Skip to content

Ymsniper/NoEyes](https:

v0.5.0 Breaking

This release includes 3 breaking changes for platform teams planning a safe upgrade.

Published 2mo Secrets & Credentials
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

chat-tool cli cross-platform e2ee ed25519 encryption
+7 more
forward-secrecy poly1305 pynacl secure secure-chat self-hosted xsalsa20

Affected surfaces

crypto_tls auth

Summary

AI summary

/nick removed, /clear fully clears messages, and forward‑secret group ratchets are introduced with new CLI flags.

Full changelog

What's new

Cryptography

  • Migrated from Fernet/HKDF to PyNaCl XSalsa20-Poly1305 + BLAKE2b
  • Sender Keys ratchet (/ratchet start) — per-message unique keys, forward secrecy
  • Full mesh fix: initiator now distributes all chain keys to all peers
  • Ratchet invite triggers full restart instead of forwarding live chains
  • X25519 pairwise DH, Ed25519 identity signing, ChaCha20-Poly1305 file transfer

Architecture

  • Refactored into smaller modules: client_ratchet, client_dh, client_send, client_recv, client_commands, client_tofu, server_handlers, server_rooms

New features

  • /ratchet start — group forward secrecy, all clients confirm
  • /ratchet invite — re-add a user with full ratchet restart
  • /proceed — vote to continue after peer migration
  • Ratchet activation animation (CRT red with gear art + SFX)
  • Ratchet deactivation animation (cyan reverse)
  • --generate-access-key and --generate-chat-key CLI flags
  • Termux: SODIUM_INSTALL=system for fast PyNaCl install

Changes

  • /nick removed (no server-side identity validation)
  • /clear now actually clears messages
  • /join and /leave warn before breaking ratchet session
  • Solo ratchet auto-exit when all peers disconnect

Breaking Changes

  • /nick removed (no server‑side identity validation)
  • /clear behavior changed to actually clear messages
  • Solo ratchet auto‑exits when all peers disconnect
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Ymsniper/NoEyes](https:

Get notified when new releases ship.

Sign up free

About Ymsniper/NoEyes](https:

All releases →

Related context

Beta — feedback welcome: [email protected]