer's RSA public key\n5. **Secure Communication** - All messages are encrypted with the shared AES key and signed\n\n### Encryption Details\n\n- **Message Encryption** - AES-256 in CFB mode\n- **Key Encryption** - RSA-4096 with OAEP padding\n- **Signatures** - RSA-4096 with PSS padding and SHA-256\n- **Cryptography Library** - Uses the `cryptography` library (actively maintained)\n\n## 📚 Environment Variables\n\nConfigure the CLI using environment variables:\n\n```bash\n# Enable debug mode\nexport DEBUG=true\n\n# Or set it in .env file\nDEBUG=false\n```\n\nCreate a `.env` file in your project directory:\n\n```env\nDEBUG=false\n```\n\n## 🔧 Configuration\n\n### Server Address Format\n\nThe server address can be specified as:\n\n- **Secure WebSocket** - `wss://example.com` (recommended)\n- **WebSocket** - `ws://example.com` (use only for testing)\n- **HTTPS** - `https://example.com` (automatically converts to WSS)\n- **HTTP** - `http://example.com` (automatically converts to WS)\n\n### Connection History\n\nThe CLI stores your connection history in:\n\n```txt\n~/.confy_address_history\n```\n\nThis allows you to quickly access previously used server addresses using arrow keys.\n\n## 🛠️ Troubleshooting\n\n### Connection Issues\n\n**\"Error connecting to server\"**\n\n- Verify the server address is correct\n- Ensure the server is running and accessible\n- Check your network connectivity\n- For WSS connections, verify the SSL certificate is valid\n\n**\"Connection refused\"**\n\n- Confirm the server is listening on the specified address and port\n- Check if a firewall is blocking the connection\n\n### Message Issues\n\n**\"AES key has not been established yet\"**\n\n- Wait a moment for the key exchange to complete\n- Ensure both peers are connected\n- Check if the server is properly relaying messages\n\n**\"Failed to encrypt/verify message\"**\n\n- This indicates an issue with the encryption layer\n- Try reconnecting to the server\n- Check if both peers are running compatible CLI versions\n\n### Performance Issues\n\n**Slow response times**\n\n- Check your network latency to the server\n- Consider using a server closer to your location\n- Reduce the frequency of large messages\n\n## 📖 Usage Guide\n\n### Connecting to a Server\n\n```bash\nconfy start alice bob\n```\n\nYou'll be prompted to enter the server address. For the first time, you can enter:\n\n```txt\nServer address: wss://secure-server.example.com\n```\n\n### Sending Messages\n\nSimply type your message and press Enter:\n\n```txt\n\u003e Your encrypted message here\n```\n\n### Security Considerations\n\n1. **Verify Recipients** - Ensure you're communicating with the intended person\n2. **Secure Connections** - Always use WSS (WebSocket Secure) in production\n3. **Key Management** - Store your user ID securely\n4. **Session Management** - End sessions with `exit` when finished\n\n### Advanced Usage\n\n#### Debug Mode\n\nEnable debug mode to see detailed information:\n\n```bash\nDEBUG=true confy start alice bob\n```\n\nThis will display:\n\n- Key exchange details\n- Message encryption/decryption info\n- Connection status changes\n- Signature verification steps\n\n#### Custom Server\n\nConnect to a custom server:\n\n```bash\nconfy start your-id recipient-id\nServer address: wss://your-custom-server.com:8080\n```\n\n## 🤝 Dependencies\n\nConfy CLI relies on:\n\n- **[typer](https://typer.tiangolo.com/)** (\u003e=0.15.4, \u003c0.16.0) - CLI framework\n- **[websockets](https://websockets.readthedocs.io/)** (\u003e=15.0.1, \u003c16.0.0) - WebSocket protocol support\n- **[pydantic-settings](https://docs.pydantic.dev/latest/concepts/pydantic_settings/)** (\u003e=2.11.0, \u003c3.0.0) - Configuration management\n- **[confy-addons](https://github.com/confy-security/confy-addons)** (\u003e=1.1.0, \u003c2.0.0) - Encryption primitives\n- **[prompt-toolkit](https://python-prompt-toolkit.readthedocs.io/)** (\u003e=3.0.52, \u003c4.0.0) - Terminal interface\n\nAll dependencies are installed automatically with pip.\n\n## 🐛 Bug Reports\n\nIf you encounter any issues, please report them:\n\n1. Check if the issue already exists on [GitHub Issues](https://github.com/confy-security/cli/issues)\n2. Provide clear reproduction steps\n3. Include your Python version and OS\n4. Attach relevant logs with `DEBUG=true`\n\nSee [CONTRIBUTING.md](CONTRIBUTING.md) for more information.\n\n## 🔐 Security Policy\n\nFor security vulnerabilities, please follow responsible disclosure:\n\n**DO NOT** open a public GitHub issue.\n\nInstead, email: [confy@henriquesebastiao.com](mailto:confy@henriquesebastiao.com)\n\nSee [SECURITY.md](SECURITY.md) for detailed information.\n\n## 📝 Contributing\n\nWe welcome contributions! Please see [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines on:\n\n- Setting up the development environment\n- Code standards and style guidelines\n- Testing requirements\n- Pull request process\n\n## 📄 License\n\nConfy CLI is open source software licensed under the [GPL-3.0](https://github.com/confy-security/cli/blob/main/LICENSE) license.\n\n## 📚 Additional Resources\n\n- **Confy Security** - [github.com/confy-security](https://github.com/confy-security)\n- **Contributing Guide** - [CONTRIBUTING.md](CONTRIBUTING.md)\n- **Security Policy** - [SECURITY.md](SECURITY.md)\n- **Code of Conduct** - [CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md)\n\n## 🙋 Support\n\nFor questions and support:\n\n- Check existing issues and discussions on GitHub\n- Review the [CONTRIBUTING.md](CONTRIBUTING.md) guide\n- Contact the team at [confy@henriquesebastiao.com](mailto:confy@henriquesebastiao.com)\n\n## Acknowledgments\n\nThis project was created with dedication by Brazilian students 🇧🇷 as part of the Confy Security initiative.\n\n**Built with ❤️ by the Confy Security Team**","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fconfy-security%2Fcli","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fconfy-security%2Fcli","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fconfy-security%2Fcli/lists"}