Welcome to BhasaGrid

Signal-Grade Security Meets WhatsApp-Grade Interaction.

BhasaGrid is a multi-layered, post-quantum resilient messaging ecosystem engineered to defend communications against conventional and future surveillance threats. Architected as a hybrid solution, it guarantees high-throughput user interaction (4K media streaming, fluid UI transitions) without compromising forward secrecy.

🔗 Secure Download Portal

Launch the Secure Access Portal to download compiled platform binaries, including Android APK packages, iOS setup guides, Windows executables, and macOS DMG installers.

Open Download Portal

Quick Start Guide

Begin securing your communications in three simple steps.

1

Generate Anonymous Identity

Create a secure profile on the portal or client app. No phone number or personal email required. The system auto-generates a secure 4-digit User ID (a public address handle) and a private 6-digit Recovery PIN.

2

Share Public Address Handle

Provide your 4-digit public User ID to your contacts through safe verification channels. They add you to their client list instantly via the contact locator interface.

3

Initiate Secure Negotiation

Open a chat and send a message. The client automatically initiates an out-of-band PQC cryptographic key exchange, establishing an end-to-end encrypted channel.

Platform Guides: Universal Core

The cross-platform React Native code is encapsulated in the bhasagrid-universal/ package, ensuring shared utilities on both native devices and desktop wrappers.

🔧

Unified API

Standardizes cryptographic buffers, device bindings, storage caching, and networking states across platforms.

🔒

Secure Storage Map

Integrates hardware-backed platform bindings (iOS Secure Enclave and Android Strongbox API) to safeguard persistent keys.

Android Stabilization & Hermes Engine

Android platforms leverage the performance-oriented Hermes JavaScript engine, which has historically lacked full WebAssembly and cryptographic primitives.

WASM Lazy Silencing Shims

To avoid crashes when importing heavy cryptographic libraries, `libsodium-wrappers` are lazily initialized. The app shims the global WebAssembly context via `firebase-polyfills.js` and suppresses console warning logs during fallback evaluation.

Hermes Polyfill Hook

// Polyfill global hooks for WebAssembly on Native Hermes Engine
if (typeof WebAssembly === 'undefined') {
    global.WebAssembly = {
        instantiate: () => Promise.reject(new Error("Hermes pure-JS polyfill fallback active")),
        validate: () => false
    };
}

Web Portal & Electron Desktop Shell

The desktop wraps the Web client inside an Electron shell to allow background integration.

System Tray Minimization: The Electron wrapper intercepts window close calls and hides the process to the system tray, keeping secure listeners active.
Web Crypto API: Web clients use browser-native `SubtleCrypto` for hardware-accelerated AES-GCM operations.
Metro WebSocket Auto-Resume: Integrates custom foreground listeners. On platform resume, a WebSocket ping re-pokes connections before logs drop.

Secure Communications: Calculator Camouflage

To protect users against physical search or coercive inspection, mobile clients camouflage themselves as utility games or calculators.

1. CalcX Disguise

Presents a fully functional scientific calculator UI with complex evaluation logic. Access requires entering a customizable secret sequence (e.g. `7331 =`).

2. Interactive Game Decoys

Optionally configures playable decoders like Ludo, Guess Number, or Tic-Tac-Toe. Unlocking requires a triple-tap gesture on configured UI coordinates.

3. Decoy Emergency Profiles

Supports a configured "Decoy PIN" that opens a completely clean, empty dummy profile with mock messaging feeds to handle emergency inspections.

Sealed-Sender Messaging & Real-time Synchronization

To mask metadata, BhasaGrid utilizes Sealed-Sender envelopes when writing data to real-time streams.

Firestore Real-time Envelope

{
  "lastMessageTime": "2026-05-28T16:30:00Z",
  "lastMessage": "v3.5:9e73fa8e... (encrypted text payload)",
  "messages": {
    "msg_id": {
      "timestamp": "1779952448",
      "sealedEnvelope": "{\"s\":\"sender_pub_key\",\"m\":\"v3.5:cipher_payload...\"}"
    }
  }
}

Metadata Isolation: Message text and profile status indicators are securely encrypted. Only the raw `lastSeen` timestamp is queryable, allowing fast UI rendering without compromising message confidentiality.

3-Layer Media Vault Pipeline

High-resolution 4K media undergoes a Zero-Knowledge 3-Layer pipeline prior to cloud transmission. All operations are capped at a strict 100MB limit to protect memory bounds.

01

Deterministic Safety (AES-GCM-SIV)

Protects file metadata and provides robust nonce-misuse resistance, preventing ciphertext leakage even under accidental key duplication.

02

Performance Encryption (AEGIS-256 WASM)

Processes heavy 4K binaries directly via highly optimized WebAssembly AEGIS-256 wrappers, avoiding memory bloat and UI lagging.

03

Quantum Wrapping (ML-KEM-768 / Kyber)

Encapsulates the media master key in a post-quantum lattice-based shield, protecting files against future decryptions.

Technical: 5-Level Encryption Stack

Peer capabilities are exchanged during connection. Messages are encrypted at the highest common standard both peers support.

Level	Protocol	Cryptographic Primitives	Description
Level 7	v6 (PQ-Double Ratchet)	PQXDH + ML-KEM-768 + AES-GCM	Signal Protocol with active lattice-based quantum handshakes.
Level 6.5	v5.5 (PQC Baseline)	ML-KEM-768 + ChaCha20-Poly1305	Fallback quantum baseline utilizing stream cipher protocols.
Level 5	v4 (Classical Ratchet)	Double Ratchet (X25519) + AES-GCM	Standard Signal protocol rotation for non-PQC devices.
Level 4	v3.5 (AES-GCM-SIV)	AES-GCM-SIV + Argon2id	Memory-hard derivation keys utilizing synthetic nonces.
Archive	v1 - v3 (Legacy)	CryptoJS AES-CBC fallback	Read-only historical envelope decryption shim.

Cross-Platform Decryption & CTR Recovery

To maintain backward compatibility with old web messages that wrote a dummy AES-GCM tag (due to library limits), native clients implement a cascading CTR Recovery solver.

Combination Cascade

If decryption fails, the recovery block attempts 3 key styles × 4 IV padding strategies = 12 combined attempts to decrypt old shims safely:

CTR Recovery Cascade Loop

// Safe CTR Recovery cascade cascade inside decryption pipelines
const keys = [SHA256(secretKey), Buffer.from(secretKey, 'hex'), Buffer.from(secretKey, 'utf8')];
const ivPaddingOptions = [
    rawIV, 
    Buffer.concat([rawIV.slice(0, 12), Buffer.from('00000002', 'hex')]),
    Buffer.concat([rawIV.slice(0, 12), Buffer.from('00000001', 'hex')]),
    Buffer.concat([rawIV.slice(0, 12), Buffer.from('00000000', 'hex')])
];

Zero-Leak RAM Shredding & Memory Hygiene

To defend against physical RAM forensic dumps, BhasaGrid utilizes memory shredding for volatile credentials.

1

Buffer Overwrites

Private PINs and user credentials are converted into strict Uint8Arrays immediately upon keyboard entry.

2

Active Shredding (`secureWipe`)

Once authenticated, the arrays are physically overwritten with zeros (`0x00`) to wipe them from the JS heap before garbage collection triggers.

Memory Hardening Utility

// MemoryHardening.secureWipe implementation details
export function secureWipe(buffer: Uint8Array): void {
    if (buffer) {
        for (let i = 0; i < buffer.length; i++) {
            buffer[i] = 0x00; // Physically overwrite memory buffers in RAM
        }
    }
}

Support & FAQ: Credential Hygiene & Auth UX

To avoid security lockouts, BhasaGrid uses a unified identity model combining password recovery with Google OAuth account linking.

Plain-Text Queryable Invariant: To allow contact locator queries, the 4-digit social handle `userId` is queryable in plain text on Firestore, while critical validation PINs are always encrypted under `v5.5`.
Lazy Profile Migration: The system transparently checks database profiles on login, auto-migrating and updating plain credentials to `v5.5` standards.
Account Linking Nudges: Users authenticated with Google OAuth are optionally nudged via non-blocking modals (`AccountLinkModal.js`) to set a secondary password for secure recovery.

Frequently Asked Questions

How is my 4-digit User ID different from my private login PIN?

Your User ID is a public social address handle used by contacts to find you on Firestore. Your PIN is a private validation credential that is encrypted client-side and never shared or queried in plain text.

Can I decrypt old messages across different devices?

Yes. The clients integrate a multi-strategy GCM-to-CTR legacy recovery cascade. If standard GCM decryption fails, the recovery solver tries 12 key-IV combinations to gracefully unwrap older format envelopes.

How does the memory-leak secure wiping protect me?

Usually, data typed into inputs stays in your device's memory (RAM) for long periods. BhasaGrid bypasses this by storing inputs as mutable Uint8Arrays and physically zeroing out (`secureWipe`) the buffers as soon as operations complete, resisting forensic hardware extraction.

Troubleshooting Matrix

Quick operational checks to solve synchronization or connection anomalies.

❌ 🔒 [Native Legacy Fail] Error

Description: Indicates GCM decryption rejected a message due to a bad authentication tag.

Solution: The fallback recovery block should trigger automatically. If it fails, check the key-length variables in local logs, restart the application to pull updated peer capabilities, and re-sync.

❌ Grey Lock or Empty Encrypted Text

Description: The envelope was decrypted successfully, but the inner sealed-sender JSON failed to parse.

Solution: Ensure your client is updated to the `v5.5` baseline. Verify that the envelope payload starts with the correct sealed structure `{"s":...,"m":...}`.

❌ Metro Logs Disconnected

Description: Connection dropped after native clients backgrounded.

Solution: Tap the screen to foreground the client. The auto-resume hook in `auth-context.js` will send a WebSocket ping to re-establish connections.

Changelog & Vision: Release Notes

Historical audit of BhasaGrid updates.

v5.5 (Hybrid Identity & Auth UX Hardening)

Current Production

Major platform stabilization targeting cryptographic synchrony, credential safety, and UX enhancements.

✓ Integrated 12-combo GCM-to-CTR legacy recovery cascade
✓ Added `MemoryHardening` RAM zero-wipe shredding buffers
✓ Deployed lazy database identity migration to `v5.5` encrypted PINs
✓ Incorporated non-blocking Google-to-password recovery modals
✓ Audited repository and removed legacy files and keys from history

Feature Roadmap

Current development timelines for planned post-quantum features.

Phase 11 (Q3 2026)

Sovereign Signaling Migration

Replacing Firebase transport layers with independent Node.js signaling bridges.

Phase 12 (Q4 2026)

Group Double Ratchets

Post-quantum multi-peer secure conversations for up to 50 active clients.

Standards Compliance

WCAG 2.2 Accessibility Guidelines - Accessibility standards
Google Material Design 3 - Responsive component specs
Apple Human Interface Guidelines - Platform safety and secure store practices