diff options
| author | Gab Virebent <gabriel1@virebent.art> | 2026-06-20 01:07:45 +0000 |
|---|---|---|
| committer | Gab Virebent <gabriel1@virebent.art> | 2026-06-20 01:07:45 +0000 |
| commit | aa459e3b84cc4c5d908f3781c9253848c18640c3 (patch) | |
| tree | 8454b956cc0fa027034c8291f39d58ece469e10c /README.md | |
| download | nymdrop-aa459e3b84cc4c5d908f3781c9253848c18640c3.tar.gz nymdrop-aa459e3b84cc4c5d908f3781c9253848c18640c3.tar.xz nymdrop-aa459e3b84cc4c5d908f3781c9253848c18640c3.zip | |
Initial public release: Nym-native anonymous submission system
End-to-end verified pipeline (browser -> HTTP relay -> Nym mixnet -> reader).
Client-side X25519+HKDF+AES-GCM-256, no-log blind relay, AGPL-3.0.
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/README.md b/README.md new file mode 100644 index 0000000..cc517ae --- /dev/null +++ b/README.md @@ -0,0 +1,65 @@ +# NymDrop + +A modern, Nym-native anonymous submission system — a SecureDrop alternative that +uses the [Nym mixnet](https://nymtech.net/) as its transport instead of Tor. + +The source uses an ordinary browser. There is nothing to install, no onion +service to reach, and no client-side configuration. Anonymity protection lives in +the design, not in an obligation on the source to install anything. + +## Design + +- **Transport:** Nym mixnet only — no Tor. Cover traffic, padding and mixnet + unlinkability protect the server side. +- **Client-side encryption:** submissions are encrypted in the browser with + X25519 + HKDF-SHA-256 + AES-GCM-256 (WebCrypto). The server never sees + plaintext. +- **No-log server:** no IP, no timestamps, no metadata persisted. A blind relay + forwards ciphertext through the mixnet and keeps nothing on disk. +- **No third parties:** no CDN, no Cloudflare, no NIST curves, no tracking + JavaScript. + +See [`ARCHITECTURE.md`](ARCHITECTURE.md) for the full threat model and component +breakdown. + +## Components + +| Binary | Role | +|---|---| +| `nymdrop` | Public-facing HTTP server + blind relay. Embeds a `nym-client`, accepts encrypted submissions on `POST /submit`, forwards them through the mixnet to the reader's Nym address. | +| `nymdrop-reader` | Operator-side inbox. Runs a `nym-client`, receives messages from the mixnet, decrypts them with the operator's X25519 private key, and writes submissions to disk. | +| `nymdrop-source` | Optional SOCKS5-based source helper. | + +## Build + +The `nym-client` binary is required at build time (embedded via `go:embed`) but +is **not** committed to keep the repository small. Fetch it first: + +```sh +./scripts/fetch-nym-binaries.sh # downloads nym-client v1.1.76 (linux/amd64) + +go build ./cmd/nymdrop/ +go build ./cmd/nymdrop-reader/ +``` + +## Run + +```sh +# 1. Start the reader (prints its Nym inbox address and the public key to deploy) +./nymdrop-reader --id nymdrop-inbox --ws-port 1977 + +# 2. Start the server, pointing it at the reader's Nym address +./nymdrop --journalist "<NYM_ADDRESS_FROM_READER>" --static ./static --listen 127.0.0.1:8080 +``` + +Deploy the reader's public key into `static/crypto.js` so the browser encrypts to +the right key. Put the server behind TLS in production. + +## Status + +End-to-end verified: browser/client → HTTP server → Nym mixnet → reader → +decrypted submission on disk. + +## License + +[AGPL-3.0](LICENSE). |
