{"id":37174928,"url":"https://github.com/simcap/instantroom","last_synced_at":"2026-01-14T20:26:04.149Z","repository":{"id":31874740,"uuid":"35443041","full_name":"simcap/instantroom","owner":"simcap","description":"Ephemeral private and secured group chat room","archived":false,"fork":false,"pushed_at":"2015-05-27T09:11:42.000Z","size":164,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":4,"default_branch":"master","last_synced_at":"2024-06-21T10:00:55.317Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/simcap.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-05-11T18:47:43.000Z","updated_at":"2020-11-03T09:55:34.000Z","dependencies_parsed_at":"2022-09-11T07:40:12.906Z","dependency_job_id":null,"html_url":"https://github.com/simcap/instantroom","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/simcap/instantroom","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simcap%2Finstantroom","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simcap%2Finstantroom/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simcap%2Finstantroom/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simcap%2Finstantroom/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/simcap","download_url":"https://codeload.github.com/simcap/instantroom/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simcap%2Finstantroom/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28434451,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T18:57:19.464Z","status":"ssl_error","status_checked_at":"2026-01-14T18:52:48.501Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-01-14T20:26:03.471Z","updated_at":"2026-01-14T20:26:04.135Z","avatar_url":"https://github.com/simcap.png","language":"Go","readme":"# InstantRoom\n\nInstantRoom is a simple, private and secure group chat application.\n\nAlthough they are many existing group chat application, InstantRoom is different in that\nit avoids complexity by putting back the responsibility of the security back\ninto the user's hands.\n\nIndeed it is the responsibility of group members to initially transmit the group secret key to other members.\n\nInstantRoom makes that easy with:\n- _a secret key with mini format for easy sharing_\n- _or a secret key as QR code for direct phone to phone sharing_\n\nInstantRoom does not persist any messages on the server nor can it decrypts any messages since the secret key is only\ngenerated and managed from the user's client application side.\n\nInstantRoom abides by the Kerckhoffs's principle:\n\n\u003e _A cryptosystem should be secure even if everything about the system, except the key, is public knowledge_\n\n## Features\n\n- Secret keys have a mini format for easy sharing\n- Secret keys can be displayed as a QR code for phone to phone sharing\n- Rooms auto expire. One can choose a 1 hour room, 1 day room, 1 week room, etc...\n- Messages are only local on the client side. You can chooses to delete some or all of them at anytime\n- The application's code is in the open and inspectable by anyone\n- The server does not store any messages\n- The server cannot decrypt any messages. It only relays them\n- Avoid mpOTR (Multi-party Off-the-Record Messaging) complexity\n\n## Upcoming features\n\n- Local access to secret keys on the client side will be password protected\n- Your own InstantRoom! Executables will be available to install your own InstantRoom server. The client applications will allow to point to any server's url\n\n## Attack scenarios\n\nInstantRoom is based on the secrecy of your private key generated through the _Public Key Infrastructure_. So leaving aside advanced implementation attacks scenario, here is the only way your group chat can be compromised:\n\n- the attacker gets hold of your secret key!\n\nHow?\n\n- if you leave your phone unattended (although in the future the access of the secret key on your phone will be password protected)\n- if you have transmitted the secret key to other members through a potentially insecure channel\n\n## Sharing the secret key\n\nHere would be common way to give the secret key to other members and the associated risk:\n\nMethod | Attack | Risk\n--- | --- | ---\nOrally | being heard by third party | unlikely (as can be easily circumvented)\nDirect contact reading through QR code |  side channel | unlikely (as very elaborate and spottable)\nRemote webcam reading through QR code | insecure channel | possible\n\n## Kerckhoffs's six design principles\n\nWe believe InstantRoom stands by those principles\n\nPrinciples| Status\n---|---\nThe system must be practically, if not mathematically, indecipherable|\u0026#10003;\nIt should not require secrecy, and it should not be a problem if it falls into enemy hands|\u0026#10003;\nIt must be possible to communicate and remember the key without using written notes, and correspondents must be able to change or modify it at will|\u0026#10003;\nIt must be applicable to telegraph communications|\u0026#10003;\nIt must be portable, and should not require several persons to handle or operate|\u0026#10003;\nThe system must be easy to use and should not be stressful to use or require its users to know and comply with a long list of rules|\u0026#10003;\n\n\n##  Technicalities\n\n- Private and public keys are generated through ECDSA P-256\n- The mini private key format is done through the Bitcoin's 30 characters format\n- The encryption is done through AES using the private key as the cypher key. The key size is therefore 256 bits.\n\n\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimcap%2Finstantroom","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsimcap%2Finstantroom","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimcap%2Finstantroom/lists"}