An efficient and memory-safe Threema Safe server implementation written in Rust.
This is a private project, not developed nor endorsed by Threema GmbH.
The server spec can be found in the Cryptography Whitepaper.
Work in progress. The core functionality is implemented, but some additional things like throttling or expiration still need to be handled. Currently, the server needs to be manually compiled, but in the future binary builds will be provided.
- Request config
- Download backups
- Upload backups
- Delete backups
- Settings configurable by user
- User agent validation
- Automatic cleanup of expired backups
Sekurŝranko requires at least Rust 1.31.
To make a release build:
cargo build --release
You will find the binary at
Sekurŝranko is thoroughly covered by unit tests and integration tests.
To run the tests:
In case you want to enable logging:
RUST_LOG=sekursranko=trace cargo test
To run linting:
rustup component add clippy cargo clippy --all-targets --all-features
Simply execute the binary with the
./sekursranko --config config.toml
You can find an example configfile in this repository at
Configure logging using the
RUST_LOG env var:
RUST_LOG=sekursranko=debug ./sekursranko -c config.toml
Sekurŝranko is meant to be run behind a reverse proxy (e.g. Nginx) that does TLS termination. That's why it currently doesn't support TLS directly.
Note that you cannot backup to a server without TLS from the Threema app.
The name of this project is the Esperanto word for "safe". English-speaking people might recognize the "sekur-" prefix (-> secure), and German-speaking people might recognize the "-ŝranko" suffix (-> "Schrank", a cabinet).
Licensed under either of
- Apache License, Version 2.0 (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
- MIT license (LICENSE-MIT or http://opensource.org/licenses/MIT) at your option.
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.