End-to-end encryption primitives for the Cipher messenger family — X3DH key agreement, Double Ratchet sessions, identity / signed / one-time prekey bundles. TypeScript + libsodium.
🚧 Scaffolding — the npm name cipher-e2ee is reserved at version 0.0.1 (placeholder). The real implementation arrives at 0.1.0 once the crypto code is extracted from Cipher desktop.
The complete client-side cryptographic stack used by every Cipher client (desktop, mobile, future web extension):
- X3DH (Extended Triple Diffie-Hellman) — initial key agreement between two users who have never interacted
- Double Ratchet — per-message forward secrecy and post-compromise security
- Identity / signed / one-time prekey bundles — Signal-style keypair structures
- Session state serialization — persistent ratchet state across app restarts
- Audited libsodium primitives — no in-house cryptography
Cipher desktop and Cipher mobile both consume the same protocol, by design. Maintaining two independent implementations would invite subtle drift and double the review burden for every crypto fix. A shared package locks the API and lets one audit cover both clients.
- Oykdo/cipher — Desktop messenger (Electron / React) — alpha shipping
- Oykdo/cipher-mobile — Mobile messenger (React Native / Expo)
npm install cipher-e2ee(once 0.1.0 lands; the current 0.0.1 is intentionally empty)