v0.2.3-pre - WebRTC peer-to-peer transport

Aurora 0.2.3-pre adds a peer-to-peer WebRTC message transport so conversations can connect across carrier NAT.

What's new

• Messages connect over a WebRTC data channel (ICE + self-hosted STUN, no TURN). The rendezvous only helps the two devices find each other, then falls off the data path.
• IPv6 first, IPv4 as fallback, with direct TCP as a same-network fast path.
• The chat header shows the live connection state (Connecting, Connected peer-to-peer, or an honest could-not-connect message).
• Self-hosted STUN runs on the existing rendezvous server (STUN only, no relay).

Known limits

• Two peers both on symmetric carrier NAT with no IPv6 still cannot connect directly; a peer-relay (ShadowMesh) for that case is future work.
• Live two-device connection is best verified on physical phones on different networks.

Pre-alpha, experimental software. Do not trust it with anything critical yet. Sideload only (Android).

Aurora Messenger v0.2.2-pre

Onboarding now ends on a permission gate that explains each permission and blocks entry until the two delivery-critical ones are granted - Notifications and Run in the background (battery/Doze exemption). These are the permissions whose absence made a fresh install silently fail to receive a pairing handshake.

• Microphone (voice messages/calls) and Camera (QR scanning, video calls) are optional and requested on first use.
• Sharing photos/videos uses Android's system picker, so there is no gallery permission to grant.
• Also adds a rendezvous /health liveness endpoint powering the new status page.

Full notes in CHANGELOG.md.

Pre-alpha - Android 10+ - sideload. Please don't rely on it for sensitive communication yet.

Aurora Messenger v0.2.1-pre

Pairing-reliability patch.

Fixed

• A host sitting on the "Show my code" QR screen now sees an incoming pair request the moment it arrives (previously it landed on the home list behind the QR screen and the foreground notification was suppressed, so pairing looked broken). The handshake itself was fine, incl. one side backgrounding mid-pairing (it resumes via the rendezvous wake).
• In-app version footer was hardcoded to 0.1.0; now shows the real build version.

Full notes in CHANGELOG.md. Android 10+, sideload. Pre-alpha and experimental.

Aurora Messenger v0.2.0-pre

Second pre-alpha.

Added - In-app video playback: first-frame thumbnails plus a fullscreen player (play/pause, scrubbable seek bar, elapsed/total time). Video is decrypted and played from memory and stays inside the FLAG_SECURE window.

Fixed - Calls no longer drop when you leave the app. While a call is live the foreground service holds the microphone (and camera, for video) service type, so backgrounding (Back / screen off) no longer lets the OS cut mic/camera or battery saver drop the call.

Changed - Large behaviour-preserving architecture cleanup (role-based class names, god-class/screen splits, EncryptedMediaStore, Kotlin-convention pass) and a new crypto + app test suite.

Full notes in CHANGELOG.md. Android 10+, sideload. Pre-alpha and experimental.

Aurora 0.1.0-pre (pre-alpha)

First public pre-alpha of Aurora Messenger: a post-quantum, end-to-end encrypted Android messenger. A privacy-first app that requires no phone number, no account, and no server that can read your messages.

What's inside

Hybrid post-quantum encryption (Kyber-1024 + X25519, Dilithium-3 + Ed25519, XChaCha20-Poly1305)
Forward-secret pairing (PQXDH) and a per-message ratchet
QR pairing with mutual code verification
Text and media messaging, plus voice and video calls
App lock with a decoy PIN, duress wipe, and encrypted backups
Install
Download aurora-messenger-prealpha.apk below, open it, allow installing from this source, then pair by scanning a friend's code.

Note
This is an early, experimental build. It has not had an independent security audit. Do not rely on it for high-risk communication yet.