[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-79384":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":16,"stars7d":17,"stars30d":18,"stars90d":16,"forks30d":16,"starsTrendScore":16,"compositeScore":19,"rankGlobal":10,"rankLanguage":10,"license":20,"archived":21,"fork":21,"defaultBranch":22,"hasWiki":23,"hasPages":21,"topics":24,"createdAt":10,"pushedAt":10,"updatedAt":25,"readmeContent":26,"aiSummary":27,"trendingCount":16,"starSnapshotCount":16,"syncStatus":15,"lastSyncTime":28,"discoverSource":29},79384,"hush","hushhq\u002Fhush","hushhq","End-to-end encrypted messaging, voice, and video. Entry point that orchestrates every public component.","https:\u002F\u002Fgethush.live\u002F",null,"JavaScript",469,7,4,2,0,8,432,56.71,"GNU Affero General Public License v3.0",false,"main",true,[],"2026-06-11 04:06:54","\u003Cdiv align=\"center\">\n \u003Cimg src=\"https:\u002F\u002Fraw.githubusercontent.com\u002Fhushhq\u002Fhush\u002Fmain\u002F.github\u002Fassets\u002Fhush-logo.svg\" width=\"96\" height=\"96\" alt=\"Hush\" \u002F>\n\n# Hush\n\n**End-to-end encrypted messaging, voice, and video.**\n\n[Website](https:\u002F\u002Fgethush.live) · [Report a bug](https:\u002F\u002Fgithub.com\u002Fhushhq\u002Fhush\u002Fissues\u002Fnew\u002Fchoose) · [Discussions](https:\u002F\u002Fgithub.com\u002Fhushhq\u002Fhush\u002Fdiscussions)\n\n\u003Cimg src=\".github\u002Fassets\u002Fhush-demo.gif\" width=\"900\" alt=\"Hush desktop app preview\" \u002F>\n\n\u003C\u002Fdiv>\n\n---\n\nHush is a self-hostable communication platform built around the **Messaging Layer Security** protocol (RFC 9420). Every message, voice frame, and video frame is encrypted end-to-end on the client. Servers move bytes; they do not read them.\n\nThis repository is the **public entry point** for the Hush project:\n\n- **User-facing bug reports and feature requests** are filed here: \u003Chttps:\u002F\u002Fgithub.com\u002Fhushhq\u002Fhush\u002Fissues\u002Fnew\u002Fchoose>.\n- **Self-hosting entry points and architecture documentation** live here and link out to the component repos for implementation details.\n- **Community discussion** happens in [Discussions](https:\u002F\u002Fgithub.com\u002Fhushhq\u002Fhush\u002Fdiscussions).\n\nThe component repositories listed under [Repositories](#repositories) are\nimplementation nodes: they exist for code review and source ownership, not\nfor end-user triage. If you are unsure where a problem belongs, open the\nissue here and a maintainer will route it.\n\n## Why Hush\n\n- **Real E2EE for groups.** MLS group keys, forward secrecy, and post-compromise security, not the \"encrypted in transit, plaintext on the server\" pattern most chat apps ship.\n- **Self-hostable as the trust path.** The backend and media stack can run on infrastructure you control. Self-hosting is the way to verify the product end-to-end, not a secondary mode.\n- **Voice + video too.** LiveKit-based SFU with E2EE keys derived from the same MLS group state.\n- **Federation on the roadmap.** Server-to-server federation is in design; today every account lives on a single instance.\n- **Auditable.** Every component is open source under AGPL-3.0.\n\n## Self-host Hush\n\nThe production self-host path lives in\n[`hush-server`](https:\u002F\u002Fgithub.com\u002Fhushhq\u002Fhush-server). It provisions the\nbackend and media plane: API, PostgreSQL, Redis, LiveKit, Caddy, and storage\nwhere applicable.\n\nIt does **not** clone every Hush repository and it does **not** build the web\nclient. By default, self-hosted instances are used from the official web\nclient at \u003Chttps:\u002F\u002Fapp.gethush.live>.\n\n> Requires a Linux server, Docker Engine, Docker Compose, DNS for the app and\n> RTC hostnames, and ports `80`, `443`, `7880-7881\u002Ftcp`, and\n> `50020-50100\u002Fudp` open.\n\n```bash\ngit clone https:\u002F\u002Fgithub.com\u002Fhushhq\u002Fhush-server.git\ncd hush-server\n.\u002Fscripts\u002Fsetup.sh \\\n --domain chat.example.com \\\n --rtc-domain rtc.example.com \\\n --email you@example.com\n```\n\nWhat those values mean:\n\n| Argument | Meaning |\n|-|-|\n| `--domain` | Public hostname for the Hush API and admin dashboard. |\n| `--rtc-domain` | Public LiveKit signaling hostname for voice and video. |\n| `--email` | Email used by Let's Encrypt for TLS certificate registration and renewal. |\n\nAfter setup:\n\n1. Open the desktop client, or the webapp at \u003Chttps:\u002F\u002Fapp.gethush.live>.\n2. Add your instance URL, for example `https:\u002F\u002Fchat.example.com`.\n3. Register or sign in against that instance.\n4. Open `https:\u002F\u002Fchat.example.com\u002Fadmin\u002F` to bootstrap the admin dashboard with the secret printed by setup.\n\nFor IP-only development\u002FLAN testing:\n\n```bash\ngit clone https:\u002F\u002Fgithub.com\u002Fhushhq\u002Fhush-server.git\ncd hush-server\n.\u002Fscripts\u002Fsetup.sh --ip 203.0.113.42\n```\n\nFor the complete operational guide, read\n[`hush-server\u002FREADME.md`](https:\u002F\u002Fgithub.com\u002Fhushhq\u002Fhush-server#quick-start-self-hosting)\nand\n[`hush-server\u002Fdocs\u002FRUNBOOK.md`](https:\u002F\u002Fgithub.com\u002Fhushhq\u002Fhush-server\u002Fblob\u002Fmain\u002Fdocs\u002FRUNBOOK.md).\n\nIf you also self-host `hush-web`, update `CORS_ORIGIN` in the generated\n`hush-server` `.env` to your own web-client origin.\n\n## Local development workspace\n\nThis repository also contains a convenience script for contributors who need\nall public component repositories checked out side by side.\n\n```bash\ngit clone https:\u002F\u002Fgithub.com\u002Fhushhq\u002Fhush.git\ncd hush\n.\u002Fscripts\u002Fbootstrap.sh\n```\n\n`scripts\u002Fbootstrap.sh` clones `hush-web`, `hush-server`, `hush-crypto`,\n`hush-desktop`, `hush-mobile`, and `hush-directory` as sibling directories,\nthen starts the development compose stack from `hush-server\u002Fdocker-compose.yml`.\nIt is for local development, not the production self-hosting path.\n\n## Reporting bugs and requesting features\n\nAll user-visible bug reports and feature requests belong in this repository:\n\n- **Bug:** \u003Chttps:\u002F\u002Fgithub.com\u002Fhushhq\u002Fhush\u002Fissues\u002Fnew?template=bug_report.yml>\n- **Feature request:** \u003Chttps:\u002F\u002Fgithub.com\u002Fhushhq\u002Fhush\u002Fissues\u002Fnew?template=feature_request.yml>\n\nComponent repos (`hush-web`, `hush-server`, `hush-crypto`, `hush-desktop`,\n`hush-mobile`, `hush-directory`) are for implementation work and pull\nrequests. Issues opened there should be code-level: regressions reproducible\nagainst a specific commit, internal refactors, build\u002FCI breakage. User-level\nproblems get redirected to this repo.\n\nPublic GitHub issues are **not** for security disclosure. See\n[`docs\u002FTRIAGE.md`](.\u002Fdocs\u002FTRIAGE.md) for the disclosure path and for how the\nin-app anonymous bug reporter will hand off to a private tracker.\n\n## Architecture\n\nThe cross-repository product contract lives in\n[`docs\u002FCORE-INVARIANTS.md`](.\u002Fdocs\u002FCORE-INVARIANTS.md). Before changing auth,\nvault, device linking, MLS, messaging, voice, identity labels, desktop runtime,\ndeploy, or release flows, agents and maintainers must identify the impacted\ninvariants and run the targeted checks listed there.\n\nThe implementation boundaries for state ownership, TanStack Query adoption,\nruntime schemas, cross-device tests, and telemetry live in\n[`docs\u002FARCHITECTURE-BOUNDARIES.md`](.\u002Fdocs\u002FARCHITECTURE-BOUNDARIES.md).\n\n```\n ┌──────────────────────┐\n │ hush-web (PWA) │ React + Vite + WASM\n │ hush-desktop (Mac, │ Electron shell wrapping\n │ Linux, Windows) │ the same web bundle\n │ hush-mobile (RN) │ React Native (planned)\n └──────────┬───────────┘\n │\n MLS ciphertext over WSS\n │\n ┌──────────▼───────────┐\n │ hush-server │ Go · Postgres · Redis\n │ (relay + storage) │ + LiveKit SFU adapter\n └──────────┬───────────┘\n │\n ┌──────────▼───────────┐\n │ hush-crypto │ Rust · OpenMLS · WASM\n │ (MLS group state) │ shared by every client\n └──────────────────────┘\n\n ┌──────────────────────┐\n │ hush-directory │ Federated guild discovery\n │ (planned) │ opt-in, decentralized\n └──────────────────────┘\n```\n\n## Repositories\n\nComponent repositories are organized by ownership boundary. Code, tests, and\npull request review live in the specific component repo. User-facing triage\nstarts here unless the problem is already known to be implementation-level.\n\n| Area | Repo | What it owns | Status |\n|-|-|-|-|\n| Product entry point | [`hush`](https:\u002F\u002Fgithub.com\u002Fhushhq\u002Fhush) | Public triage, architecture docs, self-hosting entry points, and cross-repo project coordination. | Active |\n| Web client | [`hush-web`](https:\u002F\u002Fgithub.com\u002Fhushhq\u002Fhush-web) | Browser client. React + Vite. Loads the WASM crypto core. | Active |\n| Desktop client | [`hush-desktop`](https:\u002F\u002Fgithub.com\u002Fhushhq\u002Fhush-desktop) | Native desktop app. Electron shell over the web bundle. | Active |\n| Server | [`hush-server`](https:\u002F\u002Fgithub.com\u002Fhushhq\u002Fhush-server) | Backend relay, storage, instance administration, Postgres, Redis, and LiveKit integration. | Active |\n| Cryptography | [`hush-crypto`](https:\u002F\u002Fgithub.com\u002Fhushhq\u002Fhush-crypto) | MLS group state. Rust + OpenMLS, compiled to WASM for clients. | Active |\n| Mobile client | [`hush-mobile`](https:\u002F\u002Fgithub.com\u002Fhushhq\u002Fhush-mobile) | iOS and Android client. React Native. | Planned |\n| Discovery | [`hush-directory`](https:\u002F\u002Fgithub.com\u002Fhushhq\u002Fhush-directory) | Decentralized guild discovery and federation-adjacent directory work. | Planned |\n\n## Security model\n\nThe short version: the client encrypts. The server does not have the keys.\n\n- Every channel is its own MLS group. Adding, removing, or rotating a member is an MLS commit; downstream membership and forward-secrecy guarantees follow from the protocol.\n- Voice and video keys are derived from the channel's MLS exporter secret. The LiveKit SFU sees opaque SRTP payloads only.\n- Devices are added via a per-account device-linking ceremony that hands the new device a sealed bundle (history snapshot + transcript blob + key material). The transfer goes through a chunked, encrypted relay; no plaintext touches the server.\n- A transparency log records every device-key change so a returning user can verify their own account has not been tampered with.\n\nFor a deeper read, the design notes live in each component's README.\n\n## Contributing\n\nThe project is early. For cross-cutting proposals (protocol, federation,\narchitecture, public docs), open an issue here. For implementation-level\nchanges (a regression in `hush-web`, a bug in `hush-server`, a fix to the\nMLS code in `hush-crypto`), open a PR against the component repo.\n\n## License\n\n[AGPL-3.0](.\u002FLICENSE). The same license applies to every component repository.\n","Hush 是一个端到端加密的即时通讯、语音和视频通话平台。其核心功能包括基于 Messaging Layer Security (MLS) 协议的端到端加密,确保所有消息、语音及视频帧都在客户端进行加密,服务器仅负责传输数据而不读取内容。此外,Hush 支持自托管部署,允许用户在自己控制的基础设施上运行后端和媒体服务栈,从而增强信任路径的安全性。该平台还集成了 LiveKit 基于 MLS 密钥派生机制的 E2EE 语音与视频功能。适用于需要高度安全性和隐私保护的个人或企业级通信场景,如敏感信息交流、远程协作等。项目采用 AGPL-3.0 许可证开放源代码,便于社区审查和贡献。","2026-06-11 03:57:46","CREATED_QUERY"]