
A post-quantum secure networking protocol that makes developing hyper-secure client-server and P2P applications easy. Built with 100% safe Rust, it provides a robust foundation for creating secure, high-performance network applications with built-in NAT traversal and post-quantum cryptography using a very low memory footprint.
Multiple Key Encapsulation Mechanism (KEM) families: - Kyber (default) - NIST standardized - NTRU (Sntrup761)
Novel Multi-layered Security Architecture: - Patent-pending (allowed) 3D matrix ratcheting algorithm - Per-message re-keying mechanism - Multi-layered key exchange protocol - Multi-layered encryption with customizable algorithms - Encryption algorithms: - AES-256-GCM - ChaCha20-Poly1305 - Ascon-80pq - Novel Kyber "scramcryption" for enhanced security - Customizable Security Modes: - True Perfect Forward Secrecy (PFS) mode with advanced ratcheting - Best-effort Mode (BEM) for high-throughput scenarios - Configurable security levels and algorithm combinations
Cargo.toml:[dependencies]
citadel_sdk = "latest_version"
cargo make install
use citadel_sdk::prelude::*;
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
let server = NodeBuilder::default()
.with_node_type(NodeType::server("127.0.0.1:25021")?)
.build(EmptyKernel::default())?;
server.await?;
Ok(())
}
use citadel_sdk::prelude::*;
use futures::StreamExt;
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
// Create server connection settings
let server_connection_settings = ServerConnectionSettingsBuilder::credentialed_registration(
"127.0.0.1:12345",
"my_username",
"My Name",
"notsecurepassword",
)
.build()?;
// Create client kernel
let kernel = SingleClientServerConnectionKernel::new(
server_connection_settings,
|connect_success, remote| async move {
let (sink, mut stream) = connect_success.channel.split();
while let Some(message) = stream.next().await {
// Handle incoming messages
}
Ok(())
}
)?;
// Execute the application
NodeBuilder::default().build(client_kernel)?.await?;
Ok(())
}
The Citadel Protocol implements a novel multi-layered security approach that goes beyond traditional encryption methods:
The Citadel Protocol provides flexible threading configurations to accommodate different performance requirements and use cases:
Enable multi-threaded mode by setting the appropriate feature flag:
[dependencies]
citadel_sdk = { version = "latest_version", features = ["multi-threaded"] }
The Remote Encrypted Virtual Filesystem (RE-VFS) is a unique feature that enables secure remote data storage with unprecedented security guarantees:
use citadel_sdk::fs;
async fn store_file(remote: &mut NodeRemote) -> Result<(), Error> {
// Write file with reinforced security
fs::write_with_security_level(
remote,
"local_file.pdf",
SecurityLevel::Reinforced,
"/virtual/path/output.pdf"
).await?;
// Read file back
let local_path = fs::read(remote, "/virtual/path/output.pdf").await?;
Ok(())
}
The Citadel Protocol offers flexible data persistence options to suit various deployment scenarios:
Ideal for testing and development
💻 Filesystem Backend (default):
Suitable for single-node deployments
📈 SQL Databases:
SQLite: Embedded database option
📈 Redis Backend:
Status: Allowed as of December 2024
The Citadel Protocol's core technology is a patent-pending innovative security architecture that combines multiple novel features into a unique, highly secure communication system. Despite the patent protection, we remain committed to keeping this technology free and open source for the benefit of the entire community. This approach ensures that:
The project includes comprehensive test suites. Use cargo-make for running tests:
# Install cargo-make
cargo install --force cargo-make
# Run local tests
cargo make test-local
# Run comprehensive tests (requires SQL/Redis setup)
cargo make test
While the Citadel Protocol implements cutting-edge security features:
Contributions are welcome! Here's how you can help:
Please ensure your code: - Follows Rust best practices - Includes appropriate tests - Is properly documented - Passes all CI checks
This project is dual-licensed for maximum permissibility under: - MIT License - Apache License 2.0
$ claude mcp add Citadel-Protocol \
-- python -m otcore.mcp_server <graph>