SecureE2E is a client-server chat application where the server acts as a neutral relay. It ensures that even if the server is compromised, your message content remains private.

• Double Ratchet Algorithm: Provides Forward Secrecy and Future Secrecy. Every message uses a unique encryption key.
• Asymmetric Handshake: Uses Ed25519 for identity signing and Curve25519 for key exchange.
• Separation of Duties: The Server Password protects access to the network, while the E2E keys protect the content of your messages.

• 🔒 True End-to-End Encryption: Messages are encrypted on your device and only decrypted on the recipient's device. The server cannot read them.
• 🔄 Perfect Forward Secrecy: Compromising a long-term key does not decrypt past messages.
• 🆔 Identity Verification: Each user generates a unique fingerprint. Verify this out-of-band to ensure you aren't being Man-in-the-Middled (MitM).
• 🛡️ Secure Transport: The connection to the server is secured using AES-256-GCM, derived via Scrypt.
• 🚫 No Self-Messaging: Logic prevents routing loops and errors by blocking messages sent to oneself.
• 📜 Message Queuing: If you start typing before the cryptographic handshake is finished, messages are safely queued and sent automatically once the channel is secure.

The security model operates in two distinct layers:

1. Transport Layer (Client ↔ Server) :
   • Purpose: Prevents unauthorized users from connecting to the chat server.
   • Mechanism: Scrypt Key Derivation + AES-256-GCM.
   • Key: Derived from the Server Password.
2. Application Layer (Client ↔ Client) :
   • Purpose: Ensures only the intended recipient can read the message content.
   • Mechanism: Double Ratchet (X3DH inspired).
3. Keys :
   • Identity Key: Ed25519.
   • Ephemeral Key: Curve25519.
   • The Ratchet: Both sides maintain a chain key. Sending a message advances the sending chain and derives a unique message key.

Omptimized for windows OS ( both clien/server ) you need modify it for Linux environments.

Prerequisites

• Go 1.21+ installed.
• Terminal access.

1. Clone the Repository

    git clone https://github.com/yourusername/SecureE2E-Go.git
    cd SecureE2E-Go 

2. Install Dependencies

    go get golang.org/x/crypto/curve25519
    go get golang.org/x/crypto/ed25519
    go get golang.org/x/crypto/hkdf
    go get golang.org/x/crypto/scrypt
    golang.org/x/crypto/ssh/terminal
    golang.org/x/crypto/argon2

3. Build

    # Build Server
    go build -o server server.go
    
    # Build Client
    go build -o client client.go

Download Video ( can't preview on web ) : (Link).

• X (Twitter): https://x.com/N_Nikjoo
• LinkedIn: https://www.linkedin.com/in/nimanikjoo/
• Telegram Channel: https://t.me/VSEC_academy

📄 License Distributed under the MIT License.