NullTrace
Quantum-ready • RAM-only • Zero telemetry
Private rooms. Disposable identities.
Spin up a secure channel, invite with a one-time capsule, and let messages auto-burn.
- 🔐 Post-quantum hybrid keying
- 🕵️ Traffic shaping with chaff & padding
- 🧨 Burn timer • ⚰️ Deadman • One-click wipe
Pending approvals
🧬 Security Engine
🔐 PQ-Hybrid from day one
X25519 + ML-KEM-512 for long-term secrecy and post-quantum resilience.
🆔 Identity-bound pairing
Signed handshake transcript + short SAS check to kill invisible MITM.
🧱 Replay-proof AEAD
XChaCha20-Poly1305 with per-sender sequence & epochs. Strict AAD binds sender/seq/epoch.
🔄 Smart rekey
Initiator-driven rekey on join/leave (debounced). Per-peer sealed GK distribution.
🎫 Access capsules
NT-C1 invites: signed, TTL-locked, size-padded. One-time room tokens at the WS edge.
🕵️ Traffic shaping
Uniform 3–5 KB frames; encrypted chaff runs constantly; server sinks noise.
🛡️ Soft rate limits
Per-class quotas (chat / control / bulk). No rage-disconnects; just gentle back-pressure.
🧠 RAM-only
No persistence, no telemetry. Hardened headers & CSP by default.
🧨 Safety UX
Pending approvals, SAS verify, burn timer, deadman switch, one-tap wipe.
⚙️ How it works
- Host starts a room. Fresh keys; disposable room ID.
- Share an invite capsule. Signed NT-C1, TTL-bound, size-padded (no token inside).
- Guest pastes & confirms. Room + short SAS fingerprints for a quick human check.
- Hybrid handshake. X25519 + ML-KEM derive a shared secret; initiator signs the transcript.
- Host approves. Sends one-shot
ct; rekeys and distributes sealed GK to members. - Chat. AEAD with deterministic nonces; AAD over
{type,cid,seq,epoch}. - Membership changes = new keys. Debounced rekey; guests can
gk_reqto resync. - Traffic gets blended. Frames are padded; encrypted chaff runs; server sinks the noise.
- Clean exit. Burn timer, deadman, wipe. Nothing at rest.