# Roadmap — pvtcoms

## Overview

pvtcoms is a private, serverless, peer-to-peer, **anonymous, post-quantum** encrypted messenger
(Android + Desktop first; iOS later). It proves that two people can exchange 1:1 messages that are
anonymous, serverless, and post-quantum encrypted — and that it actually works over a hostile network.
Full plan: [`BUILD_PLAN.md`](./BUILD_PLAN.md) (v1 scope), [`DESIGN.md`](./DESIGN.md) (full reference),
[`THREAT_MODEL.md`](./THREAT_MODEL.md), [`README.md`](./README.md).

---

## Phase 1: v1 — Anonymous serverless PQ 1:1 messaging

> **Status: Complete** | Version 0.1.26 (2026-06-06)

Prove the core thesis: 1:1 text, Android + Desktop, Tor-only, hybrid X25519+ML-KEM-768 handshake +
Double Ratchet, oblivious rotating-token mailbox (pull-to-refresh), single-use invite + SAS onboarding,
SQLCipher at-rest. Everything else deferred.

- [ ] M0 — Walking skeleton: two Rust CLIs exchange a string over Tor (`arti`), manual address paste, no crypto
- [ ] M1 — Crypto core: identity keys, hybrid handshake, Double Ratchet + test vectors (survives out-of-order/dropped)
- [ ] M2 — Transport + session: `arti` integration, circuit/session lifecycle, fixed-size padded envelopes, no metadata in logs
- [ ] M3 — Rendezvous + mailbox MVP: single-use invite + SAS, rotating tokens, pull delivery, PoW submit gate
- [ ] M4 — App integration: UniFFI bindings, encrypted store, 1:1 chat UI + onboarding (Android + Desktop/Tauri)
- [ ] M5 — Hardening + closed beta: threat-model-to-tests, red-team misuse tests, reproducible builds, 20–50 user beta

---

## Phase 2: v2 — Async media, groups, multi-device, iOS

> **Status: Planned**

- [ ] Host/controller multi-device (phone authoritative, desktop remote)
- [ ] Async encrypted voice/video notes (SFrame keyed off the ratchet)
- [ ] Sender-Keys group chat
- [ ] iOS client (with oblivious APNs notification relay)
- [ ] PQ ongoing ratchet (PQ3-style periodic rekey), version-gated
- [ ] Per-contact identity-bound transport profiles UI; introduction-by-mutual-contact; duress passcode / hidden profiles

---

## Phase 3: v3+ — Frontier

> **Status: Planned**

- [ ] Live voice/video calls (SFrame + Sans-IO media core)
- [ ] MLS production groups (OpenMLS + X-Wing, hub-mediated)
- [ ] Nym mixnet transport (behind the AnonTransport trait)
- [ ] Message-franking abuse reporting; BLE/offline mesh transport