/
Sign up to Software for Progress Foundation!
Already have an account? Sign in
Security

EncryptRoom

A private, end-to-end encrypted terminal chat app with a stateless relay and no server-side message history. Built for people who want simple, shareable, Open Source chat with strong privacy by default.
In: Security

Project Description

EncryptRoom is a free, Open Source terminal chat system designed around one core principle: the relay server should never be trusted with your messages.
Clients encrypt messages locally and send only ciphertext to an untrusted relay, which forwards packets to active participants in the same room and immediately discards them.

There is no message database, no server mailbox, and no replayable message history on the relay. If someone is offline, they miss messages by default, just like a live conversation.

Room access is distributed through invite-enabled binaries. Each OS build includes an embedded invite footer (magic + version + length + payload) that contains the room configuration needed to connect. Invites do not include participant IP addresses, and clients connect outbound to the relay so participants do not expose their IPs to each other.

EncryptRoom uses modern, well-known cryptographic building blocks (X25519, HKDF-SHA256, ChaCha20-Poly1305, HMAC challenge/response) to provide strong confidentiality in a minimal architecture.

Whether you are a developer, activist, nonprofit team, or privacy-conscious group, EncryptRoom provides a practical way to run encrypted real-time chat from the command line without central message storage.

Project Roadmap

EncryptRoom already provides encrypted room chat, password-protected invite handling, relay authentication, and API-based bundle generation. The roadmap focuses on stronger operational security, easier deployment, and better UX at scale.

Current Focus

  • End-to-end encrypted terminal chat (client-side encryption only)
  • Stateless relay (forwards ciphertext only, no persistence)
  • Presence-based messaging (no offline mailbox by default)
  • Password-protected invite flow
  • API-based bundle generation for Windows, macOS, and Linux
  • TLS relay support and production deployment hardening
  • Basic anti-abuse controls (rate limiting)

Planned Features

  • Faster bundle generation pipeline (prebuilt artifacts + invite injection)
  • Better onboarding and CLI UX polish
  • Signed/notarized distribution pipeline options
  • Optional multi-relay topology support
  • Stronger key lifecycle controls for long-lived rooms
  • Expanded security testing and protocol validation

Team

Software for Progress Foundation
This project was developed internally by Software for Progress Foundation as a practical demonstration of privacy-respecting, Open Source software. It’s designed to empower users with tools that protect sensitive data while staying simple and accessible.

🌐 Website: softwareforprogress.org

Great! You’ve successfully signed up.
Welcome back! You've successfully signed in.
You've successfully subscribed to Software for Progress Foundation.
Your link has expired.
Success! Check your email for magic link to sign-in.
Success! Your billing info has been updated.
Your billing was not updated.