{"id":48571550,"url":"https://github.com/diorwave/cmd-chat","last_synced_at":"2026-04-08T14:33:46.901Z","repository":{"id":333091871,"uuid":"1129024589","full_name":"diorwave/cmd-chat","owner":"diorwave","description":"My ISP tried to block this repo. šŸ¤ A truly peer-to-peer, end-to-end encrypted CLI chat that leaves NO logs. Perfect for... sensitive discussions. šŸ”„ Get it before it gets taken down","archived":false,"fork":false,"pushed_at":"2026-01-17T07:54:40.000Z","size":3185,"stargazers_count":48,"open_issues_count":1,"forks_count":7,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-02-06T17:52:02.114Z","etag":null,"topics":["end-to-end-encryption","p2p","python","python-based","ram-only","real-time","secure-authentication"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/diorwave.png","metadata":{"files":{"readme":"README.MD","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-01-06T13:55:17.000Z","updated_at":"2026-02-06T14:32:42.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/diorwave/cmd-chat","commit_stats":null,"previous_names":["diorwave/cmd-chat"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/diorwave/cmd-chat","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/diorwave%2Fcmd-chat","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/diorwave%2Fcmd-chat/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/diorwave%2Fcmd-chat/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/diorwave%2Fcmd-chat/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/diorwave","download_url":"https://codeload.github.com/diorwave/cmd-chat/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/diorwave%2Fcmd-chat/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31559926,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-08T14:31:17.711Z","status":"ssl_error","status_checked_at":"2026-04-08T14:31:17.202Z","response_time":54,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["end-to-end-encryption","p2p","python","python-based","ram-only","real-time","secure-authentication"],"created_at":"2026-04-08T14:33:46.754Z","updated_at":"2026-04-08T14:33:46.860Z","avatar_url":"https://github.com/diorwave.png","language":"Python","readme":"\u003cdiv align=\"center\"\u003e\n\n# šŸ¤ CMD-CHAT\n\n### encrypted terminal chat. no servers. no logs. ram only.\n\n[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)\n[![Python 3.8+](https://img.shields.io/badge/python-3.8+-blue.svg)](https://www.python.org/downloads/)\n\n\u003c/div\u003e\n\n---\n\npeer-to-peer encrypted chat that runs in your terminal. you host, you control. close the window ā€” everything's gone.\n\n## why\n\nevery \"secure\" messenger still stores metadata somewhere. this doesn't. it's just two terminals talking over an encrypted tunnel. nothing written to disk, ever.\n\n## how it works\n\n```\nā”Œā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”\nā”‚ SRP AUTHENTICATION ā”‚\nā”œā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”¤\nā”‚ ā”‚\nā”‚ CLIENT SERVER ā”‚\nā”‚ ā”‚ ā”‚ ā”‚\nā”‚ ā”‚ā”€ā”€ā”€ā”€ā”€ā”€ā”€ POST /srp/init {username, A} ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā–ŗ ā”‚ ā”‚\nā”‚ ā”‚ (A = client public ephemeral) ā”‚ ā”‚\nā”‚ ā”‚ ā”‚ ā”‚\nā”‚ ā”‚ā—„ā”€ā”€ā”€ā”€ {user_id, B, salt, room_salt} ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ ā”‚ ā”‚\nā”‚ ā”‚ (B = server public ephemeral) ā”‚ ā”‚\nā”‚ ā”‚ (room_salt = E2E key derivation) ā”‚ ā”‚\nā”‚ ā”‚ ā”‚ ā”‚\nā”‚ ā”‚ [client derives room_key via HKDF: ā”‚ ā”‚\nā”‚ ā”‚ room_key = HKDF(password, room_salt)] ā”‚ ā”‚\nā”‚ ā”‚ ā”‚ ā”‚\nā”‚ ā”‚ [both sides compute SRP session key ā”‚ ā”‚\nā”‚ ā”‚ using password + ephemeral values] ā”‚ ā”‚\nā”‚ ā”‚ ā”‚ ā”‚\nā”‚ ā”‚ā”€ā”€ā”€ā”€ā”€ā”€ā”€ POST /srp/verify {user_id, M} ā”€ā”€ā”€ā”€ā”€ā”€ā–ŗ ā”‚ ā”‚\nā”‚ ā”‚ (M = client proof) ā”‚ ā”‚\nā”‚ ā”‚ ā”‚ ā”‚\nā”‚ ā”‚ā—„ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ {H_AMK, session_key} ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ ā”‚ ā”‚\nā”‚ ā”‚ (H_AMK = server proof) ā”‚ ā”‚\nā”‚ ā”‚ ā”‚ ā”‚\nā”‚ ā”‚ [password never transmitted] ā”‚ ā”‚\nā”‚ ā”‚ [MITM can't derive session key] ā”‚ ā”‚\nā”‚ ā”‚ ā”‚ ā”‚\nā”œā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”¤\nā”‚ E2E ENCRYPTED CHAT ā”‚\nā”œā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”¤\nā”‚ ā”‚ ā”‚ ā”‚\nā”‚ ā”‚ā•ā•ā•ā•ā•ā•ā• WebSocket /ws/chat?user_id ā•ā•ā•ā•ā•ā•ā•ā•ā•ā–ŗ ā”‚ ā”‚\nā”‚ ā”‚ (authenticated session) ā”‚ ā”‚\nā”‚ ā”‚ ā”‚ ā”‚\nā”‚ ā”‚ ā”‚ ā”‚\nā”‚ ā”Œā”€ā”“ā”€ā” ā”Œā”€ā”€ā”“ā”€ā”€ā” ā”‚\nā”‚ ā”‚ C ā”‚ā”€ā”€ā”€ā”€ encrypt(msg, room_key) ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā–ŗā”‚ S ā”‚ ā”‚\nā”‚ ā”‚ L ā”‚ ā”‚ E ā”‚ ā”‚\nā”‚ ā”‚ I ā”‚ā—„ā”€ā”€ā”€ ciphertext (broadcast) ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”‚ R ā”‚ ā”‚\nā”‚ ā”‚ E ā”‚ ā”‚ V ā”‚ ā”‚\nā”‚ ā”‚ N ā”‚ decrypt(ciphertext, room_key) ā”‚ E ā”‚ ā”‚\nā”‚ ā”‚ T ā”‚ ā”‚ R ā”‚ ā”‚\nā”‚ ā””ā”€ā”¬ā”€ā”˜ ā””ā”€ā”€ā”¬ā”€ā”€ā”˜ ā”‚\nā”‚ ā”‚ ā”‚ ā”‚\nā”‚ ā”‚ [server stores ONLY ciphertext] ā”‚ ā”‚\nā”‚ ā”‚ [server CANNOT read messages] ā”‚ ā”‚\nā”‚ ā”‚ [all clients with same password ā”‚ ā”‚\nā”‚ ā”‚ derive identical room_key] ā”‚ ā”‚\nā”‚ ā”‚ ā”‚ ā”‚\nā”‚ ā”‚ Encryption: Fernet (AES-128-CBC + HMAC) ā”‚ ā”‚\nā”‚ ā”‚ Key derivation: HKDF-SHA256 ā”‚ ā”‚\nā”‚ ā”‚ ā”‚ ā”‚\nā”‚ ā”‚ [on disconnect: keys wiped from RAM] ā”‚ ā”‚\nā”‚ ā”‚ ā”‚ ā”‚\nā””ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”˜\n\nā”Œā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”\nā”‚ KEY HIERARCHY ā”‚\nā”œā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”¤\nā”‚ ā”‚\nā”‚ password ā”€ā”€ā”¬ā”€ā”€ā–ŗ SRP ā”€ā”€ā–ŗ session_key (per-user, auth only) ā”‚\nā”‚ ā”‚ ā”‚\nā”‚ ā””ā”€ā”€ā–ŗ HKDF(password, room_salt) ā”€ā”€ā–ŗ room_key (shared) ā”‚\nā”‚ ā”‚\nā”‚ room_salt: generated once at server start ā”‚\nā”‚ room_key: deterministic, same for all clients with same pwd ā”‚\nā”‚ ā”‚\nā””ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”˜\n```\n\n**SRP (Secure Remote Password)** ā€” password is never sent over the network. both sides prove they know it via zero-knowledge proof, then derive identical session keys.\n\n## install\n\n```bash\npython -m venv venv \u0026\u0026 source venv/bin/activate \u0026\u0026 pip install -r requirements.txt\n```\n\nwindows:\n\n```bash\npython -m venv venv ; .\\venv\\Scripts\\activate ; pip install -r requirements.txt\n```\n\n## usage\n\nstart server:\n\n```bash\npython cmd_chat.py serve 0.0.0.0 3000 --password mysecret\n```\n\nconnect:\n\n```bash\npython cmd_chat.py connect SERVER_IP 3000 username mysecret\n```\n\n![Example](example.gif)\n\n## features\n\n- **ram only** ā€” nothing touches disk\n- **rsa + aes** ā€” key exchange + symmetric encryption\n- **no central server** ā€” direct p2p connection\n- **srp auth** ā€” password never sent over network\n\n## license\n\nMIT\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdiorwave%2Fcmd-chat","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdiorwave%2Fcmd-chat","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdiorwave%2Fcmd-chat/lists"}