Secure Permissioned Exchange.
SPEX is a security-first messaging and transport protocol with end-to-end encryption based on MLS. It is network-agnostic and can operate over HTTP, P2P, or hybrid delivery paths.
Institutional metadata:
- Created in 2026.
- Authored by Richard Ikeda.
- Built with extensive AI and testing tooling plus technical engineering work.
- Initially developed for personal use, and published as open source for adoption and public code verification.
- A protocol, not just an app.
- Explicit permissioned communication.
- Deterministic wire behavior (CBOR canonical/CTAP2).
- Untrusted transport model (bridge/DHT/P2P are treated as untrusted).
Protocol north:
Secure. Permissioned. Explicit.
- spex-core: core types, canonical CBOR, hashing, signatures, PoW, shared validation.
- spex-mls: MLS integration and epoch/recovery safety paths.
- spex-transport: P2P transport, chunking/manifests, fallback paths, ingestion validation.
- spex-bridge: HTTP relay with explicit validation and abuse controls.
- spex-client: high-level SDK for identity/state/thread/message flows.
- spex-cli: reference CLI for operational and integration flows.
This repository includes the standard open source governance and release controls expected for a security-sensitive protocol project:
- Code of conduct: CODE_OF_CONDUCT.md
- Contribution rules: CONTRIBUTING.md
- Security policy/disclosure: SECURITY.md
- Test strategy: TESTS.md
- Mandatory release checklist: docs/release-v1-checklist.md
- Release operations runbook: docs/runbook-release-operations.md
- Branch protection policy (declarative): .github/branch-protection/main.json
- CI and release gates: .github/workflows/ci-umbrella.yml (orchestrates all checks)
SPEX is published as open source under a single project license: Mozilla Public License 2.0. This repository does not currently use dual licensing or AGPL terms.
-
Documentation entry point (recommended first read): docs/index.md
-
Architecture overview: docs/overview.md
-
Integration guide: docs/integration.md
-
CLI guide: docs/cli.md
-
Bridge API: docs/bridge-api.md
-
Bridge TLS deployment guide: docs/bridge-tls-deployment.md
-
Protocol security guide: docs/security.md
-
Documentation hosting strategy: docs/documentation-hosting-strategy.md
-
Wire format reference: docs/wire-format.md
-
Transport observability: docs/observability.md
-
Operations: abuse/revocation/recovery: docs/operations-revocation-recovery-abuse.md
-
PT-BR user guide (single document): docs/pt-BR-guide.md
-
Historical release records (public archive): docs/archive/README.md
Build:
cargo build --workspaceTest:
cargo test --workspaceReference release gates:
cargo test --workspace --locked --verbose
cargo test --workspace --locked --all-features --verbose
cargo fmt --all -- --check
cargo clippy --workspace --locked -- -D warnings
./scripts/release_gate_docs.sh
./scripts/release_gate_negative_test.sh- Use TLS for all HTTP integrations.
- Validate grants and PoW at all trust boundaries.
- Treat key changes as critical events.
- Protect local state at rest.
- Never trust transport as a security boundary.
- General usage, integration, and contribution questions: open a GitHub issue with reproducible context.
- Security reports: do not use public issues; follow SECURITY.md.
- Project changes and security fixes are published through repository history and release notes in CHANGELOG.md.
- Crate versions in each
Cargo.tomlare authoritative for published Rust packages. VERSION.mdtracks SPEX protocol/repository release metadata.CHANGELOG.mdis the human-readable history of release changes.- Version bumps are validated on every PR by the Version Guard workflow.
- To trigger a manual version bump and changelog update, use the Auto Version Bump workflow via
workflow_dispatch.
SPEX is licensed under Mozilla Public License 2.0. See LICENSE.MD.
Secure. Permissioned. Explicit.