{"id":51536630,"url":"https://github.com/jeiel85/disaster-mesh","last_synced_at":"2026-07-09T09:01:20.640Z","repository":{"id":367462343,"uuid":"1280012824","full_name":"jeiel85/disaster-mesh","owner":"jeiel85","description":"End-to-end encrypted offline P2P emergency messaging for Android. BLE mesh. No internet required. HPKE + Ed25519. BPv7. Rust core + Kotlin.","archived":false,"fork":false,"pushed_at":"2026-06-26T05:50:17.000Z","size":185,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"master","last_synced_at":"2026-06-26T06:13:52.172Z","etag":null,"topics":["android","ble","blutooth","bpv7","disaster","emergency","encryption","hpke","kotlin","mesh-network","offline","open-source","p2p","privacy","rust"],"latest_commit_sha":null,"homepage":"https://jeiel85.github.io/disaster-mesh/","language":"Kotlin","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jeiel85.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-06-25T07:35:28.000Z","updated_at":"2026-06-26T05:50:21.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/jeiel85/disaster-mesh","commit_stats":null,"previous_names":["jeiel85/disaster-mesh"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/jeiel85/disaster-mesh","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jeiel85%2Fdisaster-mesh","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jeiel85%2Fdisaster-mesh/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jeiel85%2Fdisaster-mesh/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jeiel85%2Fdisaster-mesh/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jeiel85","download_url":"https://codeload.github.com/jeiel85/disaster-mesh/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jeiel85%2Fdisaster-mesh/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":35293217,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-07-09T02:00:07.329Z","response_time":57,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["android","ble","blutooth","bpv7","disaster","emergency","encryption","hpke","kotlin","mesh-network","offline","open-source","p2p","privacy","rust"],"created_at":"2026-07-09T09:01:19.609Z","updated_at":"2026-07-09T09:01:20.624Z","avatar_url":"https://github.com/jeiel85.png","language":"Kotlin","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n\n\u003cimg src=\"assets/banner.svg\" alt=\"DisasterMesh — Encrypted Offline Emergency Messaging\" width=\"100%\"/\u003e\n\n# DisasterMesh\n\n**종단간 암호화 · 오프라인 우선 · BLE 전용 · 서버 없음 · 인터넷 불필요**\n\n*End-to-end encrypted offline mesh messaging when infrastructure fails*\n\n[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](LICENSE)\n[![Platform](https://img.shields.io/badge/Platform-Android%208.0%2B%20%28API%2026%29-3DDC84.svg?logo=android\u0026logoColor=white)](https://developer.android.com)\n[![Kotlin](https://img.shields.io/badge/Kotlin-Jetpack%20Compose-7F52FF.svg?logo=kotlin\u0026logoColor=white)](https://kotlinlang.org)\n[![Rust](https://img.shields.io/badge/Rust-2024%20Edition-orange.svg?logo=rust\u0026logoColor=white)](https://rust-lang.org)\n[![Encryption](https://img.shields.io/badge/Encryption-HPKE%20%2B%20Ed25519-red.svg?logo=letsencrypt\u0026logoColor=white)](docs/06-security-and-threat-model.md)\n[![Protocol](https://img.shields.io/badge/Protocol-BPv7%20RFC%209171-informational.svg)](docs/03-protocol-dme-v1.md)\n[![Transport](https://img.shields.io/badge/Transport-BLE%20GATT%20Only-blue.svg?logo=bluetooth\u0026logoColor=white)](docs/04-protocol-ble-cla-v1.md)\n[![Status](https://img.shields.io/badge/Status-Commercial%20Baseline%20v2.0.0--rc1-success.svg)](docs/16-design-review-v2.0.0-rc1.md)\n\n[**Landing Page**](https://jeiel85.github.io/disaster-mesh)\u0026nbsp;·\u0026nbsp;[**Specification**](docs/)\u0026nbsp;·\u0026nbsp;[**Architecture**](docs/01-system-architecture.md)\u0026nbsp;·\u0026nbsp;[**Security Model**](docs/06-security-and-threat-model.md)\u0026nbsp;·\u0026nbsp;[**Known Limitations**](docs/14-known-limitations.md)\n\n\u003c/div\u003e\n\n---\n\nDisasterMesh is an **Android-first, serverless, offline-first** emergency communication system that works when cellular networks, internet, and infrastructure fail. Using Bluetooth Low Energy (BLE), devices form a self-organizing peer-to-peer mesh network that stores, carries, and relays end-to-end encrypted messages across multiple hops — with no server, no internet, and no plaintext visible to relays.\n\nThe current design baseline is **v2.0.0-rc1**. It closes the protocol, storage,\ntransport, and operational contracts needed to begin a commercial-grade\nimplementation. Goal 0, Goal 0.5, and Goal 1 protocol-core implementation are\ncomplete; identity and E2EE implementation is now unblocked.\n\n\u003e **재난 상황에서** 기지국·인터넷·공유기 없이, 주변 스마트폰과 고정 릴레이만으로  \n\u003e 종단간 암호화된 재난 메시지를 **저장·운반·전달**하는 Android 우선 오픈소스 시스템.  \n\u003e Bluetooth 전용 · 서버 없음 · 중계 노드가 내용을 읽을 수 없음.\n\n---\n\n## Why This Exists\n\nWhen earthquakes, floods, hurricanes, or power failures strike, cellular networks become congested or go offline entirely — right when people need to communicate about safety, location, and rescue needs. Standard messaging apps stop working. **DisasterMesh continues working:**\n\n| Problem | DisasterMesh |\n|---|---|\n| Cellular tower is down | BLE radio in your pocket still works |\n| No internet connection | No internet permission declared in release APK |\n| Server is unreachable | No server — pure peer-to-peer mesh |\n| Messages may be intercepted | HPKE + Ed25519 end-to-end encryption |\n| Relay may peek at content | Relay nodes only forward ciphertext they cannot decrypt |\n| Process killed mid-transfer | SQLite store-and-forward survives restarts |\n| SOS drowned in regular traffic | P0 priority + 12 copy tokens for emergency messages |\n\n---\n\n## Features\n\n| Feature | Detail |\n|---|---|\n| **BLE Mesh Transport** | Android BLE Central + Peripheral (GATT Server), Noise_XX handshake per link |\n| **End-to-End Encryption** | RFC 9180 HPKE Base: X25519 / HKDF-SHA256 / ChaCha20Poly1305 |\n| **Sender Authentication** | Ed25519 signatures embedded inside ciphertext |\n| **Multi-hop Routing** | Binary Spray-and-Wait with persistent token grant escrow |\n| **SOS Priority (P0)** | Highest priority queue, 12 copy tokens, 16 hop limit, 24h TTL |\n| **Store and Forward** | SQLite persistence survives process kills; delivers when peers meet later |\n| **Privacy by Default** | No INTERNET permission in release; relay nodes see only ciphertext |\n| **Contact Verification** | QR code in-person exchange with Ed25519 public keys |\n| **Delivery Receipts** | Signed receipts route back to sender through the mesh |\n| **No Dependencies** | Pure BLE; no TCP, no UDP, no Wi-Fi, no cloud |\n\n---\n\n## Architecture\n\n```\n┌──────────────────── Android App (Kotlin) ───────────────────────┐\n│                                                                   │\n│  ┌─────────────────────────────────────────────────────────────┐ │\n│  │           Jetpack Compose UI Screens                        │ │\n│  │  SendMessage · CheckIn · SOS · ContactBook · RelayStatus    │ │\n│  └─────────────────────────┬───────────────────────────────────┘ │\n│                             │                                     │\n│  ┌──────────────┐  ┌────────▼──────────┐  ┌────────────────────┐ │\n│  │  Foreground  │  │   MeshCoordinator │  │   BlePlatformAdap  │ │\n│  │   Service    │  │   (Kotlin bridge) │  │   Central/Periph   │ │\n│  └──────────────┘  └────────┬──────────┘  └────────────────────┘ │\n│                             │  UniFFI FFI                         │\n├─────────────────────────────┼───────────────────────────────────-┤\n│                    ┌────────▼──────────┐                          │\n│                    │    MeshEngine     │  (Rust 2024)             │\n│  ┌─────────────────┴─────────────────────────────────────────┐   │\n│  │  mesh-types  │  mesh-codec  │  mesh-crypto  │  mesh-bundle │   │\n│  │  mesh-routing│  mesh-store  │  mesh-engine  │  mesh-sim    │   │\n│  │                          mesh-ffi                          │   │\n│  └────────────────────────────────────────────────────────────┘   │\n│                                                                   │\n└────────────────┬──────────────────────────────┬──────────────────┘\n                 │                              │\n          ┌──────▼───────┐             ┌────────▼────────┐\n          │    SQLite    │             │  Android        │\n          │  (Rust owns) │             │  Keystore       │\n          └──────────────┘             └─────────────────┘\n```\n\n**Key principle:** Rust owns everything below the FFI boundary — protocol encoding, cryptography, routing decisions, and the database. Kotlin handles only platform surfaces: BLE radio, UI, and key-wrapping via Android Keystore.\n\n---\n\n## Tech Stack\n\n| Layer | Technology | Rationale |\n|---|---|---|\n| **UI** | Kotlin + Jetpack Compose | Modern Android-native declarative UI |\n| **Core** | Rust 2024 Edition | Memory safety, deterministic codec, no GC pauses |\n| **FFI** | UniFFI (single facade crate) | Type-safe Rust ↔ Kotlin binding |\n| **Transport** | Android BLE GATT Central + Peripheral | Sole transport; zero internet permission in release |\n| **Link Security** | Noise_XX_25519_ChaChaPoly_BLAKE2s | Mutual auth + forward secrecy per BLE session |\n| **Message Encryption** | RFC 9180 HPKE Base: X25519/HKDF-SHA256/ChaCha20Poly1305 | Asymmetric E2EE; relay sees only ciphertext |\n| **Authentication** | Ed25519 signatures | Compact, fast, embedded in ciphertext |\n| **Bundle Protocol** | BPv7 (RFC 9171) — DM-BP7-1 profile | DTN standard; store-and-forward semantics |\n| **Serialization** | Deterministic CBOR (RFC 8949) | Compact binary; canonical form for signature coverage |\n| **Schema** | CDDL | Machine-verifiable protocol schema |\n| **Routing** | Binary Spray-and-Wait + Direct Delivery | Proven DTN algorithm with copy-token escrow |\n| **Storage** | SQLite — Rust-owned | Persistent across restarts; encrypted master key |\n| **Key Storage** | Android Keystore AES-256 | DB master key never leaves secure enclave |\n\n---\n\n## Message Types\n\n| Type | Priority | TTL | Copy Tokens | Max Payload |\n|---|---|---|---|---|\n| `PRIVATE_SOS` | **P0** | 24 h | 12 | 7,800 bytes |\n| `DELIVERY_RECEIPT` | **P0** | 7 d | — | — |\n| `CANCEL` | **P0** | 7 d | — | — |\n| `CHECK_IN` | P1 | 48 h | 8 | 7,800 bytes |\n| `LOCATION_UPDATE` | P1 | 24 h | 6 | — |\n| `DIRECT_TEXT` | P2 | 72 h | 6 | 7,800 bytes |\n\n\u003e P0 messages are always scheduled before P1, P1 before P2. The relay queue enforces this at every BLE transfer opportunity.\n\n---\n\n## Project Structure\n\n```\ndisaster-mesh/\n│\n├── core/                          # Rust 2024 workspace (9 crates, one FFI facade)\n├── apps/android/                  # Android 16-module project and Gradle wrapper\n├── Cargo.toml                     # Locked workspace dependency graph\n├── Cargo.lock\n├── rust-toolchain.toml            # Rust 1.96.0 + Android targets\n│\n├── docs/                          # 24 numbered specifications + readiness docs\n│   ├── adr/                       # ADR-001 through ADR-016\n│   ├── 00-product-requirements.md\n│   ├── 01-system-architecture.md\n│   ├── ...\n│   ├── 16-design-review-v2.0.0-rc1.md\n│   ├── 17-commercial-readiness.md\n│   ├── 18-privacy-and-data-governance.md\n│   ├── 19-operational-readiness.md\n│   ├── 20-security-verification-plan.md\n│   ├── 21-requirements-traceability.md\n│   ├── 22-go-live-checklist.md\n│   ├── 23-android-emulator-testing.md\n│   ├── dependency-review.md\n│   └── index.html                 # Landing page (GitHub Pages)\n│\n├── spec/                          # Exact DME/BLE wire and CDDL contracts\n│   ├── dme-v1.cddl\n│   ├── dme-aad-v1.cddl\n│   ├── ble-control-v1.cddl\n│   ├── ble-wire-v1.md\n│   ├── contact-card-v1.cddl\n│   └── disaster-routing-block-v1.cddl\n│\n├── schemas/\n│   ├── sqlite_v1.sql              # Initial SQLite schema (20 tables)\n│   └── schema_invariants.sql      # Queries that must return zero rows\n│\n├── contracts/                     # Machine-readable constants and FFI sketches\n│   ├── protocol_constants.toml\n│   ├── state_codes.toml\n│   ├── rust_facade.rs\n│   └── android_interfaces.kt\n│\n├── prompts/                       # Goal 0, 0.5, 1–7 implementation prompts\n├── test-vectors/                  # Required cases and manifest schemas\n├── policies/                      # Privacy and store-disclosure release inputs\n├── release/                       # Signed release-evidence manifest schema\n├── tools/validate_design_bundle.py\n├── tools/setup_android_emulator.ps1\n├── tools/smoke_android_emulator.ps1\n├── SECURITY.md\n├── SUPPORT.md\n├── IMPLEMENTATION_CHECKLIST.md\n├── CHANGELOG.md\n├── LICENSE                        # Apache 2.0\n└── README.md\n```\n\n---\n\n## Documentation\n\n| # | Document | Description |\n|---|---|---|\n| 00 | [Product Requirements](docs/00-product-requirements.md) | 18 FR + 12 NFR with acceptance criteria |\n| 01 | [System Architecture](docs/01-system-architecture.md) | Module boundaries, Rust/Android separation |\n| 02 | [Domain Model](docs/02-domain-model.md) | IDs, entities, aggregates, invariants |\n| 03 | [Protocol: DME v1](docs/03-protocol-dme-v1.md) | BPv7 profile, DME envelope, HPKE, Ed25519 |\n| 04 | [Protocol: BLE CLA v1](docs/04-protocol-ble-cla-v1.md) | GATT UUIDs, frames, Noise handshake |\n| 05 | [Routing \u0026 Queue](docs/05-routing-and-queue.md) | Spray-and-Wait, token escrow, TTL/hop rules |\n| 06 | [Security \u0026 Threat Model](docs/06-security-and-threat-model.md) | Threats, mitigations, key management, release gates |\n| 07 | [Storage Schema](docs/07-storage-schema.md) | 20-table SQLite schema, transactions, encryption |\n| 08 | [Rust Core Contract](docs/08-rust-core-contract.md) | FFI API signatures, engine commands, event model |\n| 09 | [Android Implementation](docs/09-android-implementation.md) | Manifest, BLE permissions, module structure |\n| 10 | [State Machines](docs/10-state-machines.md) | Service, link, transfer, message lifecycle FSMs |\n| 11 | [Testing \u0026 Acceptance](docs/11-testing-and-acceptance.md) | Unit, integration, real-device, security test matrix |\n| 12 | [Release \u0026 Operations](docs/12-release-and-operations.md) | CI gates, field relay setup, incident response |\n| 13 | [Development Goals](docs/13-development-goals.md) | Contract freeze, Android implementation, commercial release, post-1.0 expansion |\n| 14 | [Known Limitations](docs/14-known-limitations.md) | 13 public limitations and forbidden marketing claims |\n| 15 | [References](docs/15-references.md) | Verified primary sources for all standards cited |\n| 16 | [Design Review v2.0.0-rc1](docs/16-design-review-v2.0.0-rc1.md) | Resolved commercial implementation blockers and remaining gates |\n| 17 | [Commercial Readiness](docs/17-commercial-readiness.md) | Product, release, support, and evidence boundaries |\n| 18 | [Privacy \u0026 Data Governance](docs/18-privacy-and-data-governance.md) | Data inventory, retention, deletion, and disclosure rules |\n| 19 | [Operational Readiness](docs/19-operational-readiness.md) | Recovery, monitoring, rollout, and incident operations |\n| 20 | [Security Verification Plan](docs/20-security-verification-plan.md) | MASVS mapping, review scope, and exit evidence |\n| 21 | [Requirements Traceability](docs/21-requirements-traceability.md) | Requirement-to-contract-to-test mapping |\n| 22 | [Go-Live Checklist](docs/22-go-live-checklist.md) | Required owners, evidence, and release signatures |\n| 23 | [Android Emulator Testing](docs/23-android-emulator-testing.md) | Reproducible API 36 AVD setup and runtime smoke test |\n| — | [Dependency Review](docs/dependency-review.md) | Lockfile/SBOM-based dependency approval register |\n\n---\n\n## Implementation Roadmap\n\n| Goal | Focus | Key Completion Test |\n|---|---|---|\n| **Goal 0** | Rust workspace · Android modules · CI · no logic | `cargo test` passes; instrumentation test invokes Rust facade |\n| **Goal 0.5** | Freeze wire, state, schema, and command contracts | Validator passes; Goal 1–4 have zero P0 open decisions |\n| **Goal 1** | Types · CBOR codec · routing · 100-node simulator | A→B→C simulated delivery; token conservation verified |\n| **Goal 2** | Identity · HPKE · Ed25519 · QR contact · test vectors | Golden cryptographic test vectors pass |\n| **Goal 3** | Direct BLE transfer · GATT · Noise handshake | Two physical Android devices exchange E2EE message |\n| **Goal 4** | Multi-hop relay · token escrow · ACK recovery · receipts | 50× A→B→C cycles; B cannot decrypt payload |\n| **Goal 5** | Check-in/SOS UX · battery · foreground service · relay mode | 8h battery report; process kill recovery; thermal test |\n| **Goal 6** | Fuzz targets · SBOM · external review · public beta | Release thresholds and dependency/security gates pass |\n| **Goal 7** | Commercial release readiness | Go-live checklist complete; rollout and rollback rehearsed |\n| **Goal 8** | iOS and fixed relay expansion after Android 1.0 | Shared-core compatibility and field tooling validated |\n\n**Current status:** Goal 0–7 implementation and release-gate preparation are locally committed.\nThe Android product shell is now version **0.2.0** with persistent onboarding, a status\ndashboard, settings/app information, and an API 36 emulator regression path.\nThe commercial decision remains **NO-GO** until the physical-device, soak, external-review,\nsigning, legal, support, and approval evidence in `release/readiness-status.json` passes.\n\n---\n\n## Architectural Decisions\n\nSixteen locked ADRs define the constraints that everything else is built around:\n\n| ADR | Decision | Rationale |\n|---|---|---|\n| [ADR-001](docs/adr/ADR-001-android-first.md) | Android first; iOS/Linux relay in v1.1 | Maximize initial reach on single platform |\n| [ADR-002](docs/adr/ADR-002-rust-owns-protocol-db.md) | Rust core owns protocol, crypto, and SQLite | Single source of truth; no Kotlin/Rust drift |\n| [ADR-003](docs/adr/ADR-003-bpv7-profile.md) | BPv7 constrained profile; private block type 192 | DTN standard; interoperability foundation |\n| [ADR-004](docs/adr/ADR-004-message-security.md) | HPKE Base + Ed25519; no Double Ratchet in v1 | Simplicity + external audit feasibility |\n| [ADR-005](docs/adr/ADR-005-ble-gatt.md) | BLE GATT exclusively; no TCP/UDP fallback | Zero INTERNET permission; minimal attack surface |\n| [ADR-006](docs/adr/ADR-006-spray-and-wait.md) | Binary Spray-and-Wait with copy tokens | Proven DTN algorithm; bounded resource use |\n| [ADR-007](docs/adr/ADR-007-token-grant-escrow.md) | Persistent token grant escrow | Prevents token inflation after ACK loss |\n| [ADR-008](docs/adr/ADR-008-endpoint-only-control.md) | Only sender can revoke; relays ignore cancel targets | Prevents relay-level censorship of messages |\n| [ADR-009](docs/adr/ADR-009-authenticated-hop-limit.md) | Authenticate immutable hop limit in DME AAD | Prevents relay-side route-budget escalation |\n| [ADR-010](docs/adr/ADR-010-control-message-terminal-rules.md) | Receipt and cancel terminal rules | Prevents recursive control traffic |\n| [ADR-011](docs/adr/ADR-011-persisted-replay-bitmap.md) | Persist a 4096-bit replay bitmap | Survives reordering and process restarts |\n| [ADR-012](docs/adr/ADR-012-exact-ble-wire-format.md) | Fix the BLE byte-level wire contract | Makes independent implementations interoperable |\n| [ADR-013](docs/adr/ADR-013-platform-command-correlation.md) | Correlate async platform commands by ID | Prevents cross-link callback confusion |\n| [ADR-014](docs/adr/ADR-014-local-encryption-envelope.md) | Version and bind local encrypted columns | Defines recovery and corruption behavior |\n| [ADR-015](docs/adr/ADR-015-commercial-release-governance.md) | Require signed commercial release evidence | Makes launch approval auditable |\n| [ADR-016](docs/adr/ADR-016-no-delivery-guarantee.md) | Forbid delivery-guarantee claims | Keeps safety messaging truthful |\n\n---\n\n## Security Notes\n\n\u003e **This app is a delivery probability aid, not a guaranteed emergency communication system.**\n\n- Messages may not arrive if no relay path exists or all devices are off\n- Forward secrecy is **not** provided in v1.0 (HPKE single-shot; not ratcheting)\n- Metadata is not anonymous — message size, priority, and timestamps are visible to relays\n- GPS requires clear sky and a recent fix; indoors it may be unavailable\n- Cancellation does not guarantee removal from already-relayed copies\n\nThe v2.0.0-rc1 design closes the known implementation-contract blockers, but it is\nnot production certification. **External cryptographic/protocol review, Android\ndevice and soak evidence, privacy/legal review, field exercises, and every required\ngo-live signature remain mandatory before stable release.** See\n[`docs/20-security-verification-plan.md`](docs/20-security-verification-plan.md) and\n[`docs/22-go-live-checklist.md`](docs/22-go-live-checklist.md).\n\n**Forbidden marketing claims:** \"guaranteed delivery\", \"real-time without networks\", \"completely anonymous\", \"unhackable\", \"official emergency response\", \"equal to Signal\", \"zero battery impact\".\n\n---\n\n## Normative Source Order\n\nWhen files disagree, implementation follows this order:\n\n1. `spec/` wire and CDDL contracts\n2. `contracts/state_codes.toml` and `contracts/protocol_constants.toml`\n3. `schemas/sqlite_v1.sql`\n4. Numbered `docs/` and `docs/dependency-review.md`\n5. `SECURITY.md`, `SUPPORT.md`, `policies/`, and `release/`\n6. `prompts/` and historical material in `archive/`\n\nProtocol, database, or persisted-state changes must update the ADR, machine-readable\ncontract, and test-vector requirements together in one pull request.\n\n---\n\n## Contributing\n\nThis project is in the design phase. All protocol changes require:\n\n- Updated CDDL schema in `spec/`\n- Updated machine-readable state/constants and SQLite invariants where applicable\n- Updated test vectors in `test-vectors/`\n- ADR amendment or new ADR if the decision is architectural\n- Updated `IMPLEMENTATION_CHECKLIST.md` completion gates\n\nSee [`docs/13-development-goals.md`](docs/13-development-goals.md) for the full implementation guide.\n\n1. Fork the repository\n2. Review the [specification](docs/) and [implementation checklist](IMPLEMENTATION_CHECKLIST.md)\n3. Pick a goal from [`docs/13-development-goals.md`](docs/13-development-goals.md)\n4. Open a pull request referencing the relevant requirement IDs\n\n---\n\n## License\n\nCopyright 2026 The DisasterMesh Authors\n\nLicensed under the [Apache License 2.0](LICENSE).\n\n\u003e Protocol and security properties may change before stable v1.0. See [`docs/14-known-limitations.md`](docs/14-known-limitations.md) for the complete list of limitations and [`docs/06-security-and-threat-model.md`](docs/06-security-and-threat-model.md) for the full release gate requirements.\n\n---\n\n\u003cdiv align=\"center\"\u003e\n\u003csub\u003e\nBLE Service UUID: \u003ccode\u003e6f1d0001-8f6b-4d5b-9c61-57c43d4d4d31\u003c/code\u003e \u0026nbsp;·\u0026nbsp;\nAndroid API 26+ \u0026nbsp;·\u0026nbsp; Rust 2024 Edition \u0026nbsp;·\u0026nbsp; Apache 2.0\n\u003c/sub\u003e\n\u003c/div\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjeiel85%2Fdisaster-mesh","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjeiel85%2Fdisaster-mesh","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjeiel85%2Fdisaster-mesh/lists"}