# Features ## Core Features | Feature | Description | | ---------------------------- | ------------------------------------------------------------ | | **Signal Protocol** | X3DH + Double Ratchet for all messages | | **Decentralized Network** | No central server — data distributed across validator nodes | | **3-Hop Onion Routing** | RSA-4096 per-hop routing for traffic analysis resistance | | **Zero-Knowledge Proofs** | Anonymous authentication via Groth16 RLN | | **Post-Quantum Crypto** | Hybrid Kyber-768 + X25519 for quantum-resistant key exchange | | **No Phone Number Required** | Sign in with Web3 wallet — MetaMask, WalletConnect, etc. | | **Progressive Web App** | Install on any device, works offline | | **GDPR/HIPAA/SOC3** | Enterprise compliance frameworks | *** ## Messaging All messages are encrypted end-to-end with Signal Protocol before leaving your device. * **Text messages** with editing (48-hour window with full history) * **Voice messages** with waveform visualization * **Message reactions** with any emoji * **Reply & quote** functionality * **Message forwarding** to multiple contacts * **Message deletion** (for yourself or everyone) * **Disappearing messages** — auto-delete timers from 5 seconds to 1 week * **Pinned messages** with navigation banner * **Starred messages** — encrypted mesh storage for favorites * **Read receipts & delivery status** (optional, encrypted) * **Typing indicators** (optional, encrypted) * **Link previews** — sender-generated, privacy-preserving * **Contact sharing** — vCard format with one-tap actions * **Chat export** — export full chat histories * **Message search** across all conversations *** ## Voice & Video Calls All signaling is encrypted with the Double Ratchet. Media streams are peer-to-peer via WebRTC. * **1-on-1 calls** — voice and video, direct peer-to-peer * **Group calls** — up to 6 participants with full mesh P2P topology * **Screen sharing** in both 1-on-1 and group calls * **Echo cancellation, noise suppression, automatic gain control** * **Picture-in-picture mode** * **Call history** — encrypted on mesh, not on server *** ## Groups & Channels ### Groups * Encrypted group chats with role-based access (Owner, Admin, Member) * Public and private groups with invite links * Group membership hidden from relays * Automatic key rotation on member removal * **Sealed Group Fanout** — privacy-preserving delivery where relays never enumerate members ### Channels * Broadcast channels for one-to-many communication * Public or private with subscriber management * Role & permission management *** ## Media & Files * **Images** — JPEG, PNG, WebP with auto-compression * **Videos** — MP4 with thumbnails * **Audio** — MP3, WAV, OGG * **Documents** — any file type * **GIFs** — privacy-preserving mesh delivery (sender fetches and encrypts) * **Stickers** — encrypted pack management * **Built-in image editor** — canvas editor for photos before sending * Large files chunked via **Reed-Solomon erasure coding** across mesh nodes *** ## Stories * Encrypted 24-hour ephemeral content * Per-viewer access control (ECDH per-viewer encryption) * Viewer tracking * Auto-cleanup after expiration *** ## Polls & Location * **Polls** — encrypted in groups and channels, server cannot see questions or votes * **Location sharing** — static and live with auto-expiration * **Maps** — OpenStreetMap integration (privacy-first, no Google) *** ## Privacy & Metadata Protection Zentalk goes beyond message encryption to protect your communication patterns: | Protection | Implementation | | ----------------------- | ------------------------------------------- | | Address Hashing | SHA-256 hashed addresses | | Conversation ID Privacy | Hashed sorted address pairs | | Encrypted Routing | Sender/recipient inside E2EE payload | | Encrypted Presence | Online/offline status encrypted | | Stealth Addresses | Ephemeral ECDH keypair per message | | Cover Traffic | Dummy requests during idle periods | | Message Padding | Uniform sizes (512, 1024, 4096, 8192 bytes) | | Fuzzy Presence | Delayed/batched status updates | *** ## Identity & Authentication ### Wallet-Based (Primary) * MetaMask, WalletConnect, or any Web3 wallet * No password required — authentication via wallet signature * Multi-chain: Ethereum, Arbitrum, Base, Sepolia ### Phone-Based (Alternative) * Phone number + SMS verification code * Keys derived deterministically (PBKDF2-SHA512, 600K iterations) * Phone deleted after verification, only hash stored in mesh DHT ### Usernames * Unique usernames stored in mesh DHT * Ed25519 signed entries prevent DHT poisoning * Privacy-preserving lookups (username hashed as DHT key) *** ## Security Features * **Multi-factor authentication** — TOTP + WebAuthn (hardware keys) * **Active sessions management** — view and revoke sessions across devices * **Safety number verification** — verify contact identity * **Encrypted blocked/muted lists** * **Multi-language support** (i18n) * **Customizable keyboard shortcuts** * **Dark/light themes** with custom wallpapers * **Network topology visualization** *** ## Node Infrastructure ### Running a Validator Node | Requirement | Detail | | ----------- | ------------------------------------- | | Stake | 5,000 CHAIN tokens | | Hardware | 4 cores, 8 GB RAM, 500 GB SSD | | Network | Public IP address required | | Software | Single binary (`./bin/relay`) | | Setup | Minutes with Docker or install script | ### Node Performance Benchmarked on Apple M3 Pro: | Operation | Speed | Throughput | | --------------------------- | --------- | ----------------- | | AES-256-GCM Encrypt | 1.7 us/op | 590K ops/s | | RSA-4096 Encrypt | 206 us/op | 4.8K ops/s | | 3-Hop Relay Encrypt | 603 us/op | 1.6K ops/s | | Message Relay | — | 1,000+ msg/s/node | | Storage Write | — | 100+ MB/s | | 3-Hop Routing Latency (p95) | <100ms | — | | Concurrent Connections | — | 10,000+ per node | ### Monitoring * 40+ Prometheus metrics * Grafana dashboards for real-time monitoring * OpenTelemetry distributed tracing * Health endpoints (DHT, storage, peers, memory) * SIEM integration (Splunk, ELK, QRadar) *** ## Technical Stack ### Frontend | Technology | Purpose | | -------------------- | -------------------- | | Next.js 16 | Framework | | React 19 | UI Library | | TypeScript 5 | Language | | Zustand | State Management | | TanStack React Query | Async Data | | Tailwind CSS 4 | Styling | | Radix UI | Component Primitives | | Zod 4 | Schema Validation | ### Backend (Go 1.24) | Technology | Purpose | | ----------------- | ------------------------ | | libp2p | P2P, DHT, GossipSub, NAT | | PostgreSQL 16 | Metadata & Profiles | | Redis | Caching & Sessions | | Gorilla WebSocket | Real-time Communication | | Reed-Solomon | Erasure Coding | | cloudflare/circl | PQC (Kyber, Dilithium) | | consensys/gnark | Zero-Knowledge Proofs | | Prometheus | Monitoring | ### Cryptography (Client) | Library | Purpose | | -------------- | --------------------------- | | Web Crypto API | Hardware-accelerated crypto | | @noble/curves | Ed25519/X25519 | | @noble/hashes | SHA-256, HMAC, HKDF | | mlkem | Kyber-768 (ML-KEM FIPS 203) | | viem | Ethereum wallet interaction |