{"id":39081762,"url":"https://github.com/rokoss21/enigmo","last_synced_at":"2026-01-17T18:31:01.433Z","repository":{"id":310694111,"uuid":"1040773354","full_name":"rokoss21/enigmo","owner":"rokoss21","description":"   🔐 Privacy-first messaging platform with end-to-end encryption. Flutter client + Dart server. Ed25519/X25519 cryptography, WebSocket real-time communication, zero-knowledge architecture.","archived":false,"fork":false,"pushed_at":"2025-09-05T16:41:55.000Z","size":665,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-09-05T18:40:31.018Z","etag":null,"topics":["cross-platform","cryptography","dart","e2ee","encryption","flutter","messaging","mobile-app","monorepo","privacy","real-time","security","websocket","zero-knowledge"],"latest_commit_sha":null,"homepage":"","language":"Dart","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rokoss21.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-08-19T13:40:09.000Z","updated_at":"2025-09-05T16:41:59.000Z","dependencies_parsed_at":"2025-08-19T18:35:15.643Z","dependency_job_id":"f06cf55b-a726-4585-ac40-ae27fd78ab09","html_url":"https://github.com/rokoss21/enigmo","commit_stats":null,"previous_names":["rokoss21/emigmo"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/rokoss21/enigmo","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rokoss21%2Fenigmo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rokoss21%2Fenigmo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rokoss21%2Fenigmo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rokoss21%2Fenigmo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rokoss21","download_url":"https://codeload.github.com/rokoss21/enigmo/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rokoss21%2Fenigmo/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28515739,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-17T18:28:00.501Z","status":"ssl_error","status_checked_at":"2026-01-17T18:28:00.150Z","response_time":85,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cross-platform","cryptography","dart","e2ee","encryption","flutter","messaging","mobile-app","monorepo","privacy","real-time","security","websocket","zero-knowledge"],"created_at":"2026-01-17T18:31:00.700Z","updated_at":"2026-01-17T18:31:01.239Z","avatar_url":"https://github.com/rokoss21.png","language":"Dart","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n\n# 🔐 Enigmo\n\n**Enterprise-Grade Secure Messaging Platform**\n\n*Privacy-first, end-to-end encrypted messaging designed for the modern world*\n\n[![Flutter](https://img.shields.io/badge/Flutter-02569B?style=for-the-badge\u0026logo=flutter\u0026logoColor=white)](https://flutter.dev)\n[![Dart](https://img.shields.io/badge/Dart-0175C2?style=for-the-badge\u0026logo=dart\u0026logoColor=white)](https://dart.dev)\n[![License](https://img.shields.io/github/license/rokoss21/enigmo?style=for-the-badge)](LICENSE)\n[![Build Status](https://img.shields.io/github/workflow/status/rokoss21/enigmo/CI?style=for-the-badge)](https://github.com/rokoss21/enigmo/actions)\n[![Security](https://img.shields.io/badge/Security-E2EE-green?style=for-the-badge\u0026logo=shield\u0026logoColor=white)]()\n[![Platform](https://img.shields.io/badge/Platform-iOS%20%7C%20Android%20%7C%20Web-blue?style=for-the-badge)]()\n\n[🚀 Quick Start](#quick-start) • [📖 Documentation](#architecture-overview) • [🔧 Development](#local-development) • [🛣️ Roadmap](#roadmap) • [🤝 Contributing](#contributing)\n\n---\n\n\u003c/div\u003e\n\n## 🌟 Key Features\n\n\u003ctable\u003e\n\u003ctr\u003e\n\u003ctd width=\"50%\"\u003e\n\n### 🔒 **Zero-Knowledge Security**\n- **Ed25519** digital signatures for identity\n- **X25519** ECDH for perfect forward secrecy\n- **AEAD** encryption with authenticated data\n- **Client-side** key generation and storage\n- **Zero-trust** server architecture\n\n\u003c/td\u003e\n\u003ctd width=\"50%\"\u003e\n\n### ⚡ **Real-Time Performance**\n- **WebSocket** for instant messaging\n- **Low-latency** message routing\n- **Minimal** server footprint\n- **Mobile-optimized** architecture\n- **Battery-efficient** design\n\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\n\n### 📱 **Cross-Platform Native**\n- **Flutter** for iOS, Android, Web\n- **Native performance** on all platforms\n- **Consistent UI/UX** across devices\n- **Offline-first** capabilities\n- **Progressive Web App** support\n\n\u003c/td\u003e\n\u003ctd\u003e\n\n### 🏗️ **Production-Ready**\n- **Monorepo** structure for easy maintenance\n- **Comprehensive** test coverage\n- **Docker** containerization\n- **Scalable** server architecture\n- **Enterprise** deployment ready\n\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/table\u003e\n\n## 🏗️ Architecture Overview\n\n\u003cdiv align=\"center\"\u003e\n\n*Enigmo follows a zero-trust architecture where the server never has access to plaintext messages*\n\n\u003c/div\u003e\n\n### 📦 **Monorepo Structure**\n\n```\n📁 enigmo/\n├── 📱 enigmo_app/          # Flutter Mobile \u0026 Web Client\n│   ├── lib/models/         # Data models and entities\n│   ├── lib/services/       # Business logic \u0026 crypto engine\n│   ├── lib/screens/        # UI screens and widgets\n│   └── test/              # Comprehensive test suite\n└── 🖥️ enigmo_server/       # Lightweight Dart Server\n    ├── bin/               # Server entrypoint\n    ├── lib/services/      # User management \u0026 routing\n    └── test/             # Server-side tests\n```\n\n### 🔄 **Component Responsibilities**\n\n\u003ctable\u003e\n\u003ctr\u003e\n\u003cth width=\"50%\"\u003e📱 Client (Flutter App)\u003c/th\u003e\n\u003cth width=\"50%\"\u003e🖥️ Server (Dart Backend)\u003c/th\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\n\n- **🔑 Key Management**: Ed25519 identity generation\n- **🔐 Encryption**: X25519 ECDH + AEAD encryption  \n- **✍️ Signing**: Message authenticity with Ed25519\n- **💾 Storage**: Secure local key storage\n- **🌐 Communication**: WebSocket + REST API\n- **🔄 State Management**: Real-time UI updates\n\n\u003c/td\u003e\n\u003ctd\u003e\n\n- **👥 User Directory**: Public key management\n- **📨 Message Routing**: Zero-knowledge forwarding\n- **🔌 WebSocket Handling**: Real-time connections\n- **📊 Health Monitoring**: `/api/health`, `/api/stats`\n- **🔒 Session Management**: Connection state tracking\n- **⚖️ Load Balancing**: Stateless horizontal scaling\n\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/table\u003e\n\n### 🔐 **Security Protocol Flow**\n\n1. **🎯 Bootstrap**: Clients publish Ed25519/X25519 public keys\n2. **🤝 Key Exchange**: X25519 ECDH derives shared session secrets\n3. **📝 Message Encryption**: AEAD with nonce + MAC authentication\n4. **✅ Digital Signing**: Ed25519 signature for message integrity\n5. **📡 Zero-Knowledge Routing**: Server forwards without decryption\n\n### 🏗️ **System Architecture Diagram**\n\n\u003ctable\u003e\n\u003ctr\u003e\n\u003ctd width=\"45%\" align=\"center\"\u003e\n\n**📱 ENIGMO FLUTTER APP**\n\n\u003c/td\u003e\n\u003ctd width=\"10%\" align=\"center\"\u003e\n\n**🔄 COMMUNICATION**\n\n\u003c/td\u003e\n\u003ctd width=\"45%\" align=\"center\"\u003e\n\n**🖥️ ENIGMO DART SERVER**\n\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd valign=\"top\"\u003e\n\n```\n┌─────────────────────────┐\n│    🎨 UI/UX Layer       │\n└─────────┬───────────────┘\n          │\n┌─────────▼───────────────┐\n│   ⚙️ Services Layer     │\n└─────────┬───────────────┘\n          │\n┌─────────▼───────────────┐\n│   🔐 Crypto Engine      │ ← Core\n└─────────┬───────────────┘\n          │\n┌─────────▼───────────────┐\n│   💾 Secure Storage     │\n└─────────────────────────┘\n```\n\n**Key Responsibilities:**\n- 🔑 Key generation \u0026 management\n- 🔐 Message encryption/decryption\n- ✍️ Digital signature creation\n- 💾 Secure local storage\n- 🎨 Real-time UI updates\n\n\u003c/td\u003e\n\u003ctd align=\"center\" valign=\"middle\"\u003e\n\n**🔌 WebSocket**  \n*(E2EE Messages)*\n\n**⬇️**\n\n**🌐 REST API**  \n*(HTTPS)*\n\n**⬇️**\n\n**🔒 Zero-Knowledge**  \n*Server never sees plaintext*\n\n\u003c/td\u003e\n\u003ctd valign=\"top\"\u003e\n\n```\n┌─────────────────────────┐\n│  🔌 WebSocket Handler   │\n└─────────┬───────┬───────┘\n          │       │\n┌─────────▼───────▼───────┐\n│   👥 User Manager       │\n│   📨 Message Router     │ ← Core\n└─────────┬───────────────┘\n          │\n┌─────────▼───────────────┐\n│    🌐 REST API          │\n└─────────────────────────┘\n```\n\n**Key Responsibilities:**\n- 👥 Public key directory\n- 📨 Zero-knowledge forwarding\n- 🔌 Real-time connections\n- 📊 Health monitoring\n- ⚖️ Horizontal scaling\n\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/table\u003e\n\n### Client State Lifecycle\n\nThe client application manages its connection to the WebSocket server through a simple state machine to ensure robust real-time communication.\n\n```mermaid\nstateDiagram-v2\n    [*] --\u003e Disconnected\n    Disconnected --\u003e Connecting: user.login()\n    Connecting --\u003e Connected: WebSocket.onOpen\n    Connecting --\u003e Disconnected: WebSocket.onError\n    Connected --\u003e Authenticating: sendAuth(credentials)\n    Authenticating --\u003e Online: server.authSuccess\n    Authenticating --\u003e Connected: server.authFailure\n    Online --\u003e Disconnected: user.logout() / connectionLost\n    Connected --\u003e Disconnected: connectionLost\n```\n\n---\n\n## 🛡️ Security Model\n\n\u003cdiv align=\"center\"\u003e\n\n*Built with defense-in-depth principles and modern cryptographic standards*\n\n\u003c/div\u003e\n\n| Security Layer | Implementation | Status |\n|---|---|---|\n| **🔑 Identity** | Ed25519 keypairs with optional key pinning | ✅ Implemented |\n| **🤝 Key Agreement** | X25519 ECDH for perfect forward secrecy | ✅ Implemented |\n| **🔒 Encryption** | ChaCha20-Poly1305 AEAD (nonce + MAC) | ✅ Implemented |\n| **✍️ Authentication** | Ed25519 digital signatures | ✅ Implemented |\n| **🔄 Replay Protection** | Cryptographic nonces + monotonic counters | ✅ Implemented |\n| **🏃‍♂️ Forward Secrecy** | Double-ratchet key rotation | 🚧 Roadmap |\n| **🔐 Post-Quantum** | Kyber/Dilithium hybrid | 🚧 Research |\n\n### 🎯 **Security Guarantees**\n\n- **End-to-End Encryption**: Only sender and recipient can read messages\n- **Perfect Forward Secrecy**: Past messages remain secure if keys are compromised\n- **Message Authenticity**: Cryptographic proof of sender identity\n- **Replay Protection**: Each message can only be delivered once\n- **Zero-Knowledge Server**: Server cannot decrypt or read message content\n- **Deniable Authentication**: Recipients can verify, but can't prove to third parties\n\n---\n\n## Data Model (simplified)\n\nClient model `EncryptedMessage` (see `enigmo_app/lib/services/crypto_engine.dart`):\n```dart\nclass EncryptedMessage {\n  final String encryptedData; // base64(cipherText)\n  final String nonce;         // base64(nonce)\n  final String mac;           // base64(auth tag)\n  final String signature;     // base64(Ed25519 over cipherText)\n}\n```\n\nServer routes (see `enigmo_server/bin/anongram_server.dart`):\n- `GET /api/health` — server status\n- `GET /api/stats` — server, user, message counters\n- `GET /ws` — WebSocket for real‑time messaging\n\n---\n\n## Cryptographic Flow\n\nThis diagram illustrates the end-to-end encrypted message exchange between two clients, Alice and Bob, mediated by the Enigmo server.\n\n```mermaid\nsequenceDiagram\n    participant Alice as Alice's Client\n    participant Server as Enigmo Server\n    participant Bob as Bob's Client\n\n    Alice-\u003e\u003e+Server: Publish Public Keys (Ed25519, X25519)\n    Server--\u003e\u003e-Alice: OK\n\n    Bob-\u003e\u003e+Server: Publish Public Keys (Ed25519, X25519)\n    Server--\u003e\u003e-Bob: OK\n\n    Alice-\u003e\u003eServer: Fetch Bob's Public Keys\n    Server-\u003e\u003eAlice: Bob's Keys\n\n    Note over Alice, Bob: Alice now has Bob's keys and can derive a shared secret.\n\n    Alice-\u003e\u003eAlice: Derive Shared Secret (X25519)\n    Alice-\u003e\u003eAlice: Encrypt \u0026 Sign Message\n\n    Alice-\u003e\u003e+Server: Send E2EE Message for Bob\n    Server-\u003e\u003e+Bob: Forward E2EE Message\n    Server--\u003e\u003e-Alice: Delivered (Ack)\n\n    Bob-\u003e\u003eBob: Verify Signature (Ed25519)\n    Bob-\u003e\u003eBob: Derive Shared Secret (X25519)\n    Bob-\u003e\u003eBob: Decrypt Message\n    Bob--\u003e\u003e-Server: OK (Ack)\n```\n\n### Detailed Pseudocode\n\nHere is a more granular breakdown of the cryptographic operations.\n\n**1. Key Agreement (ECDH)**\n\nExecuted once per peer session to establish a symmetric encryption key.\n\n```rust\n// Alice wants to talk to Bob\n// 1. Alice fetches Bob's public X25519 key from the server.\n// 2. Alice uses her private X25519 key and Bob's public key.\n\nfunction derive_shared_key(my_private_key: X25519_Priv, their_public_key: X25519_Pub) -\u003e [u8; 32] {\n    // Perform Elliptic Curve Diffie-Hellman\n    let shared_secret = X25519(my_private_key, their_public_key);\n\n    // Use a Key Derivation Function (e.g., HKDF-SHA256) for cryptographic hygiene\n    // The context string prevents key reuse across different domains (e.g., attachments vs. messages).\n    let context = \"enigmo-e2ee-message-v1\";\n    let session_key = HKDF_SHA256(shared_secret, salt=null, info=context);\n    return session_key;\n}\n```\n\n**2. Sending a Message**\n\nAlice encrypts and signs a message for Bob.\n\n```javascript\n// 1. Derive the key for this session\nconst sessionKey = derive_shared_key(alice.x25519_priv, bob.x25519_pub);\n\n// 2. Prepare the message and associated data\nconst plaintext = \"Hello, Bob!\";\nconst associated_data = JSON.stringify({ sender: alice.id, timestamp: Date.now() });\n\n// 3. Encrypt using an Authenticated Encryption with Associated Data (AEAD) cipher\nconst nonce = crypto.randomBytes(24); // Must be unique for each message with the same key\nconst { ciphertext, mac } = AEAD_Encrypt(sessionKey, nonce, plaintext, associated_data);\n\n// 4. Sign the *ciphertext* with long-term identity key to prevent tampering\nconst signature = Ed25519_Sign(alice.ed25519_priv, ciphertext);\n\n// 5. Construct the final payload for the server\nconst payload = {\n  recipient: bob.id,\n  message: {\n    encryptedData: Base64.encode(ciphertext),\n    nonce: Base64.encode(nonce),\n    mac: Base64.encode(mac),\n    signature: Base64.encode(signature)\n  }\n};\n\n// 6. Send to server, which routes based on 'recipient'\nwebsocket.send(JSON.stringify(payload));\n```\n\n**3. Receiving a Message**\n\nBob receives the payload from the server and decrypts it.\n\n```javascript\n// 1. Parse the incoming payload\nconst payload = JSON.parse(event.data);\nconst message = payload.message;\nconst senderId = payload.sender; // Server injects this\n\n// 2. Fetch sender's public keys from local cache or server\nconst alice = get_user_keys(senderId);\n\n// 3. Verify the signature on the ciphertext first\nconst is_valid_signature = Ed25519_Verify(\n    alice.ed25519_pub,\n    Base64.decode(message.encryptedData),\n    Base64.decode(message.signature)\n);\nif (!is_valid_signature) { throw new Error(\"Invalid signature! Message tampered.\"); }\n\n// 4. If signature is valid, derive the same session key\nconst sessionKey = derive_shared_key(bob.x25519_priv, alice.x25519_pub);\n\n// 5. Decrypt the message\nconst associated_data = JSON.stringify({ sender: senderId, timestamp: payload.timestamp });\nconst plaintext = AEAD_Decrypt(\n    sessionKey,\n    Base64.decode(message.nonce),\n    Base64.decode(message.encryptedData),\n    Base64.decode(message.mac),\n    associated_data\n);\n\nif (plaintext === null) { throw new Error(\"Decryption failed! MAC mismatch.\"); }\n\n// 6. Render the plaintext message\nconsole.log(\"New message:\", plaintext);\n```\n\n**4. Server-Side Routing (Simplified)**\n\nThe server's role is to act as a secure routing fabric. It never decrypts message content.\n\n```go\n// High-level server logic for the WebSocket handler\n\n// In-memory map to track active user connections\n// In a production system, this would be backed by Redis or a similar store.\nvar active_connections = make(map[UserID]WebSocketConnection)\n\nfunc WebSocketHandler(ws: WebSocketConnection) {\n    // 1. Authenticate the connection\n    // The client sends a token or public key to identify itself.\n    user_id, err := Authenticate(ws)\n    if err != nil {\n        ws.Close(\"Authentication failed\")\n        return\n    }\n\n    // 2. Register the user's connection\n    active_connections[user_id] = ws\n    log.Printf(\"User %s connected\", user_id)\n\n    // 3. Enter the message routing loop\n    for {\n        message, err := ws.ReadMessage()\n        if err != nil {\n            // Connection closed or error\n            delete(active_connections, user_id)\n            log.Printf(\"User %s disconnected\", user_id)\n            break\n        }\n\n        // 4. Parse the outer envelope to find the recipient\n        // The server only reads metadata, not the encrypted 'message' object.\n        envelope, err := ParseEnvelope(message)\n        if err != nil {\n            ws.SendMessage(\"{\"error\": \"Invalid envelope\"}\")\n            continue\n        }\n\n        // 5. Look up the recipient's connection\n        recipient_ws, found := active_connections[envelope.RecipientID]\n        if !found {\n            // Handle offline recipient (e.g., store for later delivery - see roadmap)\n            ws.SendMessage(\"{\"error\": \"Recipient offline\"}\")\n            continue\n        }\n\n        // 6. Forward the *original, encrypted* message payload\n        // The server injects the sender's ID for the recipient's convenience.\n        forward_payload = AddSenderID(message, user_id)\n        err = recipient_ws.SendMessage(forward_payload)\n        if err != nil {\n            log.Printf(\"Failed to forward message to %s\", envelope.RecipientID)\n        }\n    }\n}\n```\n\n---\n\n## 🚀 Quick Start\n\n\u003cdiv align=\"center\"\u003e\n\n*Get Enigmo running in under 5 minutes*\n\n\u003c/div\u003e\n\n### 📋 **Prerequisites**\n\n- **Flutter SDK** (stable channel) - [Install Guide](https://flutter.dev/docs/get-started/install)\n- **Dart SDK** (included with Flutter)\n- **Development Environment**: VS Code, Android Studio, or Xcode\n- **Platform Tools**: iOS/Android toolchains per [Flutter docs](https://flutter.dev/docs/get-started/install)\n\n### ⚡ **One-Command Setup**\n\n```bash\n# Clone and setup everything\ngit clone https://github.com/rokoss21/enigmo.git\ncd enigmo\n\n# Install all dependencies\nmake setup  # or run the commands below manually\n```\n\n\u003cdetails\u003e\n\u003csummary\u003e📖 Manual Setup (click to expand)\u003c/summary\u003e\n\n```bash\n# Server dependencies\ncd enigmo_server\ndart pub get\n\n# App dependencies  \ncd ../enigmo_app\nflutter pub get\nflutter pub run build_runner build  # Generate code if needed\n```\n\n\u003c/details\u003e\n\n### 🎯 **Development Workflow**\n\n\u003ctable\u003e\n\u003ctr\u003e\n\u003ctd width=\"50%\"\u003e\n\n#### 🖥️ **Start Server**\n```bash\ncd enigmo_server\n\n# Development mode with hot reload\ndart run bin/anongram_server.dart \\\n  --host localhost \\\n  --port 8080 \\\n  --debug\n```\n\n#### 📊 **Monitor Server**\n- Health: http://localhost:8080/api/health\n- Stats: http://localhost:8080/api/stats\n- WebSocket: ws://localhost:8080/ws\n\n\u003c/td\u003e\n\u003ctd width=\"50%\"\u003e\n\n#### 📱 **Start Mobile App**\n```bash\ncd enigmo_app\n\n# iOS Simulator\nflutter run -d ios\n\n# Android Emulator\nflutter run -d android\n\n# Web Browser\nflutter run -d web\n```\n\n#### 🔧 **Development Tools**\n```bash\n# Hot reload code\nr\n\n# Hot restart app\nR\n\n# Open DevTools\nflutter pub global run devtools\n```\n\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/table\u003e\n\n### 🧪 **Testing \u0026 Quality**\n\n```bash\n# Run all tests\nmake test\n\n# Or manually:\ncd enigmo_server \u0026\u0026 dart test --coverage\ncd ../enigmo_app \u0026\u0026 flutter test --coverage\n\n# Code formatting\ndart format .\nflutter format .\n\n# Static analysis\ndart analyze\nflutter analyze\n```\n\n### 📦 **Production Builds**\n\n\u003ctable\u003e\n\u003ctr\u003e\n\u003cth\u003ePlatform\u003c/th\u003e\n\u003cth\u003eCommand\u003c/th\u003e\n\u003cth\u003eOutput\u003c/th\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e🤖 **Android**\u003c/td\u003e\n\u003ctd\u003e\u003ccode\u003eflutter build appbundle --release\u003c/code\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ccode\u003ebuild/app/outputs/bundle/release/\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e🍎 **iOS**\u003c/td\u003e\n\u003ctd\u003e\u003ccode\u003eflutter build ios --release\u003c/code\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ccode\u003ebuild/ios/iphoneos/\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e🌐 **Web**\u003c/td\u003e\n\u003ctd\u003e\u003ccode\u003eflutter build web --release\u003c/code\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ccode\u003ebuild/web/\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e🖥️ **Server**\u003c/td\u003e\n\u003ctd\u003e\u003ccode\u003edart compile exe bin/anongram_server.dart\u003c/code\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ccode\u003ebin/anongram_server.exe\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/table\u003e\n\n---\n\n## 📁 Project Structure\n\n\u003cdetails\u003e\n\u003csummary\u003e🗂️ \u003cstrong\u003eDetailed File Structure\u003c/strong\u003e (click to expand)\u003c/summary\u003e\n\n```\n📁 enigmo/                          # Root monorepo\n├── 📄 README.md                    # This file\n├── 📄 Makefile                     # Build automation\n├── 📄 docker-compose.yml           # Development environment\n├── 📄 .github/                     # CI/CD workflows\n│   └── workflows/\n│       ├── ci.yml                  # Continuous Integration\n│       └── security.yml            # Security scanning\n│\n├── 📱 enigmo_app/                  # Flutter Mobile \u0026 Web Client\n│   ├── 📄 pubspec.yaml            # Dependencies and metadata\n│   ├── 📁 lib/\n│   │   ├── 📄 main.dart           # Application entry point\n│   │   ├── 📁 models/             # Data models\n│   │   │   ├── message.dart       # Message data structure\n│   │   │   ├── user.dart          # User identity model\n│   │   │   └── chat.dart          # Chat conversation model\n│   │   ├── 📁 services/           # Business logic layer\n│   │   │   ├── 🔐 crypto_engine.dart    # E2EE cryptographic operations\n│   │   │   ├── 🔑 key_manager.dart      # Key storage and management\n│   │   │   ├── 🌐 network_service.dart  # WebSocket \u0026 REST client\n│   │   │   └── 💾 storage_service.dart  # Local data persistence\n│   │   ├── 📁 screens/            # User interface screens\n│   │   │   ├── chat_screen.dart   # Individual chat interface\n│   │   │   ├── chat_list_screen.dart # Chat list overview\n│   │   │   └── settings_screen.dart # App configuration\n│   │   └── 📁 widgets/            # Reusable UI components\n│   ├── 📁 test/                   # Test suites\n│   │   ├── unit/                  # Unit tests\n│   │   ├── widget/                # Widget tests  \n│   │   └── integration/           # E2E integration tests\n│   ├── 📁 android/                # Android platform code\n│   ├── 📁 ios/                    # iOS platform code\n│   └── 📁 web/                    # Web platform code\n│\n└── 🖥️ enigmo_server/              # Lightweight Dart Server\n    ├── 📄 pubspec.yaml           # Server dependencies\n    ├── 📁 bin/\n    │   └── 📄 anongram_server.dart # Server entry point\n    ├── 📁 lib/\n    │   ├── 📁 models/             # Server data models\n    │   │   ├── user.dart          # Server-side user model\n    │   │   └── message.dart       # Message routing model\n    │   ├── 📁 services/           # Server business logic\n    │   │   ├── 👥 user_manager.dart     # User directory management\n    │   │   ├── 📨 message_manager.dart  # Message routing logic\n    │   │   ├── 🔌 websocket_handler.dart # Real-time communication\n    │   │   └── 🔐 auth_service.dart     # Authentication handling\n    │   └── 📁 utils/              # Utility functions\n    │       └── 📝 logger.dart           # Structured logging\n    ├── 📁 test/                   # Server test suites\n    │   ├── unit/                  # Server unit tests\n    │   └── integration/           # Server integration tests\n    └── 📄 Dockerfile             # Container deployment\n```\n\n\u003c/details\u003e\n\n### 🎯 **Key Components**\n\n| Component | File | Purpose |\n|---|---|---|\n| **🔐 Crypto Engine** | `enigmo_app/lib/services/crypto_engine.dart` | Ed25519/X25519 operations, AEAD encryption |\n| **🌐 Network Service** | `enigmo_app/lib/services/network_service.dart` | WebSocket client, REST API calls |\n| **🔑 Key Manager** | `enigmo_app/lib/services/key_manager.dart` | Secure key storage and retrieval |\n| **🖥️ Server Main** | `enigmo_server/bin/anongram_server.dart` | HTTP server and WebSocket handler |\n| **👥 User Manager** | `enigmo_server/lib/services/user_manager.dart` | Public key directory and user sessions |\n| **📨 Message Router** | `enigmo_server/lib/services/message_manager.dart` | Zero-knowledge message forwarding |\n\n---\n\n## 🛣️ Roadmap\n\n\u003cdiv align=\"center\"\u003e\n\n*Building the future of secure communication*\n\n\u003c/div\u003e\n\n### 🎯 **Phase 1: Foundation** (Q3-Q4 2025)\n\n- [x] **Core E2EE Implementation** - Ed25519/X25519 cryptography\n- [x] **Flutter Mobile Apps** - iOS and Android clients\n- [x] **WebSocket Server** - Real-time message routing\n- [x] **Comprehensive Testing** - Unit, widget, and integration tests\n- [ ] **🔐 Key Pinning \u0026 TOFU** - Trust-on-first-use security model\n- [ ] **📱 UI/UX Polish** - Accessibility and user experience improvements\n- [ ] **📊 Telemetry Framework** - Opt-in analytics and crash reporting\n\n### 🚀 **Phase 2: Resilience** (Q1 2026)\n\n- [ ] **📤 Offline Message Queue** - Store and forward when disconnected\n- [ ] **🔄 Smart Retry Logic** - Exponential backoff with jitter\n- [ ] **📎 Encrypted Attachments** - Files, images, and media sharing\n- [ ] **🌐 Progressive Web App** - Full-featured web client\n- [ ] **🏥 Health Monitoring** - Advanced server observability\n- [ ] **🔒 Message Deletion** - Secure message expiration\n\n### 🏢 **Phase 3: Enterprise** (Q2 2026)\n\n- [ ] **🏃‍♂️ Perfect Forward Secrecy** - Double-ratchet key rotation\n- [ ] **📱 Multi-Device Sync** - Per-device key management\n- [ ] **👥 Group Messaging** - Encrypted group conversations\n- [ ] **☁️ Encrypted Backups** - Secure key recovery system\n- [ ] **📈 OpenTelemetry** - Enterprise observability stack\n- [ ] **🗄️ Database Integration** - PostgreSQL, Redis support\n\n### 🎬 **Phase 4: Rich Media** (Q3 2026)\n\n- [ ] **🎥 Voice \u0026 Video Calls** - WebRTC P2P communication\n- [ ] **📞 Call Signaling** - Secure call setup over WebSocket\n- [ ] **🎬 Screen Sharing** - Encrypted screen collaboration\n- [ ] **🎙️ Voice Messages** - Encrypted audio messaging\n- [ ] **📹 Video Messages** - Short-form video sharing\n- [ ] **🔐 Media Encryption** - E2EE for all multimedia content\n\n### 🔬 **Phase 5: Advanced Security** (Q4 2026)\n\n- [ ] **🛡️ Post-Quantum Crypto** - Kyber/Dilithium hybrid schemes\n- [ ] **🕵️ Metadata Protection** - Traffic analysis resistance\n- [ ] **🔍 Zero-Knowledge Proofs** - Advanced privacy primitives\n- [ ] **🌍 Decentralized Architecture** - P2P mesh networking\n- [ ] **🔐 Hardware Security** - HSM and secure enclave integration\n- [ ] **🤖 AI Safety Tools** - Content moderation without plaintext access\n\n\u003cdiv align=\"center\"\u003e\n\n### 🎯 **Want to contribute to the roadmap?**\n\n[📝 Suggest Feature](https://github.com/rokoss21/enigmo/issues/new?template=feature_request.md) • [🐛 Report Bug](https://github.com/rokoss21/enigmo/issues/new?template=bug_report.md) • [💬 Join Discussion](https://github.com/rokoss21/enigmo/discussions)\n\n\u003c/div\u003e\n\n---\n\n## 🧪 Quality \u0026 Security Assurance\n\n\u003cdiv align=\"center\"\u003e\n\n*Security and code quality are not afterthoughts—they're built into every line of code*\n\n\u003c/div\u003e\n\n### 🔍 **Code Quality Standards**\n\n- **📊 Test Coverage**: \u003e90% code coverage across all modules\n- **🔧 Static Analysis**: Dart analyzer with strict lint rules\n- **📝 Code Formatting**: Automated formatting with `dart format`\n- **📚 Documentation**: Comprehensive inline code documentation\n- **🔒 Security Scanning**: Automated vulnerability scanning\n- **⚡ Performance**: Regular benchmarking and profiling\n\n### 🛡️ **Security Practices**\n\n- **🎯 Threat Modeling**: Documented attack vectors and mitigations\n- **🔐 Security Reviews**: Peer review for all cryptographic code\n- **🧪 Penetration Testing**: Regular security audits\n- **📋 Security Checklist**: OWASP Mobile Security Guidelines\n- **🔄 Dependency Scanning**: Automated vulnerability detection\n- **📊 Security Metrics**: Tracked security KPIs and incidents\n\n---\n\n## 🤝 Contributing\n\n\u003cdiv align=\"center\"\u003e\n\n*We welcome contributions from developers, security researchers, and privacy advocates*\n\n\u003c/div\u003e\n\n### 🚀 **Quick Contribution Guide**\n\n1. **🍴 Fork** the repository\n2. **🌟 Create** a feature branch (`git checkout -b feature/amazing-feature`)\n3. **✅ Test** your changes thoroughly\n4. **📝 Commit** with conventional commits (`git commit -m 'feat: add amazing feature'`)\n5. **🚀 Push** to your branch (`git push origin feature/amazing-feature`)\n6. **📬 Open** a Pull Request\n\n### 📋 **Contribution Guidelines**\n\n- **🧪 Include Tests**: All new features must include comprehensive tests\n- **📚 Update Documentation**: Keep README and code comments current\n- **🔒 Security First**: Follow secure coding practices\n- **📝 Conventional Commits**: Use semantic commit messages\n- **🎨 Code Style**: Follow project formatting and lint rules\n- **💬 Be Respectful**: Follow our Code of Conduct\n\n### 🎯 **Areas We Need Help With**\n\n- **🔐 Cryptography Review**: Security audit and implementation review\n- **🌐 Internationalization**: Multi-language support\n- **♿ Accessibility**: Making the app usable for everyone\n- **📱 Platform Features**: Platform-specific optimizations\n- **📚 Documentation**: Technical writing and tutorials\n- **🎨 UI/UX Design**: User interface improvements\n\n---\n\n## 📄 License\n\n\u003cdiv align=\"center\"\u003e\n\n**Apache License 2.0**\n\n*Open source software that respects your freedom and privacy*\n\n[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)\n\n[📝 View Full License](LICENSE) • [❓ License FAQ](https://www.apache.org/foundation/license-faq.html)\n\n\u003c/div\u003e\n\n---\n\n## 🙏 Acknowledgments\n\n- **Signal Protocol**: Inspiration for our cryptographic design\n- **Flutter Team**: Amazing cross-platform framework\n- **Dart Team**: Excellent server-side language and tooling\n- **Open Source Community**: For making secure communication accessible\n\n---\n\n## 📞 Support \u0026 Contact\n\n\u003cdiv align=\"center\"\u003e\n\n**Need help? Have questions? Found a security issue?**\n\n[📧 Email](mailto:rokoss21@yandex.com) • [💬 Telegram](https://t.me/rokoss21)\n\n\u003c/div\u003e\n\n---\n\n\u003cdiv align=\"center\"\u003e\n\n**Built with ❤️ by [Emil Rokossovskiy](https://github.com/rokoss21)**\n\n*\"Privacy is not about having something to hide. Privacy is about having something to protect.\"*\n\n⭐ **Star this project if you believe in secure, private communication** ⭐\n\n\u003c/div\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frokoss21%2Fenigmo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frokoss21%2Fenigmo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frokoss21%2Fenigmo/lists"}