Show HN: CommunisP, Peer-to-Peer (P2P) Encrypted (E2EE) Chat (Web)App

communisp.com

2 points by superninaj43 a day ago

Meet CommunisP, a real-time peer-to-peer chat platform that leaves no room for eavesdroppers. We built it from the ground up on ephemeral ECDH encryption (signed via ECDSA) and HKDF-based, re-keying every 60 seconds—so you stay in control of the conversation at all times. No middleman servers store or forward your messages; you connect directly peer-to-peer, using a minimal signaling layer and a custom STUN-like approach for NAT traversal.

No sign-ups required—just real P2P chat with robust E2EE and rapid key rotation. If privacy matters to you, CommunisP has you covered.

Key Advantages Ephemeral E2EE Each chat session is protected by short-lived ECDH keys (with ECDSA signatures to thwart man-in-the-middle). Combined with HKDF and automatic key rotation, your encryption is always fresh—limiting exposure even if one key is compromised.

True Peer-to-Peer Messages and files flow directly over WebRTC Data Channels. We chunk and encrypt file transfers end to end, so there’s no central server bottleneck or archiving your data.

Rapid Re-Keying Every 60 seconds, we regenerate ephemeral keys using HKDF, giving you continuous forward secrecy rather than a static “one key per conversation” approach.

“Ping” Push Notifications Want to nudge a contact to come online? We provide an optional push system that sends minimal metadata only: the sender’s nickname, a short message, and a link. This design reduces the private data exposed to notification services—responding to privacy concerns about providers like Apple leaking push notification metadata.

Minimal Backend Footprint We do keep a simple server for NAT punching and push subscriptions, but not for hosting or storing your messages. You control your own peer connections and decide how or whether you want push notifications at all.

Ready to try a Signal-level secure alternative that cuts out the centralized middleman? Check out CommunisP and experience real-time, ephemeral, peer-to-peer encryption firsthand.

Live Site: https://CommunisP.com/

pravosleva 16 hours ago

Open source?

  • superninaj43 13 hours ago

    I'm not labelling it open source yet, but it's vanilla javascript ran client side (the various encryption etc) so if you 'view page source' you can see the vast majority of the code and you can use network monitoring tools to see no data is being sent server side aside when logging in, 'heartbeats' for the active peer list, and the 'Ping' (push notification) feature for people using it as a progressive web application