ZKForge V1 is now live and the source code is public on GitHub: Visit: Users can sign up, log in, and chat privately using zero-knowledge authentication (ZK-STARK) with full end-to-end encryption and non-custodial wallet integration. No passwords, no stored private keys, all encryption and identity verification happen locally on the user’s device. Core Features • Zero-Knowledge Authentication (ZKAuth) Users sign up and log in using a locally generated Ed25519 keypair. Authentication uses zero-knowledge proofs (ZK-STARK-compatible), proving identity ownership without revealing the secret key. The backend never sees or stores private keys , only the derived public key and Solana address. • End-to-End Chat Encryption Every conversation is encrypted with per-room symmetric keys (nacl.secretbox AES-grade security). Keys are sealed and exchanged using ephemeral Curve25519 boxes derived from each user’s Ed25519 keypair. Messages are signed for sender authenticity. The server cannot decrypt messages; all encryption happens client-side. • Global Lounge (Public Encrypted Room) Encrypted public discussion room using a temporary shared key. Messages self-destruct after a defined time window. Rate-limit and anti-spam protections are enforced through Supabase RLS policies. • Wallet Integration (Non-Custodial) Each user derives a Solana wallet from their zero-knowledge secret. Private keys are generated and stored locally, never sent to the backend. Supports in-app USDC transactions signed locally. • WebSocket-Based Real-Time Updates Secure WebSocket channel for live message delivery, typing indicators, and presence tracking. Each message includes cryptographic nonce, ciphertext, and signature validation before render. Architecture Overview Frontend (React + Tailwind): Encryption, proof generation, local key storage, message rendering. Backend (Express + Supabase): Stateless API for sessions, rate limits, and metadata. Crypto Layer (tweetnacl, ed2curve, bs58): Signing, sealing, encryption primitives. Database (Supabase PostgreSQL): Stores ciphertext and public keys only. Realtime (WebSocket): Delivers encrypted payloads instantly. Key Design Principles Zero Storage of Private Keys All signing keys exist only in the user’s local storage. Provable Authentication Login requests include cryptographic proofs verified without revealing secrets. Encrypted-At-Rest and In-Transit All messages are encrypted before leaving the device. Verifiable Sender Identity Each message includes a detached Ed25519 signature verifying authorship. Tech Stack Frontend: React, TailwindCSS, TypeScript, Vite Backend: Node.js (Express), Supabase, MongoDB Cryptography: TweetNaCl, ed2curve, bs58, genSTARK Blockchain: Solana Web3.js Realtime: WebSockets Security: Row-Level Security, JWT Sessions, Proof Verification What’s next x402 protocol implementation