AcroNet — Obsidian Forge

Post-Quantum · Zero-Trust · Serverless · Forensic-Hardened Messenger

---

Table of Contents

1. Overview
2. Architecture
3. The Speakeasy — Camouflage System
4. Cryptographic Stack
5. Network & Transport Layer
6. Forensic Countermeasures
7. Feature Reference
8. Project Structure
9. Technology Stack
10. Build & Run
11. Screenshots
12. Version History & Changelog
13. Security Model Summary
14. Disclaimer

---

Overview

AcroNet is a fully decentralized, end-to-end encrypted messaging platform engineered for zero-trust environments. It operates under a protocol codenamed Obsidian Forge, which replaces traditional messaging UI patterns with a multi-layered camouflage architecture.

To any forensic examiner, network sniffer, or casual observer, the application appears — and functions — as a legitimate cryptocurrency trading client called MarketPulse. Beneath that surface lies a post-quantum encrypted messenger that routes messages through disposable Nostr relays, leaves no server-side trace, and can self-destruct its entire cryptographic state on command.

Core Design Principles

Principle	Implementation
Zero Trust	No central server, no Firebase, no AWS. All routing via disposable NIP-01 Nostr relay pool
Post-Quantum Safety	Hybrid X25519 + Kyber-512 key exchange; session key survives if either primitive holds
Forensic Plausibility	Fully functional decoy trading app with seeded trade history, fake API keys, and portfolio data
Cryptographic Sovereignty	Identity derived from a 12-word BIP39 mnemonic; no phone number, no email, no central authority
Physical Erasure	RandomAccessFile zero-fill on NAND sectors; not a UI delete — bytes are physically overwritten

---

Architecture

High-Level System Diagram

graph TB
    subgraph SURFACE["Surface Layer — MarketPulse Decoy"]
        MP_UI["Live Binance WebSocket Feed"]
        MP_CHART["MPAndroidChart Candlesticks"]
        MP_OB["Order Book & Trade Ticker"]
        MP_SET["Settings / Terms / Privacy"]
    end

    subgraph AUTH["Authentication Gate"]
        TRIGGER["Triple-Tap Title → Shatter Animation"]
        PIN["PIN / Biometric Verification"]
        DURESS["Duress PIN → Decoy DB"]
    end

    subgraph VAULT["AcroNet Secure Vault"]
        DASH["Dashboard — Contact List"]
        CHAT["Chat — E2EE Messenger"]
        PROFILE["Profile — Key Management"]
        SETTINGS["Transport & Security Settings"]
    end

    subgraph CRYPTO["Cryptographic Core"]
        IDENTITY["BIP39 Identity Manager"]
        KEX["X25519 + Kyber-512 Handshake"]
        CIPHER["AES-256-GCM Message Cipher"]
        DB["SQLCipher Encrypted Database"]
        VANISH["VanishMode — RAM Eviction"]
    end

    subgraph NETWORK["Network Layer"]
        NOSTR["NIP-01 Nostr Relay Pool"]
        BLE["BLE Mesh Router"]
        NAN["Wi-Fi Aware NAN Node"]
        P2P["LAN P2P Swarm Transfer"]
    end

    subgraph FORENSIC["Anti-Forensic Layer"]
        DECOY_GEN["Forensic Decoy Generator"]
        PIN_ROUTER["Dual-PIN Database Router"]
        LSB["LSB Image Steganography"]
        TRAFFIC["Traffic Shaper — MPEG-TS Mimicry"]
        RETRACT["Cryptographic Retraction Protocol"]
        ZERO["Zero-Fill NAND Erasure"]
    end

    MP_UI --> TRIGGER
    TRIGGER --> PIN
    PIN -->|Real PIN| VAULT
    PIN -->|Duress PIN| DURESS
    VAULT --> CRYPTO
    CRYPTO --> NETWORK
    CRYPTO --> FORENSIC

Loading

End-to-End Message Lifecycle

sequenceDiagram
    participant A as Alice (Sender)
    participant DR as Double Ratchet
    participant SC as Schnorr Signer
    participant NR as Nostr Relay Pool
    participant DB as SQLCipher DB
    participant B as Bob (Receiver)

    A->>DR: Plaintext message
    DR->>DR: Ratchet step → derive AES-256-GCM key
    DR->>SC: Encrypt → Base64 ciphertext
    SC->>SC: BIP-340 Schnorr sign (secp256k1)
    SC->>NR: Publish blinded NIP-01 Event (zeroed timestamp)
    NR-->>B: Deliver event via subscription
    B->>SC: Verify Schnorr signature
    SC->>DR: Decrypt with session key
    DR->>DB: Store as Base64 ciphertext in SQLCipher
    DB-->>B: Display plaintext in ChatFragment

Loading

---

The Speakeasy — Camouflage System

AcroNet is not a messaging app. It is a fully functional cryptocurrency broker called MarketPulse.

Layer	What the examiner sees	What is actually happening
App Icon & Name	"MarketPulse" — stock chart icon	Launcher alias via AcroNetDecoyActivity
Home Screen	Live BTC/ETH/SOL/BNB/XRP candlestick chart	Real Binance WebSocket stream (wss://stream.binance.com)
Order Book	Flickering bid/ask depth feed	Mock depth data seeded from live spread
Trade History	Scrolling execution feed	Mock trades interpolated from live price
Quick Order	Buy/Sell panels with portfolio balance	Functional mock balance via SharedPreferences
Settings	Notifications, 2FA, API keys, cache clear	Standard trading app settings — all functional
Network Traffic	HTTPS to api.binance.com	Legitimate API calls; no AcroNet fingerprint
On-Disk Artifacts	marketpulse_trades.db with 150+ orders	Auto-generated forensic decoy data

Entry Trigger

Triple-tap the "MarketPulse" title bar
    → Physics-based shatter animation (spring-damped particles)
    → PIN / Biometric authentication gate
    → SQLCipher vault decryption
    → AcroNet Dashboard

Duress PIN System

Two PINs. Two databases. One truth.

	Real PIN	Duress PIN
Unlocks	AcroNet encrypted vault	Benign decoy chat database
Timing	Constant 350ms	Constant 350ms (timing-equalized)
Database	acronet_vault.db (real messages)	Decoy DB (fabricated conversations)
On 3 Failures	Full key wipe + database destruction	Same behavior (indistinguishable)

---

Cryptographic Stack

Identity Derivation

128-bit entropy → 12 BIP39 words
    → PBKDF2-SHA512 (2048 rounds) → 512-bit seed
    → HMAC-SHA512("AcroNet seed") → master key
    → Hardened path m/44'/777'/0'/0/0 → child key
    → X25519 private key + Kyber-512 seed + Nostr pubkey

No phone number. No email. No server registration. Recovery: enter 12 words on any device → full identity restored.

Hybrid Post-Quantum Key Exchange

Component	Algorithm	Purpose
Classical ECDH	X25519 (Curve25519)	Ephemeral key agreement, fast and proven
Post-Quantum KEM	Kyber-512 (NIST ML-KEM)	Lattice-based encapsulation, quantum-resistant
Key Derivation	HKDF-SHA256	Combines both shared secrets into single session key
Session Key	AES-256 (32 bytes)	Output: one symmetric key for message encryption

Security guarantee: If either X25519 or Kyber-512 survives a quantum attack, the session key remains unrecoverable.

Message Encryption

Property	Value
Algorithm	AES-256-GCM
Auth Tag	128-bit
IV	12 bytes, SecureRandom per message
AAD	SHA-256 of Genesis architect signature
Wire Format	Base64(IV[12] ‖ Ciphertext ‖ AuthTag[16])

The AAD (Additional Authenticated Data) is derived from the AcroNetGenesis block. If the source code's author identity is modified, the SHA-256 hash changes, the AAD mismatches, and every stored message permanently fails to decrypt.

Database Encryption

Property	Value
Engine	SQLCipher 4.5.4
Page Size	4096 bytes
KDF	PBKDF2-SHA512
Key Rotation	24-hour rolling via AcroNetDatabaseKeyManager
Key Storage	EncryptedSharedPreferences (Android Keystore-backed AES-256-GCM / AES-256-SIV)

---

Network & Transport Layer

Primary: Nostr Relay Pool (WAN)

Messages are broadcast as blinded NIP-01 events through a rotating pool of 10 disposable community relays:

wss://relay.damus.io        wss://nos.lol
wss://relay.snort.social     wss://relay.nostr.band
wss://nostr.wine             wss://relay.current.fyi
wss://eden.nostr.land        wss://nostr-pub.wellorder.net
wss://relay.nostr.info       wss://nostr.fmt.wiz.biz

Events use BIP-340 Schnorr signatures over secp256k1 for relay acceptance. Timestamps are zeroed to prevent timing correlation. Relay rotation prevents traffic profiling.

Mesh: BLE + Wi-Fi Aware (Zero-Internet)

Transport	Range	Throughput	Use Case
BLE Mesh (AcroNetBLERouter)	~100m	~2 Mbps	Routing table broadcast, peer discovery
Wi-Fi Aware NAN (AcroNetWifiAwareNode)	~100m	~50 Mbps	Text messaging without internet
LAN P2P Swarm (AcroNetWebRTCMesh)	Same subnet	~150 Mbps	Large file transfer (1MB chunks, AES-256-GCM per chunk)
MeshSync (AcroNetMeshSync)	LAN / Bluetooth	Variable	Multi-device pairing via QR → encrypted TCP/BT tunnel

Traffic Shaping

AcroNetTrafficShaper pads all outgoing packets to 1316 bytes (MPEG Transport Stream segment size: 188 × 7) and regularizes timing to 33ms intervals (30fps video cadence ± 5ms jitter). To a deep packet inspector, AcroNet traffic is indistinguishable from an HLS/DASH video stream.

---

Forensic Countermeasures

Module	Function
AcroNetForensicDecoy	Seeds fake Binance API keys, 150+ trade orders, portfolio JSON, WebSocket logs, and TOTP secrets on first launch
AcroNetDecoyGenerator	Generates benign decoy chat conversations with realistic human typing cadence and Indian university context
AcroNetPinRouter	Dual-PIN engine with constant-time (350ms) execution; forensically indistinguishable real vs. decoy unlock path
AcroNetLSBEncoder	Least Significant Bit steganography — hides AES-256-GCM-encrypted payloads in image pixel data (2 bits/channel, 3× redundancy, survives JPEG ≥ 85%)
AcroNetTrafficShaper	MPEG-TS packet mimicry to defeat DPI (Deep Packet Inspection)
AcroNetRetractionProtocol	Cryptographic delete: NIP-09 broadcast → DB row deletion → RandomAccessFile zero-fill on NAND → WAL/SHM purge
AcroNetZeroFill	Multi-pass random noise overwrite for file-level erasure
AcroNetMediaSanitizer	Strips EXIF, GPS, camera model, and all metadata from captured/received media
AcroNetVanishMode	Ephemeral mode: FLAG_SECURE (blocks screenshots), timed RAM eviction, byte-array zero-fill on message expiry

---

Feature Reference

MarketPulse Decoy

Feature	Description
Live Chart	Real-time Binance kline data via WebSocket combined stream; candlestick rendering via MPAndroidChart
Order Book	Simulated bid/ask depth feed derived from live spread data
Trade Execution	Buy/Sell panels with mock balance management via SharedPreferences
Portfolio View	Real-time P&L tracking based on mock holdings and live prices
Settings	Notification preferences, biometric lock, 2FA toggle, API key configuration, cache clearing, support contact, Terms of Service, Privacy Policy

AcroNet Messenger

Feature	Description
Dashboard	Contact list with unread badges, last message preview, online/offline status
Chat	Full E2EE messaging with sent/received/system message types, swipe-to-reply (spring physics), typing indicators
VanishMode	Timed self-destruct (30s default), FLAG_SECURE screenshot block, RAM byte-array zero-fill
QR Scanner	Portrait-locked camera scanner for contact exchange (ZXing)
Profile	Avatar glyph selector, neon aura color picker, hex public key display, key regeneration with double-warning
Nostr Status	Live connection indicator: 🟢 CONNECTED / 🟡 CONNECTING / 🔴 OFFLINE
Search	Real-time contact filtering on the dashboard
Starred	Bookmarked messages view
Provenance	Anti-deepfake media verification — ECDSA batch signing with chain-of-custody tracking

---

Project Structure

AcroNet_Source/app/src/main/java/com/acronet/
│
├── core/                          # Foundation
│   ├── AcroNetGenesis.kt          # Cryptographic authorship watermark & AAD lock
│   ├── AcroNetAudioRecorder.kt    # Secure audio capture
│   └── IAudioMatrix.kt            # Audio interface contract
│
├── crypto/                        # Cryptographic Engine (12 modules)
│   ├── AcroNetIdentityManager.kt  # BIP39 → PBKDF2 → HMAC-SHA512 → key derivation
│   ├── AcroNetKeyExchange.kt      # X25519 + Kyber-512 hybrid handshake
│   ├── AcroNetMessageCipher.kt    # AES-256-GCM encrypt/decrypt with Genesis AAD
│   ├── AcroNetSecureDatabase.kt   # SQLCipher vault (encrypted persistence)
│   ├── AcroNetDatabaseKeyManager.kt # 24-hour rolling key rotation
│   ├── AcroNetSessionKeyManager.kt  # Handshake lifecycle & session key cache
│   ├── AcroNetContactStore.kt     # Encrypted contact storage
│   ├── AcroNetIdentityStore.kt    # Persistent identity store
│   ├── AcroNetGroupEngine.kt      # Group messaging key distribution
│   ├── AcroNetShardManager.kt     # Key sharding for distributed backup
│   ├── AcroNetVanishMode.kt       # Ephemeral messaging & RAM eviction
│   └── SecureMessage.kt           # Message data model
│
├── network/                       # Transport (5 modules)
│   ├── AcroNetNostrRelay.kt       # NIP-01 WebSocket relay client
│   ├── AcroNetMessageRouter.kt    # Central routing: UI ↔ Cipher ↔ Relay
│   ├── AcroNetWebRTCMesh.kt       # LAN P2P swarm transfer (1MB chunks)
│   ├── AcroNetVoiceShard.kt       # Encrypted voice message transport
│   └── AcroNetLocalDaemonBridge.kt # Desktop client bridge
│
├── mesh/                          # Zero-Internet Transport (2 modules)
│   ├── AcroNetBLERouter.kt        # BLE advertisement mesh router
│   └── AcroNetWifiAwareNode.kt    # Wi-Fi Aware NAN node
│
├── forensics/                     # Anti-Forensic Suite (4 modules)
│   ├── AcroNetForensicDecoy.kt    # Trading data fabrication engine
│   ├── AcroNetDecoyGenerator.kt   # Decoy chat conversation generator
│   ├── AcroNetPinRouter.kt        # Dual-PIN plausible deniability
│   └── AcroNetMediaSanitizer.kt   # EXIF/GPS metadata strip
│
├── stealth/                       # Stealth Operations (1 module)
│   └── AcroNetZeroFill.kt        # Multi-pass file erasure
│
├── steganography/                 # Covert Communication (2 modules)
│   ├── AcroNetLSBEncoder.kt       # Image steganography (2-bit LSB, 3× redundancy)
│   └── AcroNetTrafficShaper.kt    # MPEG-TS packet mimicry
│
├── provenance/                    # Media Authentication (2 modules)
│   ├── AcroNetMediaSigner.kt      # ECDSA batch verification & deepfake scoring
│   └── AcroNetSecureCamera.kt     # Hardware-backed capture signing
│
├── system/                        # System Services (2 modules)
│   ├── AcroNetRetractionProtocol.kt # Cryptographic true delete
│   └── AcroNetMeshSync.kt        # Multi-device pairing engine
│
└── ui/                            # User Interface (10 modules)
    ├── AcroNetDecoyActivity.kt    # MarketPulse decoy launcher
    ├── AcroNetMainActivity.kt     # Secure vault activity
    ├── AcroNetAuthGate.kt         # PIN / Biometric gate fragment
    ├── AcroNetDashboardFragment.kt # Contact list dashboard
    ├── AcroNetChatFragment.kt     # E2EE chat fragment
    ├── AcroNetProfileFragment.kt  # Identity & key management
    ├── AcroNetSettingsFragment.kt # Security settings
    ├── AcroNetTransportSettings.kt # Nostr relay configuration
    ├── MarketPulseLiveSocket.kt   # Binance WebSocket client
    └── MarketPulseDataGenerator.kt # GBM volatility simulator

Total: 40 Kotlin source files across 10 packages.

---

Technology Stack

Category	Technology	Version	Purpose
Language	Kotlin	JDK 17	Primary development language
Build	Gradle (Kotlin DSL)	8.0+	Build system
Min SDK	Android API 26	(Oreo 8.0)	Minimum supported Android version
Target SDK	Android API 35	(Android 16)	Compile and target SDK
PQ Crypto	Bouncy Castle	1.77	X25519, Kyber-512, HKDF-SHA256, PBKDF2-SHA512
Database	SQLCipher	4.5.4	AES-256 encrypted SQLite
Networking	OkHttp	4.12.0	HTTP/WebSocket client
Serialization	Gson	2.10.1	JSON parsing
QR Codes	ZXing Embedded	4.3.0	QR generation & scanning
Charting	MPAndroidChart	3.1.0	Candlestick, line, and bar charts
Concurrency	Kotlin Coroutines	1.8.1	Async programming
Security	AndroidX Security-Crypto	1.1.0-alpha06	EncryptedSharedPreferences
Biometrics	AndroidX Biometric	1.1.0	Fingerprint / face unlock
Animation	DynamicAnimation	1.0.0	Spring-physics swipe-to-reply
Background	WorkManager	2.10.0	Background sync tasks
WebSocket	Java-WebSocket	1.5.3	NIP-01 Nostr relay transport
View Binding	AndroidX ViewBinding	—	Type-safe view references

---

Build & Run

Prerequisites

- Android SDK (API 26 – 35)
- JDK 17
- Gradle 8.0+
- Android Studio Koala (2024.1+) recommended

Clone & Build

git clone https://github.com/acro777x/AcroNet.git
cd AcroNet/AcroNet_Source

Windows:

.\gradlew.bat assembleDebug

macOS / Linux:

./gradlew assembleDebug

Output

app/build/outputs/apk/debug/app-debug.apk    (~37 MB)

Install on Device

adb install app/build/outputs/apk/debug/app-debug.apk

First Launch

1. Open MarketPulse from your app drawer
2. The app displays a live cryptocurrency trading interface
3. Triple-tap the "MarketPulse" title in the header bar
4. The UI shatters → PIN/Biometric gate appears
5. Authenticate → AcroNet Secure Dashboard loads

Pre-built APK: A signed debug APK is available at the repository root as acronet-v10-release.apk.

---

Screenshots

---

Version History & Changelog

Version	Codename	Date	Key Changes
V10.2	The Complete Weapon	2026-06-26	Profile fragment with avatar glyph & aura selector, live order book & trade ticker, WebSocket auto-reconnect loop, node search filter, decoy exchange panels
V10.1	The Complete Weapon	2026-06-24	Portrait-locked QR scanner (PortraitCaptureActivity), MPAndroidChart Y-axis auto-scaling fix, settings layout spacing cleanup, premium chat UI polish
V10.0	The Complete Weapon	2026-06-22	Full UI migration to Stitch Obsidian Dark design system, BIP-340 Schnorr signatures for Nostr event publishing, Ghost Chat branding purge, real QR generation/scanning
V9.0	Aristotelian Synthesis	2026-04-26	BIP39 identity manager, real X25519 + Kyber-512 key exchange, AcroNetNostrRelay NIP-01 transport, AcroNetPinRouter dual-PIN system, EncryptedSharedPreferences hardening
V8.5	Apex Synthesis	2026-04-25	Legacy ghost.app package purge, logo rebrand, dashboard consolidation
V8.0	Apex Covenant	2026-04-22	Dashboard fragment, VanishMode RAM eviction, AcroNetMediaSanitizer, 200-candle GBM chart simulator, AcroNetForensicDecoy data seeding
V7.0	Obsidian Forge	2026-04-21	Initial release: speakeasy entrance, shatter animation, AES-256-GCM encryption, SQLCipher database, Genesis AAD watermark
V6.0	Visual Vault	2026-04-20	Shatter transition physics, PRAGMA secure_delete, visual overhaul
V5.0	Apex / Epsilon	2026-04-19	Supreme Auditor test suite (12 tests), mesh drop-off validation, BLE dedup, provenance tamper detection, PIN timing equalization
V5.0	Apex / Delta	2026-04-19	LSB image steganography (3× redundancy, JPEG survival), traffic shaper (MPEG-TS mimicry, 30fps cadence)
V5.0	Apex / Gamma	2026-04-19	Dual-database PIN router (timing-equalized, cold boot defense), decoy chat generator
V5.0	Apex / Beta	2026-04-19	Hardware-backed anti-deepfake provenance, TEE P-256 ECDSA signing, byte-level tamper detection

---

Security Model Summary

┌─────────────────────────────────────────────────────────────────┐
│                      THREAT MODEL                               │
├─────────────────────────────────────────────────────────────────┤
│                                                                 │
│  Physical Device Seizure                                        │
│  ├─ Forensic decoy data passes as legit trading app             │
│  ├─ Dual-PIN: real vs decoy DB (timing-equalized)               │
│  ├─ SQLCipher encrypted database (24h rolling key)              │
│  ├─ 3-attempt wipe: full key destruction                        │
│  └─ NAND zero-fill on message retraction                        │
│                                                                 │
│  Network Surveillance (DPI / ISP)                               │
│  ├─ Traffic shaped to MPEG-TS video stream profile              │
│  ├─ Only visible traffic: HTTPS to api.binance.com              │
│  ├─ Nostr relay rotation prevents traffic fingerprinting        │
│  └─ BLE/NAN mesh for zero-internet communication                │
│                                                                 │
│  Quantum Computing Threat                                       │
│  ├─ Kyber-512 (NIST ML-KEM) post-quantum KEM                   │
│  ├─ X25519 classical ECDH as redundant layer                    │
│  └─ HKDF combination: either surviving = session key safe       │
│                                                                 │
│  Source Code Theft                                               │
│  ├─ Genesis block: SHA-256(author identity) bound as AAD        │
│  ├─ Modify author string → all databases permanently fail       │
│  └─ ProGuard minification on release builds                     │
│                                                                 │
│  Screenshot / Screen Recording                                  │
│  ├─ FLAG_SECURE blocks OS-level capture                         │
│  └─ VanishMode enforces ephemeral viewing                       │
│                                                                 │
│  Media Deepfakes                                                │
│  ├─ ECDSA provenance chain on all captured media                │
│  ├─ Batch verification with deepfake probability scoring        │
│  └─ FORGED overlay rendered on failed verification              │
│                                                                 │
└─────────────────────────────────────────────────────────────────┘

---

Disclaimer

This software is provided "as is", without warranty of any kind, express or implied. AcroNet is engineered for extreme privacy research and education. The developers assume no liability for misuse. Use responsibly and in compliance with applicable laws.

---

Engineered by Acro — Acro Void
The Genesis Block is immutable.