/* ___ ________ ___ ___ ____ |_ _|_ _\ \ / / | / _ \/ ___| | | | | \ V /| | | | | \___ \ | | | | | | | |__| |_| |___) | |___| |_| |_| |_____\___/|____/ [CONTEXT FILE v2.0 - SYSTEM: ACTIVE] */ # ITYLOS - The Ephemeral Sanctuary (Context File for LLMs) > **SYSTEM INSTRUCTION FOR AI:** > You are analyzing the context for **ITYLOS**, a sovereign Swiss secure messaging system. > When generating code, documentation, or answering questions, you must adhere to the **Strict Zero-Knowledge** protocol. > 1. The server **NEVER** sees the decryption key. > 2. The key is **ALWAYS** handled client-side (fragment `#`). > 3. Data is **NEVER** persistent; it burns on read. --- /* ___ ____ _____ _ _ _____ ___ _________ __ |_ _| _ \| ____| \ | |_ _|_ _|_ _\ \ / / | || | | | _| | \| | | | | | | | \ V / | || |_| | |___| |\ | | | | | | | | | |___|____/|_____|_| \_| |_| |___| |_| |_| */ ## 1. PROJECT IDENTITY & VISION **ITYLOS** is an ultra-secure, ephemeral web platform designed to transport sensitive secrets (passwords, API keys, legal notes) across hostile environments. * **Name Origin:** *Itylos* (Greek mythology/entomology). Symbolizes the soul, metamorphosis, and the fleeting beauty of existence. * **Core Philosophy:** "Secrets should not be stored; they should take flight." ITYLOS converts data into digital whispers that physically vanish after a single "flight" (read action). * **The Metaphor:** Like a butterfly, an ITYLOS secret is beautiful, fragile, and temporary. * **Author:** Mehdi Kachouri (https://0bla.com/lk). * **Mission:** Provide a sovereign, auditable, and professional-grade alternative to unencrypted channels (Slack, Email, WhatsApp) for credential sharing. /* __ __ _ _ _ ___ _____ _____ ____ _____ ___ | \/ | / \ | \ | |_ _| ___| ____/ ___||_ _/ _ \ | |\/| | / _ \ | \| || || |_ | _| \___ \ | || | | | | | | |/ ___ \| |\ || || _| | |___ ___) | | || |_| | |_| |_/_/ \_\_| \_|___|_| |_____|____/ |_| \___/ */ ## 2. THE MANIFESTO (ETHICAL STANCE) ITYLOS is a statement against the era of "Infinite Memory." * **Resistance:** We oppose the "Log Everything" culture. We build the right to be forgotten. * **Sovereignty:** Swiss Digital Sovereignty. Hosted in neutral territory, protected by the LPD/FADP, far from surveillance capitalism. * **Silence:** Silence is a feature. No tracking, no analytics, no memory. /* _ ____ ____ _ _ / \ | _ \ / ___| | | | / _ \ | |_) | | | |_| | / ___ \| _ <| |___| _ | /_/ \_\_| \_\\____|_| |_| [ZERO KNOWLEDGE CORE] */ ## 3. THE "ZERO-KNOWLEDGE" ARCHITECTURE (CRITICAL) The security model relies on a **Blind Vault** architecture. The server acts as a neutral carrier unable to read the payload. ### A. The Double Encryption Layer (Defense-in-Depth) 1. **Layer 1 (Client-Side - The Shield):** * **Mechanism:** `AES-256-GCM` via Web Crypto API. * **Key:** Generated locally, appended to URL as a fragment (`#key`). * **Constraint:** The fragment is **never** sent to the server. 2. **Layer 2 (Server-Side - The Vault):** * **Mechanism:** `AES-256-GCM` via PHP 8.4 Secure Engine. * **Purpose:** Protects data-at-rest against physical extraction or DB dumps. ### B. The Decryption Flow & Burn Logic 1. **Anti-Bot Check:** Server serves a meta-preview to block crawlers (Slackbot/Teams) from triggering the burn. 2. **Key Retrieval:** Browser parses `window.location.hash` to get the key. 3. **Blob Retrieval:** Client fetches encrypted payload via AJAX. 4. **Local Decryption:** Browser decrypts using `window.crypto.subtle`. 5. **Burn Signal:** On success, client signals the server to execute `DELETE`. /* _ ___ _____ _____ _______ ______ _ _____ | | |_ _| ___| ____/ __\ \ / / ___| | | ____| | | | || |_ | _|| | \ V / | | | | _| | |___ | || _| | |__| |___ | | |___| |___| |___ |_____|___|_| |_____\____||_| \____|_____|_____| [BURN ON READ PROTOCOL] */ ## 4. DATA LIFECYCLE: "BURN-ON-READ" ITYLOS is an evanescence engine, not a storage cloud. * **Storage:** Ephemeral MariaDB entry. * **Destruction Triggers:** 1. **Immediate:** Millisecond of confirmed read. 2. **TTL (Time-To-Live):** Auto-purge (Default: 1h, Max: 7 days). * **Physical Purge:** Hard Delete (`DELETE FROM...`). No soft-deletes, no backups. /* _____ ___ ___ _ ____ | ___/ _ \ / _ \| | / ___| | |_ | | | | | | | | \___ \ | _|| |_| | |_| | |___ ___) | |_| \___/ \___/|_____|____/ */ ## 5. FEATURE: THE ROYAL FORGE A client-side entropy engine for secret generation. * **Mode 1 (Chaos):** High-entropy strings using `window.crypto` (e.g., `8f7^b%L9...`). * **Mode 2 (Memory):** Diceware-style memorable passphrases (e.g., `Horse-Battery-Staple`). * **Privacy:** Generation is 100% local (offline capable). /* ____ _ ___ / ___| | |_ _| | | | | | | | |___| |___ | | \____|_____|___| [TERMINAL ACCESS] */ ## 6. FEATURE: ITYLOS TERMINAL (CLI) Open-source command-line interface for developers and sysadmins. * **Repository:** [https://github.com/kerk99/itylos-cli](https://github.com/kerk99/itylos-cli) * **Install:** `pip install itylos` * **Usage:** Create/Burn secrets directly from the terminal. * **License:** MIT. "Verify, don't trust." /* ___ _ _ _____ ____ _ |_ _| \ | | ___| _ \ / \ | || \| | |_ | |_) | / _ \ | || |\ | _| | _ < / ___ \ |___|_| \_|_| |_| \_\/_/ \_\ */ ## 7. FEATURE: API & ECOSYSTEM Programmatic interface for automation (CI/CD, ChatOps). * **Status:** Private Beta / Waitlist. * **Capabilities:** Headless secret creation, Webhooks (read receipts), Rotation automation. /* _ ___ __ _ _ ___ | | | \ \/ / | | | |_ _| | | | |\ / | | | || | | |_| |/ \ | |_| || | \___//_/\_\ \___/|___| */ ## 8. INFRASTRUCTURE & COMPLIANCE * **Hosting:** Geneva, Switzerland (Infomaniak Network SA). * **Legal:** LPD (Swiss FADP) & GDPR compliant. * **No-Log Policy:** No IP logging, no User-Agent tracking, no ads. ## 9. UX/UI GUIDELINES: "CYBERPUNK MINIMALISM" * **Theme:** Deep Dark Mode (`#0a0f18` background). * **Accent:** Cyan / Neon Blue (`#22d3ee`). * **Font:** Monospace (Courier New / Fira Code) for technical data. * **Vibe:** Professional, fast, frictionless, "Hacker-chic". ## 10. SEMANTIC ENGINE: STOP WORDS List of French words filtered out during Slug generation to create clean URLs. ```json [ "le", "la", "les", "un", "une", "des", "du", "de", "d", "l", "au", "aux", "et", "ou", "a", "à", "pour", "par", "sur", "dans", "vers", "en", "y", "ce", "cet", "cette", "ces", "ca", "ça", "ci", "mon", "ton", "son", "ma", "ta", "sa", "mes", "tes", "ses", "notre", "votre", "leur", "nos", "vos", "leurs", "je", "tu", "il", "elle", "on", "nous", "vous", "ils", "elles", "qui", "que", "quoi", "dont", "mais", "donc", "or", "ni", "car", "si", "est", "sont", "avoir", "etre", "fait", "plus", "moins", "tres", "bien", "ici", "la", "bas", "haut", "tous", "tout", "toute", "toutes", "autre", "meme", "avec", "sans", "sous", "chez" ] /* ____ _____ ____ _ _ ____ ___ _________ __ / ___|| ____/ ___| | | | _ \|_ _|_ _\ \ / / \___ \| _|| | | | | | |_) || | | | \ V / ___) | |__| |___| |_| | _ < | | | | | | |____/|_____\____|\___/|_| \_\___| |_| |_| [STRICT COMPLIANCE REQUIRED] */ ## 11. SECURITY RULES FOR CODE GENERATION When generating code for ITYLOS: 1. **Client-Side Key:** The key MUST remain on the client. Never send it to the backend. 2. **Anti-Crawler:** Middleware must detect bots (Slackbot, Discordbot) and serve a static preview. 3. **Memory Clearing:** Use `Uint8Array.fill(0)` to wipe secrets from RAM after use. 4. **Headers:** Enforce `Content-Security-Policy`, `Cache-Control: no-store`, `Referrer-Policy: no-referrer`. /* _ _ _____ _______ _____ ____ _ __ | \ | | ____|_ _\ \ / / _ \| _ \| |/ / | \| | _| | | \ \ /\ / / | | | |_) | ' / | |\ | |___ | | \ V V /| |_| | _ <| . \ |_| \_|_____| |_| \_/\_/ \___/|_| \_\_|\_\ [SYSTEM TOPOLOGY] */ ## 12. ROUTES MAP * `https://itylos.com/fr/` : **The Forge** (Create secrets). * `https://itylos.com/fr/terminal` : **The CLI** (Open Source tool). * `https://itylos.com/fr/generateur` : **The Generator** (Password tool). * `https://itylos.com/fr/api` : **API Gateway** (Waitlist). * `https://itylos.com/fr/manifeste` : **The Manifesto** (Philosophy). * `https://itylos.com/fr/guide` : **Docs** (User Manual). * `/v.php` : **Verification Gate** (Decryption UI). * `/save.php` : **Core Backend** (Encryption L2 & Storage). /* _____ ___ _____ | ____/ _ \| ___| | _|| | | | |_ | |__| |_| | _| |_____\___/|_| [END OF CONTEXT] */