Sovereign Media Platform for Civic Journalism
A secure, encrypted, and community-driven platform designed for independent journalists, investigative reporters, and civic contributors who need military-grade security for their work.
SMP Civic is a comprehensive platform that combines investigative journalism with cutting-edge encryption technology to protect journalists, sources, and sensitive information in high-risk environments.
- Secure Communication: End-to-end encrypted messaging for journalists
- Zero-Knowledge Storage: Client-side encryption before any data leaves your device
- Community-Driven: Collaborative platform for civic journalism
- Future-Proof: Post-quantum cryptography ready for the quantum era
- RSA-4096-OAEP: Asymmetric encryption for secure key exchange
- AES-256-GCM: Symmetric encryption for high-speed data protection
- Curve25519 E2EE: End-to-end encrypted messaging
- Post-Quantum Ready: Kyber1024 + Dilithium5 for quantum resistance
- Client-side file encryption before upload
- Password-based key derivation (PBKDF2, 100k iterations)
- Encrypted metadata protection
- Tamper-proof file fingerprinting
- Perfect Forward Secrecy for messaging
- Self-destruct messages
- Comprehensive audit logging
- Tamper-proof security monitoring
frontend/
├── src/utils/encryption.js # WebCrypto API utilities
├── SecurityDashboard # Key management interface
├── SecureMessaging # E2EE messaging system
├── InvestigationsPage # Journalism content
├── GeopoliticsPage # Regional analysis
├── ContributorsPage # Community features
└── App.css # Security-focused UI
backend/
├── apps/encryption/core.py # Comprehensive crypto manager
├── apps/encryption/models.py # Database schema
├── apps/encryption/views.py # REST API endpoints
├── apps/authentication/ # User management
└── apps/core/ # Platform core
- Node.js 18+
- Python 3.11+
- Modern Browser with WebCrypto API support
-
Clone the repository
git clone https://github.com/atonixdev/smp-civic.git cd smp-civic -
Frontend Setup
cd frontend npm install npm startThe React app will be available at
http://localhost:3000 -
Backend Setup
cd backend # Create virtual environment python -m venv venv source venv/bin/activate # On Windows: venv\\Scripts\\activate # Install dependencies pip install -r requirements.txt # Run migrations python manage.py migrate # Create superuser python manage.py createsuperuser # Start server python manage.py runserver
The Django API will be available at
http://localhost:8000
- Access Security Dashboard: Navigate to
/security(requires login) - Generate Keys: Click "Generate RSA-4096 Key Pair"
- Test Encryption: Upload a test file with password encryption
- Verify Logs: Check the security log for successful operations
The Security Dashboard is your control center for all encryption operations:
- ** Encryption Status**: Real-time monitoring of crypto capabilities
- ** Key Management**: Generate, import, and manage encryption keys
- ** File Encryption**: Zero-knowledge file encryption with client-side processing
- ** Security Log**: Comprehensive audit trail of all security events
End-to-end encrypted communication system:
- ** E2EE Messages**: All messages encrypted with recipient's public key
- ** Self-Destruct**: Optional automatic message deletion
- ** Metadata Protection**: Communication patterns protected
- ** Delivery Confirmation**: Encrypted status updates
Professional tools for investigative journalism:
- ** Investigations**: Secure document management and collaboration
- ** Geopolitics**: Regional analysis and reporting tools
- ** Contributors**: Community features with social interactions
- ** Legal Briefs**: Secure legal document handling
POST /api/v1/auth/login/ # User login
POST /api/v1/auth/register/ # User registration
POST /api/v1/auth/logout/ # User logout
GET /api/v1/encryption/status/ # Encryption capabilities
POST /api/v1/encryption/keys/ # Generate key pairs
GET /api/v1/encryption/keys/public/ # Get public keys
POST /api/v1/encryption/content/encrypt/ # Encrypt content
POST /api/v1/encryption/content/decrypt/ # Decrypt content
POST /api/v1/encryption/messages/ # Send encrypted message
GET /api/v1/encryption/messages/ # Get messages
| Component | Algorithm | Key Size | Security Level |
|---|---|---|---|
| Symmetric | AES-256-GCM | 256-bit | High |
| Asymmetric | RSA-OAEP | 4096-bit | Very High |
| E2EE | Curve25519 | 256-bit | High |
| Hashing | SHA-256/SHA-512 | 256/512-bit | High |
| Key Derivation | PBKDF2 | 100k iterations | High |
| Post-Quantum | Kyber1024 + Dilithium5 | PQ-Safe | Quantum-Resistant |
- ** Generate unique keys** for each device/story
- ** Backup encryption keys** securely offline
- ** Rotate keys regularly** for high-sensitivity work
- ** Use dedicated devices** for sensitive investigations
- ** Access via VPN/Tor** when possible
- ** Monitor security logs** regularly
- ** Update dependencies** frequently
- ** Implement rate limiting** on API endpoints
- ** Scale encryption services** based on usage
- ** Use hardware security modules** for production keys
We welcome contributions from the journalism and security communities!
- Fork the repository
- Create a feature branch:
git checkout -b feature/amazing-feature - Make your changes with proper testing
- Commit changes:
git commit -m 'Add amazing feature' - Push to branch:
git push origin feature/amazing-feature - Open a Pull Request
- ** Security audits** and vulnerability reports
- ** Cryptographic improvements** and optimizations
- ** New encryption algorithms** integration
- ** Security documentation** and guides
- Full Post-Quantum Integration: Complete PQC implementation
- Mobile Applications: Native iOS/Android apps
- Federation Support: Cross-platform secure messaging
- Advanced Analytics: Privacy-preserving usage insights
- AI-Powered Verification: Automated fact-checking tools
- Blockchain Integration: Immutable publication records
- Advanced Collaboration: Real-time encrypted editing
- Source Protection: Enhanced anonymity features
- ** Email**: [email protected]
- ** Security**: [email protected]
- ** Tips**: [email protected]
- ** Documentation**: docs.smpcivic.org
- ** Discord**: SMP Civic Community
- ** Twitter**: @SMPCivic
- ** Blog**: blog.smpcivic.org
This project is licensed under the GNU Affero General Public License v3.0 (AGPL-3.0) - see the LICENSE file for details.
- Zero-Knowledge: We cannot access your encrypted content
- Minimal Data: Only necessary metadata is stored
- No Tracking: No user behavior analytics
- Open Source: Full transparency in our code
If you discover a security vulnerability, please send details to [email protected]. We will respond within 24 hours and work with you to address the issue responsibly.
- ** Cryptography Libraries**: OpenSSL, NaCl, liboqs
- ** Web Technologies**: React, Django, WebCrypto API
- ** Security Standards**: NIST, FIPS, Common Criteria
- ** Research**: Based on Signal Protocol, age encryption
- ** Cryptography Community**: For advancing secure communications
- ** Journalism Organizations**: For security requirements and feedback
- ** Security Researchers**: For audits and improvements
- ** Open Source Community**: For contributions and support
** SMP-Civic Platform - Secure • Transparent • Community-Driven**
Built with for a more transparent world
