Skip to content

coderguy787/FreeTime

Repository files navigation

FreeTime — Secure Chat Application

FreeTime is an open-source Android chat application with real-time messaging, voice/video calls, group management, and end-to-end encrypted media sharing.

Note: This repository contains the Android client application and server-side backend (sanitized for open source). Production credentials and critical infrastructure secrets are omitted — replace the CHANGE_ME placeholders with your own values.

Features

  • Real-time chat with typing indicators, read receipts, message status
  • Voice & video calls (WebRTC peer-to-peer)
  • Group chat with channels, role-based permissions, and voting
  • Friend system with request/accept flow
  • End-to-end encrypted media sharing (images, video, files)
  • Push notifications (FCM + background polling)
  • Two-factor authentication (TOTP)
  • Admin panel integration

Download

⬇️ FreeTime APK

How It Works

FreeTime requires a backend server to function. The app communicates with a Node.js + Socket.IO backend over HTTPS/WSS:

┌──────────────┐     Socket.IO (polling+WS)    ┌──────────────┐
│   Android    │ ◄──────────────────────────►  │   Backend    │
│    App       │     HTTPS (REST API)           │  (Node.js)   │
└──────────────┘                                └──────┬───────┘
                                                       │
                                              ┌────────┴────────┐
                                              │  Database       │
                                              └─────────────────┘

Self-Hosting

  1. Set up the master server (master-server/) and peer server (peer/) on a Debian/Linux server
  2. Configure both by editing their config/.env files — replace all CHANGE_ME_* placeholders with secure random values
  3. Configure the Android app's server URL via gradle.properties:
    SERVER_HOST=your-domain.com
    SERVER_PORT=443
    PEER_HOST=your-domain.com
    PEER_PORT=9080
  4. Build the app with ./gradlew assembleRelease

See BUILDING.md for detailed build instructions and master-server/README.md for server setup.

App Architecture

Built with MVVM + Repository pattern using Jetpack Compose:

UI (Compose Screens) → ViewModels → Repositories → Data Sources
                                                       ├── Network (Retrofit + Socket.IO)
                                                       ├── Local DB (Room)
                                                       └── Local Storage (DataStore/SharedPrefs)

Tech Stack

  • UI: Jetpack Compose + Material 3 + Navigation Compose
  • Architecture: MVVM, Repository Pattern
  • DI: Dagger Hilt
  • Networking: Retrofit, OkHttp, Socket.IO
  • Calls: WebRTC
  • Local DB: Room (SQLite)
  • Push: Firebase Cloud Messaging
  • Async: Kotlin Coroutines & Flow
  • Encryption: AES-256-GCM via Google Tink

Security

FreeTime implements defense-in-depth security:

  • AES-256-GCM authenticated encryption for media
  • Per-chat unique encryption keys
  • Hardware-backed Android Keystore for local key storage
  • TOTP two-factor authentication
  • JWT token-based auth with auto-refresh
  • TLS 1.3 for all transport

Important: The actual encryption key management and server authentication implementation are intentionally omitted from this repository to prevent misuse. The encrypted media pipeline uses standard AES-256-GCM but the key exchange protocol and infrastructure authentication details are server-side and not disclosed.

See SECURITY.md for the security model overview.

Building

See BUILDING.md for build instructions.

Contributing

Contributions are welcome! Please:

  1. Fork the repository
  2. Create a feature branch
  3. Submit a pull request

License

This project is released under a permissive open-source license. The code is available for educational, research, and personal use. Security-critical components (key exchange, infrastructure auth) are intentionally omitted.

Disclaimer

This software is provided as-is for educational purposes. The encryption and security features described are conceptual. Actual production deployment requires proper server infrastructure, certificate management, and security audits.


Status: Active Development | Platform: Android 7.0+ (API 24)

About

FreeTime is a production-grade secure messaging platform with AES-256-GCM media encryption, TOTP two-factor authentication, and a scalable Node.js peer network. Self-hostable on Debian with Docker or PM2.

Resources

Security policy

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors