Cete/sipher
1
1
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
No description
45 commits 3 branches 0 tags 3 MiB
Find a file
Nixyan d5d7f66f08 feat: enhance social follow functionality and federation integration 
- Added support for following users with optional federation URLs, allowing for cross-server interactions.
- Implemented new endpoints for following and unfollowing users, including payload validation and error handling.
- Introduced federation delivery jobs to handle follow requests across different servers.
- Updated database schema to include references for follower and following server URLs.
- Enhanced URL validation to allow localhost during development while maintaining security checks.
- Refactored existing social endpoints to accommodate new follow logic and improve code organization.
2026-03-16 17:04:50 -03:00
.vscode Restarting the project once again. 2026-03-05 18:52:46 -03:00
drizzle Restarting the project once again. 2026-03-05 18:52:46 -03:00
public/logo feat: added auth page and the whole functionallity surrounding it. 2026-03-06 16:21:42 -03:00
src feat: enhance social follow functionality and federation integration 2026-03-16 17:04:50 -03:00
tests feat: enhance federation key rotation and server discovery functionality 2026-03-12 18:42:52 -03:00
.env.local.example feat: enhance federation key rotation and server discovery functionality 2026-03-12 18:42:52 -03:00
.gitignore feat: added auth page and the whole functionallity surrounding it. 2026-03-06 16:21:42 -03:00
bun.lock feat: enhance federation key rotation and server discovery functionality 2026-03-12 18:42:52 -03:00
components.json feat: added auth page and the whole functionallity surrounding it. 2026-03-06 16:21:42 -03:00
drizzle.config.ts Restarting the project once again. 2026-03-05 18:52:46 -03:00
LICENSE Restarting the project once again. 2026-03-05 18:52:46 -03:00
next.config.ts feat: enhance federation key rotation and server discovery functionality 2026-03-12 18:42:52 -03:00
package-lock.json feat: added auth page and the whole functionallity surrounding it. 2026-03-06 16:21:42 -03:00
package.json feat: enhance federation key rotation and server discovery functionality 2026-03-12 18:42:52 -03:00
playwright.config.ts feat: enhance security and testing for federation routes. Added routes for uploading files to posts and initial logic of handling it client-side. 2026-03-11 11:48:38 -03:00
postcss.config.mjs Restarted the project. 2025-12-03 09:41:21 -03:00
README.md feat: enhance federation key rotation and server discovery functionality 2026-03-12 18:42:52 -03:00
rotateKeys.ts feat: enhance federation key rotation and server discovery functionality 2026-03-12 18:42:52 -03:00
tsconfig.json feat: implement server discovery and key rotation functionality 2026-03-09 21:37:59 -03:00

README.md

SiPher

Silent Whisper — A federated social network built for the modern age.

License Version Status

SiPher is a federated social network. Each server is independent — no central authority, no single point of failure.

Your identity is you@yourserver.com. Your server, your data, your rules.

Roadmap

  • Phase 1 — Core federation. Two servers can follow each other, post, and see each other's posts.
    • — Two servers can follow each other, trust their keys and rotate them.
    • — One server can create posts, have users following each other and dms (unencrypted for now) works.
    • — Two servers can fetch posts, follows and other data from their users, including DMs.
  • Phase 2 — Server trust scoring and a public vouch ledger.
    • — Add a "nuke" endpoint where if a federation loses their old keys and cannot rotate them, it'll nuke everything and make the other federations reset that federation score.
  • Phase 3 — Opt-in relay network for censorship resistance.
  • Phase 4 — End-to-end encryption via TBD.

Instructions

Rotating Federation Keys

Federation identity is tied to two keypairs (Ed25519 for signing, X25519 for encryption). The rotateKeys.ts script walks through every known federation, proves ownership of both the old and new keys via a challenge-response protocol, and updates .env.local when all federations confirm.

You need the old keys in order to run this script, if you lost them, you'll have to use the nuke endpoint. (Yet to be made)

Prerequisites

  • A running database with the server registry populated (at least one peer federation).
  • .env.local with valid FEDERATION_* keys and BETTER_AUTH_URL.

Basic rotation

bun run rotateKeys.ts

The script will:

  1. List all federations in the registry.
  2. Ask for confirmation before proceeding.
  3. For each federation: request a challenge, solve it, and confirm.
  4. On full success: back up .env.local and write the new keys.
  5. On any failure: print a retry command and exit without writing keys.

Retrying after partial failure

If some federations failed while others succeeded, the script prints a ready-to-copy command targeting only the failures:

bun run rotateKeys.ts --resume '<keys-json>' --only '<failed-urls>'
  • --resume <json> — Reuse the new keys from the previous run instead of generating fresh ones (required because successful federations already registered them).
  • --only <urls> — Comma-separated list of federation URLs to retry. Federations not in this list are skipped.

You can also retry all federations with just --resume:

bun run rotateKeys.ts --resume '<keys-json>'

Author

Marcello Brito (Tocka) — tockanest.com

Security

SiPher implements custom federation and cryptographic protocols. I am not a professional cryptographer or security researcher — this system has not been audited and almost certainly contains multiple vulnerabilities I am not aware of.

If you find one, please open an issue or contact me directly at tocka@tockanest.com. Responsible disclosure is appreciated.

Contributions from people with security or cryptography experience are especially welcome, even if just pure criticism.

Do not use SiPher in any context where your physical safety depends on it — not yet.

License

AGPL-3.0