Lattice Mesh Protocol - A hybrid post-quantum secure messaging protocol.
- 🔐 Hybrid Cryptography: Classical (X25519, Ed25519) + Post-Quantum (Kyber768, Dilithium3)
- 🔄 Double Ratchet: Forward secrecy with automatic key rotation
- 🌐 Mesh Routing: Anonymous multi-hop message delivery
- 🎭 Metadata Resistance: Cover traffic, padding, timing obfuscation
- 🛡️ Replay Protection: Message tracking with nonce management
use lmp_core::prelude::*;
use lmp_core::device::Identity;
use lmp_core::protocol::session::SessionBuilder;
// Generate identity
let identity = Identity::generate()?;
// Create introduction token (share via QR code)
let token = identity.create_introduction_token("dht://node.example.com")?;
let qr_data = token.to_base64()?;
// Build session with peer
let builder = SessionBuilder::new(
identity.signing_keys().clone(),
identity.exchange_key().clone(),
*identity.device_id(),
);
// ... handshake with peer ...
// Send encrypted message
let encrypted = session.encrypt(b"Hello, World!")?;
// Receive and decrypt
let plaintext = session.decrypt(&encrypted)?;lmp-core/
├── crypto/ # Cryptographic primitives
│ ├── aead.rs # ChaCha20-Poly1305
│ ├── ed25519.rs # Classical signatures
│ ├── dilithium.rs # PQ signatures
│ ├── x25519.rs # Classical key exchange
│ ├── kyber.rs # PQ key encapsulation
│ ├── hkdf.rs # Key derivation
│ └── rng.rs # Secure random
├── protocol/ # Protocol implementation
│ ├── handshake.rs # Initial key exchange
│ ├── ratchet.rs # Double Ratchet
│ ├── session.rs # Session management
│ └── replay.rs # Replay protection
├── network/ # Mesh networking
│ ├── cell.rs # Fixed-size cells
│ ├── routing.rs # Path selection
│ ├── cover.rs # Cover traffic
│ └── mailbox.rs # Offline storage
├── storage/ # Persistence
│ ├── keychain.rs # Key storage
│ ├── database.rs # Conversation state
│ └── memory.rs # Protected memory
└── device/ # Identity management
├── identity.rs # User identity
└── token.rs # Introduction tokens
| Purpose | Classical | Post-Quantum |
|---|---|---|
| Identity Signatures | Ed25519 | Dilithium3 |
| Key Exchange | X25519 | Kyber768 |
| Symmetric Encryption | ChaCha20-Poly1305 | - |
| Key Derivation | HKDF-SHA3-256 | - |
| Key Type | Lifetime | Purpose |
|---|---|---|
| LTIK | 90 days | Long-term identity |
| MTSK | 14 days | Medium-term signing |
| Session Keys | Per conversation | Ongoing encryption |
| Ratchet Keys | 50 msgs / 24h | Forward secrecy |
| Message Keys | Single use | Per-message |
# Build
cargo build --release
# Run tests
cargo test
# Build docs
cargo doc --open- All keys automatically zeroed on drop (zeroize)
- Memory locking prevents swapping sensitive data
- Constant-time comparisons prevent timing attacks
- Dual PQ library validation catches implementation bugs
MIT OR Apache-2.0