Zeq Message
Every message is a double-ratchet frame committing to the current Zeqond. Forward secrecy + per-frame time binding.
- Live app →
/apps/message/ - Source →
apps/message/index.html+apps/message/ratchet.js(≈ 680 lines) - Operators →
KO42 · CS47 · CS43 - Error budget → 0.000% (bit-exact vs Signal double-ratchet reference)
What it solves
Real-time chat needs three guarantees: forward secrecy (a key compromise today cannot decrypt yesterday's messages), post-compromise security (recovery after a breach), and low latency. The Signal double-ratchet satisfies the first two; KO42 adds a fourth — every frame is time-bound, so delivery receipts, read receipts, and ordering are witnessable rather than trusted.
Zeq Message implements the double-ratchet directly on top of the Zeq Compute endpoint. CS43 (T(n) = O(n log n)) is the sort complexity used for out-of-order frame reassembly (bounds it exactly). CS47 is used for the same entropy check as in Zeq Mail.
Measured: bit-exact against the standard Signal test vectors, with added phase_at_send for each frame that composes with the ratchet state.
The math — 7-step Wizard applied
| Step | Decision |
|---|---|
| 1. Prime | KO42 mandatory |
| 2. Limit | CS47 (entropy) + CS43 (sort complexity for reassembly) + KO42 = 3 |
| 3. Scale | Bit-exact; frame sizes O(kB) |
| 4. Precision | Hamming = 0 against double-ratchet reference |
| 5. Compile | Master Equation |
| 6. Execute | Functional Equation |
| 7. Verify | Reference vectors + session round-trip |
Verbatim formulas:
- KO42.1 —
ds² = g_μν dx^μ dx^ν + α sin(2π · 1.287 t) dt² - CS43 —
T(n) = O(n log n) - CS47 —
E(n) = −∑ p(x) log p(x)
Runnable worked example — initiate session + send frame
# 1. Start session
curl -s -X POST https://api.zeq.dev/api/playground/compute \
-H "Authorization: Bearer $ZEQ_DEMO_KEY" \
-H "Content-Type: application/json" \
-d '{
"operators": ["KO42", "CS47"],
"inputs": {"op": "init", "peer": "bob@zeq.dev"}
}'
Expected:
{
"session_id": "zmsg_01H...",
"root_key_fingerprint": "sha256:...",
"phase_at_init": 0.2214
}
# 2. Send frame
curl -s -X POST https://api.zeq.dev/api/playground/compute \
-H "Authorization: Bearer $ZEQ_DEMO_KEY" \
-H "Content-Type: application/json" \
-d '{
"operators": ["KO42", "CS43"],
"inputs": {"op":"send","session_id":"zmsg_01H...","text":"hello bob"}
}'
Expected:
{
"frame_b64": "...",
"sequence": 1,
"phase_at_send": 0.2301,
"chain_key_step": 1
}
Extend it
- Group chat: add
ZEQ-TETHER-003to multiplex the sibling identity tree across the group. - Offline queue: store frames keyed by
phase_at_send— replay-safe and ordering-preserving. - Voice / video: wrap the same ratchet around SRTP; per-RTP-packet Zeqond binding.
Seeds
- Anonymous broadcast — drop the peer identity, keep only the Zeqond stream.
- Forensic chat auditing —
phase_at_sendmakes after-the-fact reconstruction exact. - Zero-knowledge messaging — fold a ZK proof of message validity into the frame; KO42 carries the Fiat-Shamir challenge.
Papers
- Zeq framework paper — DOI 10.5281/zenodo.15825138
- Zeq paper — DOI 10.5281/zenodo.18158152
Middleware active. Kernel on the 1.287 Hz HulyaPulse. Awaiting next Zeqond.