🔐 NoFuture-Memguard-PQ

Ephemeral Post-Quantum Text Encryption Plugin for Mainstream Chats

Version 0.5.0 | Built with love and defiance | Privacy is a human right, not a feature

🛡️ Core Security Philosophy: NoFuture-Memguard-PQ is a detached external encryption plugin designed to work alongside mainstream chat applications (WhatsApp Web, Telegram, Signal, etc.) without ever being part of them. This architectural isolation is the foundation of its security.

📌 What is NoFuture-Memguard-PQ?

NoFuture-Memguard-PQ is a browser-based encryption tool that acts as an external cryptographic plugin for any instant messaging platform. You use it in one browser tab while your mainstream chat runs in another tab. Messages are encrypted locally in your browser, and only the ciphertext is transmitted through the untrusted mainstream channel.

Key Concept: Your plaintext and cryptographic keys never enter the mainstream chat application. The chat platform only sees encrypted data it cannot decrypt.

🎯 Why "Detached" Architecture is Critical for Security

The Problem with Integrated Plugins

If NoFuture-Memguard-PQ were an official plugin integrated into WhatsApp, Telegram, or any mainstream platform, it would not be trustworthy because:

The Solution: Complete Isolation

NoFuture-Memguard-PQ is completely separate from mainstream chat platforms:

Component Where It Lives Who Controls It
Your private keys NoFuture tab (protected RAM) You (not the chat platform)
Plaintext messages NoFuture tab (protected RAM) You (not the chat platform)
Encryption/Decryption NoFuture tab (client-side) You (not the chat platform)
Ciphertext only Mainstream chat tab Chat platform (but it's useless to them)
🔒 Security Guarantee: Because NoFuture-Memguard-PQ is detached, mainstream chat platforms have zero access to your keys or plaintext. Even if WhatsApp, Telegram, or Signal were completely compromised, your encrypted conversations remain secure. The ciphertext stored in their servers is mathematically impossible to decrypt without your session keys—which are destroyed after the session ends.

🧠 Multi-Layer Security Architecture

The security of NoFuture-Memguard-PQ is based on defense in depth, with multiple independent protection layers working simultaneously:

1. Memguard: The FoundationMOST CRITICAL

Memguard is a Go library for handling sensitive data in memory. It is the primary security mechanism protecting both your cryptographic keys and plaintext messages.

What Memguard Protects:

How Memguard Works:

Attack Vector Memguard Protection
Memory dumps (even by root) Data stored in encrypted memory pages outside the Go heap
Swap file analysis mlock() system call prevents swapping to disk
Debugger attachment (gdb, lldb) Memory is encrypted in RAM; debugger sees only ciphertext
Core dumps on crash Automatic purge on crash via memguard.CatchInterrupt()
Garbage collector inspection Sensitive buffers are off-heap, invisible to GC
Cold boot attacks Memory wiped on process exit; no residual data
🔥 Critical Security Feature: Not even the server administrator with root access can dump your keys or plaintext from RAM. Memguard's kernel-level memory protection makes sensitive data forensically unrecoverable even with physical access to the server's RAM.

2. Post-Quantum CryptographyHIGH PRIORITY

While memguard protects data in memory, post-quantum cryptography protects data in transit and at rest against future quantum computer attacks.

Current Implementation (v0.5.0):

⚠️ Roadmap: Future versions will integrate true post-quantum algorithms:
  • Kyber1024-90s for key encapsulation (KEM)
  • Dilithium5-AES for digital signatures (authentication)
These are NIST-standardized post-quantum cryptography algorithms designed to resist attacks from quantum computers.

3. Additional Security Layers

Layer Purpose Protection Against
Detached Architecture Isolation from mainstream platforms Backdoors, ChatControl, platform compromise
Authenticated Encryption (AEAD) XChaCha20-Poly1305 Tampering, bit-flipping, MITM attacks
Session Isolation Unique keys per session Cross-session attacks, replay attacks
Rate Limiting 60 requests/minute per IP Brute force, DoS attacks
Request Size Limits Max 1MB per request Memory exhaustion, DoS
Session Timeout 24 hours max lifetime Abandoned sessions, stale keys
Total Key Destruction Secure wipe on session end Forensic recovery, future access

🔑 How It Works: 5-Phase Workflow

Usage Scenario: Alice wants to send a secure message to Bob using WhatsApp Web (or any chat platform).

Phase 1: Session Creation

Alice opens NoFuture-Memguard-PQ in a browser tab and clicks "Start New Session".

// What happens under the hood:
1. Generate Curve25519 key pair (32-byte private + public keys)
2. Generate random 24-byte nonce
3. Create Session ID = SHA256(publicKey + nonce)
4. Store all keys in memguard.LockedBuffer (encrypted RAM)
5. Return Session ID to Alice

Phase 2: Session ID Exchange

Alice copies her Session ID and sends it to Bob via WhatsApp Web.

Note: The Session ID is not sensitive. It's a cryptographic descriptor containing only public information. It can be transmitted over any channel, even unencrypted.

Phase 3: Pairing (Key Agreement)

Bob also starts a session and gets his own Session ID. Both Alice and Bob paste each other's Session IDs into NoFuture-Memguard-PQ and click "Pair Sessions".

// What happens under the hood:
1. Alice's browser fetches Bob's public key via Session ID
2. Compute shared secret using NaCl box precomputation:
   sharedSecret = box.Precompute(myPrivateKey, theirPublicKey)
3. Store sharedSecret in memguard.LockedBuffer
4. Sessions are now synchronized

No manual key exchange needed. The shared secret is derived automatically using Diffie-Hellman key exchange (Curve25519).

Phase 4: Encrypted Communication

Alice encrypts a message:

  1. Alice types plaintext in NoFuture-Memguard-PQ: "Meet me at 3pm"
  2. Plaintext is stored in memguard.LockedBuffer (protected RAM)
  3. Encrypted using XChaCha20-Poly1305 with the shared secret
  4. Alice copies the ciphertext and pastes it into WhatsApp Web
  5. Plaintext buffer is immediately destroyed after encryption

Bob decrypts the message:

  1. Bob receives the ciphertext via WhatsApp Web
  2. Bob copies the ciphertext and pastes it into NoFuture-Memguard-PQ
  3. Decrypted using the shared secret (authenticated encryption verifies integrity)
  4. Plaintext is displayed in a memguard.LockedBuffer
  5. After reading, Bob can destroy the plaintext manually
🔒 What WhatsApp sees: Only meaningless hexadecimal strings. Even if WhatsApp's servers are compromised, the ciphertext is mathematically useless without the session keys—which exist only in Alice and Bob's browsers, protected by memguard, and destroyed after the session ends.

Phase 5: Session Termination (Total Destruction)

When Alice or Bob clicks "End Session":

// What happens under the hood:
1. session.PrivateKey.Destroy()     // Secure wipe
2. session.PublicKey.Destroy()      // Secure wipe
3. session.SharedSecret.Destroy()   // Secure wipe
4. session.Nonce.Destroy()          // Secure wipe
5. Delete session from server memory
6. memguard.Purge() on process exit
🔥 No Future Access: Once the session ends, the cryptographic keys are irreversibly destroyed. Even if an attacker obtains the ciphertext from WhatsApp's servers years later, it is permanently unreadable. This is the meaning of "ephemeral" encryption.

One conversation. One key. One chance to read. No future access.

🛡️ Defense Against Local Attacks

🖱️ Virtual Keyboard (Anti-Keylogger)

NoFuture-Memguard-PQ includes an optional on-screen virtual keyboard with a randomized layout to protect against local keyloggers and spyware.

Threat Virtual Keyboard Protection
Hardware keyloggers No physical keyboard events generated
Software keyloggers (reading /dev/input) Mouse clicks only; no keystroke events
Screen recording malware Randomized layout changes each session (partial mitigation)

🚀 Installation & Usage

Prerequisites

- Go 1.21 or later
- Linux/macOS/Windows (memguard works on all platforms)

Installation

git clone https://github.com/yourusername/nofuture-memguard-pq.git
cd nofuture-memguard-pq
go mod download
go build -o nofuture main.go

Running the Server

./nofuture

Server starts on http://localhost:8080

⚠️ Production Deployment:
  • Use a reverse proxy (nginx, Caddy) with HTTPS/TLS certificates
  • Configure CORS to allow only your domain
  • Run behind a firewall with rate limiting
  • Never expose the Go server directly to the internet without TLS

Usage Example

  1. Open http://localhost:8080 in one browser tab
  2. Open WhatsApp Web (or Telegram, Signal, etc.) in another tab
  3. Click "Start New Session" in NoFuture-Memguard-PQ
  4. Share your Session ID with your contact via the chat app
  5. Receive their Session ID and click "Pair Sessions"
  6. Type your message, click "Encrypt", copy the ciphertext
  7. Paste the ciphertext into the mainstream chat and send
  8. Receive ciphertext from your contact, paste into NoFuture-Memguard-PQ, click "Decrypt"
  9. When done, click "End Session" to destroy all keys

📊 Security Comparison

Feature WhatsApp E2EE Signal NoFuture-Memguard-PQ
Keys stored by provider Backup keys (optional) No ❌ Never (detached)
Memory protection Standard heap Standard heap ✅ Memguard (encrypted RAM)
Resistant to root access No No ✅ Yes (mlock + encrypted buffers)
ChatControl/backdoor risk Possible (integrated) Possible (integrated) ❌ Impossible (detached)
Post-quantum ready No (ECDH) No (X25519) 🔄 Roadmap (Kyber/Dilithium)
Forward secrecy Yes (Double Ratchet) Yes (Double Ratchet) ⚠️ Per-session only (v0.5)
Metadata protection No Partial (sealed sender) ✅ Yes (mainstream sees only ciphertext)

⚠️ Current Limitations (v0.5.0)

🗺️ Roadmap

📜 License

MIT License - Free and open source

🤝 Contributing

This project is built with love and defiance. Contributions are welcome. Please:

💬 Support

For questions, feature requests, or security reports, open an issue on GitHub.

Privacy is not a feature—it's a human right.

Built with love and defiance against mass surveillance.