End-to-end encrypted chat for Android — free, anonymous, serverless. Messages are encrypted BEFORE they are sent. No one can read them. No central server. No phone number. No email. No Google. Just a key and Tor. ⚡ At a Glance 🔐 Crypto - 1 Ed25519 seed → everything: identity, .onion, X25519, ML-KEM, fingerprint - PQXDH: X25519 + ML-KEM-1024 (post-quantum hybrid) - ML-DSA-44: PQ signature on handshake - SPQR: periodic PQ re-encapsulation (every 10 msgs) - AES-256-GCM / ChaCha20-Poly1305 (auto) + Double Ratchet with PFS + healing - Fingerprint emojis: 96-bit anti-MITM + QR code scanner - BIP-39 backup (24 words) → restores entire identity - One-shot photos: view once, 2-phase secure deletion - Seed in Android Keystore (StrongBox when available) - Encrypted local DB: SQLCipher - Message padding: fixed-size (256/1K/4K/16K) - Dummy traffic: per-conversation cover traffic - E2E file sharing: AES-256-GCM (P2P transfer via Tor) - Ed25519 signatures per-message anti-forgery - Zero Google, zero Firebase — full P2P via Tor Hidden Services 🎨 UI/UX - Material Design 3 — full migration of all 5 themes - 5 themes: Midnight · Hacker · Phantom · Aurora · Daylight - Fluid animations — transitions, bubbles, cascade - Inline attachment icons — Session-style, slide-up animation - Tor bootstrap screen — Tor/Normal choice, animated progress, 5 themes - Scrollable toolbar + auto-hide FAB - Dynamic bubbles colored by theme - App Lock PIN + biometrics - Disappearing messages: 30s → 1 month - One-shot photos: view once 🔥 ✨ Features 🔒 Security & Crypto Feature Details 🌱 1 Seed → Everything Ed25519 seed → identity, .onion, X25519, ML-KEM, fingerprint 🔐 E2E Encryption PQXDH: X25519 + ML-KEM-1024 + AES-256-GCM / ChaCha20-Poly1305 + SPQR 🤝 ML-DSA-44 Handshake Post-quantum signature on session establishment 🔄 Perfect Forward Secrecy Double Ratchet (DH + KDF chains) 🔏 Fingerprint emojis + QR 96-bit, 16 emojis + QR code SHA-256, built-in scanner 🧅 Tor P2P .onion to .onion — zero relay, zero middleman 📬 Fialka Mailbox Distinct server mode (requires 2 phones) — 4 modes (Personal, Private, Public) — E2E store/transit/purge — ZERO decryption 🛡️ DeviceSecurityManager StrongBox detection, MAXIMUM/STANDARD level 🕵️ Sealed Sender Tor Hidden Services — recipient cannot see sender IP 🔑 Keystore-backed Ed25519 seed in Android Keystore (StrongBox when available) 🗄️ SQLCipher Room DB encrypted with AES-256 🧹 Memory zeroing Intermediate keys filled with zeros 📏 Message padding Fixed-size (256/1K/4K/16K) anti-traffic analysis 👻 Dummy traffic Periodic cover messages (configurable toggle) 📎 E2E file sharing Per-file AES-256-GCM, P2P transfer via Tor ✍️ Ed25519 Signatures Every message signed, ✅/⚠️ badge anti-forgery 📸 One-shot photos View once (sender + receiver), 2-phase secure deletion 🚫 Zero Google No Firebase, no FCM, no Google services 💬 Messaging Feature Details 📷 QR Code Scan → auto-fill public key & nickname (deep link v2) 📨 Contact requests Invite → notification → accept/reject 🔴 Unread messages Badge counter + separator in chat 🔄 Real-time Receive messages even in background (Tor P2P) 🔔 Push notifications UnifiedPush + ntfy.sh, zero message content ⏱️ Disappearing msgs 10 durations (30s → 1 mo) 📁 E2E file sharing AES-256-GCM encrypted, P2P via Tor 👻 Dummy traffic Indistinguishable cover messages to mask activity 📬 Fialka Mailbox Distinct server mode (requires 2 phones) — 4 modes — E2E store/transit/purge — ZERO decryption �💀 Dead convo detection Auto-detect + clean up + re-invite 🔒 Protection Feature Details 🔒 App Lock 6-digit PIN + opt-in biometrics ⏰ Auto-lock Configurable timeout (5s → 5min) 🔑 BIP-39 Backup 24 words to backup identity key ♻️ Restore Autocomplete 24-word grid + recover on new device 🗑️ Full deletion Wipes local data + Mailbox + signing keys 📵 Anonymous Zero number, zero email, zero Google, zero tracking