whisper Svelte Themes

Whisper

Real-time secure communication channel for an investigative journalism network

#encryption#flask#mvp#python#restful-api#socket-io#svelte
Download

Whisper ā€“ Real-Time Secure Communication Terminal

šŸ“‚ File Tree

ā”œā”€ā”€ backend
ā”‚   ā”œā”€ā”€ app
ā”‚   ā”‚   ā”œā”€ā”€ __init__.py
ā”‚   ā”‚   ā”œā”€ā”€ config.py
ā”‚   ā”‚   ā”œā”€ā”€ extensions.py
ā”‚   ā”‚   ā”œā”€ā”€ models.py
ā”‚   ā”‚   ā”œā”€ā”€ repository.py
ā”‚   ā”‚   ā”œā”€ā”€ routes.py
ā”‚   ā”‚   ā”œā”€ā”€ services.py
ā”‚   ā”‚   ā””ā”€ā”€ sockets.py
ā”‚   ā”œā”€ā”€ .dockerignore
ā”‚   ā”œā”€ā”€ Dockerfile
ā”‚   ā”œā”€ā”€ main.py
ā”‚   ā””ā”€ā”€ requirements.txt
ā”œā”€ā”€ frontend
ā”‚   ā”œā”€ā”€ src
ā”‚   ā”‚   ā”œā”€ā”€ components
ā”‚   ā”‚   ā”‚   ā”œā”€ā”€ KillSwitch.svelte
ā”‚   ā”‚   ā”‚   ā”œā”€ā”€ MessageComposer.svelte
ā”‚   ā”‚   ā”‚   ā”œā”€ā”€ MessageFeed.svelte
ā”‚   ā”‚   ā”‚   ā””ā”€ā”€ PassphraseModal.svelte
ā”‚   ā”‚   ā”œā”€ā”€ services
ā”‚   ā”‚   ā”‚   ā”œā”€ā”€ crypto.js
ā”‚   ā”‚   ā”‚   ā””ā”€ā”€ socket.js
ā”‚   ā”‚   ā”œā”€ā”€ state
ā”‚   ā”‚   ā”‚   ā””ā”€ā”€ store.js
ā”‚   ā”‚   ā”œā”€ā”€ App.svelte
ā”‚   ā”‚   ā””ā”€ā”€ main.js
ā”‚   ā”œā”€ā”€ .dockerignore
ā”‚   ā”œā”€ā”€ Dockerfile
ā”‚   ā”œā”€ā”€ index.html
ā”‚   ā”œā”€ā”€ package-lock.json
ā”‚   ā”œā”€ā”€ package.json
ā”‚   ā””ā”€ā”€ vite.config.js
ā”œā”€ā”€ .dockerignore
ā”œā”€ā”€ .gitignore
ā”œā”€ā”€ Makefile
ā”œā”€ā”€ README.md
ā””ā”€ā”€ docker-compose.yml

šŸ§© Project Overview

Whisper is a secure, real-time messaging system designed for investigative teams needing fully encrypted communication.

  • Messages are encrypted client-side; backend stores only ciphertext.
  • Supports real-time broadcasting over WebSockets.
  • Lightweight MVP designed to ship quickly under strict constraints.

āš” Tech Stack & Choices

Layer Choice Reason / Notes
Backend Python, Flask, Flask-SocketIO Lightweight, fast prototyping
Web Server Gunicorn + Gevent Handles Socket.IO concurrency
Frontend Svelte + Vite Fast SPA, minimal boilerplate
Database SQLite Simple persistence, avoids complex setup
Security AES + SHA256 via crypto-js Lightweight client-side encryption
API REST Simpler than GraphQL for MVP
Styling/UI Minimal, no dark theme, basic HTML/CSS Focus on functionality over aesthetics

šŸ›” Kill Switch (Panic Mode)

  • Activated by pressing ESC key 3 times consecutively.

  • Actions on activation:

    1. Disconnects all Socket.IO connections immediately.
    2. Clears all local frontend state (messages, passphrase).
    3. Replaces UI with a generic 404 page or placeholder widget.

  • No database wipe occurs ā€” backend ciphertext is preserved.

  • Implemented in frontend/src/components/KillSwitch.svelte + frontend/src/state/store.js.

šŸ— Architecture

Browser
   ā”‚
   ā–¼
Nginx (frontend container)
   ā”‚
   ā”œā”€ā”€ / ā†’ Svelte SPA
   ā”‚
   ā”œā”€ā”€ /api ā†’ Flask REST backend
   ā”‚
   ā””ā”€ā”€ /socket.io ā†’ Flask-SocketIO
  • Frontend connects to backend over internal Docker network.
  • Backend broadcasts encrypted messages to all clients via Socket.IO.
  • No server-side plaintext processing ā€” fully blind relay.

šŸš€ Setup / Dev Instructions

Run everything in one command:

docker compose up -d --build

Endpoints:

  • Frontend: http://localhost
  • Backend Health: http://localhost/api/health
  • Socket.IO: ws://localhost/socket.io/

Stop everything:

docker compose down

Remove persistent SQLite volume:

docker compose down -v

šŸ” Security & Implementation Notes

  • Shared Secret: Client asks for "Team Passphrase" ā†’ derives AES key.

  • Message Encryption: All plaintext encrypted locally using AES + SHA256 passphrase via crypto-js.

  • Frontend Simplicity:

    • No message bubbles, typing indicators, or extra colors.
    • Focused purely on secure messaging and Kill Switch functionality.

  • Backend Logging: print() statements in sockets.py used instead of logging library.

  • SQLite over Postgres: Chosen for lightweight dev MVP, avoids multi-container DB setup.

  • REST API only: No GraphQL.

āš– Trade-Off Analysis

Decision Trade-Off / Reason
Symmetric AES Fast & simple, avoids key exchange complexity
SQLite Lightweight, single file DB; not suitable for heavy concurrency
REST API Simpler to implement and debug for MVP
Minimal UI Prioritize secure functionality & Kill Switch over aesthetics
No logging library Quick debug via print() during MVP dev
SHA256 + crypto-js Lightweight crypto suitable for client-side encryption
Kill Switch Focused on security UX; intentionally does not wipe backend DB

šŸ“¦ Docker Notes

  • Backend Image: whisper-api
  • Frontend Image: whisper-frontend
  • Multi-stage builds reduce image size.
  • Internal Docker network ensures frontend can reach backend via backend:5000.
  • Volumes: whisper_data stores encrypted SQLite messages.

šŸ“ Evaluation Criteria

  • Security Hygiene: No plaintext storage on server; encryption isolated.

  • Concurrency: Backend broadcasts messages without blocking; frontend appends efficiently.

  • Architectural Integrity: Kill Switch works without exposing data.

  • Code Quality: Clear separation:

    • Backend: Controller ā†’ Service ā†’ Repository
    • Frontend: View ā†’ State ā†’ Service

Top categories

tailwinddaisyuiadmin templatepopupmdsvexportfolioblogformecommerceuicarouselauthdarkseoimagerouting
Loading Svelte Themes