Contributing

Build privacy tools. Break surveillance systems.

Getting Started

RVNT is open source under the AGPLv3 license. Contributions are welcome from anyone who shares our commitment to privacy and communications security. Before contributing, please read this guide in full.

Prerequisites

Required:
  Rust        1.78+ (via rustup: https://rustup.rs)
  Node.js     20 LTS+ (for desktop and mobile UI)
  protobuf    protoc 25+ (brew install protobuf / apt install protobuf-compiler)

Platform-specific:
  macOS:      Xcode 15+ (for Secure Enclave and iOS builds)
  Linux:      build-essential, pkg-config, libssl-dev, libgtk-3-dev,
              libwebkit2gtk-4.1-dev, libappindicator3-dev
  Android:    Android SDK (API 34+), NDK 26+

Recommended:
  cargo-watch   (cargo install cargo-watch, for auto-rebuild)
  cargo-fuzz    (cargo install cargo-fuzz, for fuzz testing)
  cargo-audit   (cargo install cargo-audit, for dep scanning)
  cargo-deny    (cargo install cargo-deny, for license compliance)

Development Setup

# Clone the repository
git clone https://github.com/rvntos/rvnt.git
cd rvnt

# Verify the latest commit signature
git log --show-signature -1

# Build all crates
cargo build

# Run all tests
cargo test

# Run with auto-rebuild (development)
cargo watch -x test

# Build the desktop app (development mode)
cd desktop
npm install
npm run tauri dev

# Run clippy (linting)
cargo clippy --all-targets --all-features -- -D warnings

# Check formatting
cargo fmt --check

Coding Standards

Rust

Style:
  - cargo fmt (rustfmt with default settings)
  - cargo clippy with -D warnings (all warnings are errors)
  - No unsafe code outside of rvnt-ffi and platform-specific modules
  - All public functions documented with /// doc comments
  - All cryptographic operations must go through rvnt-crypto
    (never call primitives directly from other crates)

Error handling:
  - Use thiserror for error type definitions
  - Use anyhow in application code (rvnt-ffi, tests)
  - Use Result<T, CryptoError> in rvnt-crypto (specific error types)
  - Never unwrap() in production code (except in tests)
  - Never panic!() in production code

Memory safety:
  - All key material must use zeroize::Zeroizing wrapper
  - All key material must implement ZeroizeOnDrop
  - No key material in log messages (even at debug level)
  - No key material in error messages
  - Use SecureVec for variable-length secret data

Testing:
  - Every public function must have at least one test
  - Cryptographic functions must have test vectors
  - Property-based tests (proptest) for serialization roundtrips
  - Fuzz targets for all deserialization paths

TypeScript (UI Layer)

Style:
  - Prettier (default settings)
  - ESLint (strict configuration)
  - TypeScript strict mode (no any, no implicit returns)
  - React functional components only (no class components)
  - No direct cryptographic operations in TypeScript
    (all crypto goes through Tauri IPC to Rust)

State management:
  - Zustand for global state
  - React Query for server state
  - No Redux

Pull Request Process

  1. Fork and branch: Fork the repository and create a feature branch from main. Branch naming: feature/description, fix/description, security/description.
  2. Write tests: All code changes must include tests. Cryptographic changes must include test vectors. UI changes should include snapshot tests where applicable.
  3. Run the full test suite: cargo test && cargo clippy && cargo fmt --check. All checks must pass.
  4. Write a clear PR description: What changed, why it changed, and how to test it. Link to any related issues.
  5. Request review: All PRs require at least one review. Security-critical changes (anything in rvnt-crypto, rvnt-identity) require two reviews.
  6. Sign your commits: All commits must be GPG-signed. Unsigned commits will not be merged.
PR checklist:
  [ ] Tests pass: cargo test
  [ ] Linting passes: cargo clippy --all-targets -- -D warnings
  [ ] Formatting passes: cargo fmt --check
  [ ] No new unsafe code (or justified and documented)
  [ ] No key material in logs or error messages
  [ ] All new public functions have doc comments
  [ ] Commit messages are clear and descriptive
  [ ] Commits are GPG-signed
  [ ] PR description explains the change and its purpose

Areas for Contribution

AreaDifficultyDescription
Documentation Easy Improve docs, fix typos, add examples, translate
UI/UX Medium Desktop and mobile interface improvements
Testing Medium Add test coverage, fuzz targets, integration tests
Networking Medium-Hard libp2p protocols, Tor transport, mesh networking
Cryptography Hard Protocol improvements, new primitives, formal verification
Platform support Medium Windows/Linux-specific fixes, packaging, distribution
Performance Medium Benchmarking, profiling, optimization

Security Disclosure

Do NOT open a public issue for security vulnerabilities. Security vulnerabilities must be reported privately. Public disclosure before a fix is available puts users at risk.

Reporting a Vulnerability

Email:     security@rvntos.io
PGP key:   https://rvntos.io/keys/security.asc
Fingerprint: [published on website, GitHub, and Keybase]

Your report should include:
  1. Description of the vulnerability
  2. Steps to reproduce
  3. Impact assessment (what can an attacker do?)
  4. Suggested fix (if you have one)

Response timeline:
  24 hours:  Acknowledgment of receipt
  72 hours:  Initial assessment and severity classification
  7 days:    Fix developed (for critical/high severity)
  14 days:   Fix developed (for medium severity)
  30 days:   Fix developed (for low severity)
  90 days:   Public disclosure (coordinated with reporter)

We will credit you in the security advisory unless you
prefer to remain anonymous.

Severity Classification

SeverityDescriptionExample
Critical Remote code execution, key extraction, complete bypass of encryption Ratchet state leak, private key extraction via side channel
High Message decryption, identity compromise, panic mode bypass Nonce reuse in AES-GCM, duress PIN detectable
Medium Metadata leakage, denial of service, partial bypass Timing side channel in sealed sender, crash via malformed message
Low Information disclosure with limited impact, UI issues Username enumeration via timing, debug info in logs

Code of Conduct

RVNT is a privacy tool used by people in dangerous situations. We take the quality and integrity of this project seriously. Contributors are expected to:

  • Act in good faith and with the best interests of RVNT's users in mind
  • Write code that prioritizes security and correctness over performance or elegance
  • Review others' code honestly and constructively
  • Report security issues responsibly
  • Never introduce intentional vulnerabilities, backdoors, or surveillance capabilities
  • Treat other contributors with respect
No backdoors. Ever. Any contribution that introduces a backdoor, key escrow, lawful intercept capability, or any mechanism that compromises user privacy will result in immediate and permanent ban from the project. This is non-negotiable.

License

RVNT is licensed under the GNU Affero General Public License v3.0 (AGPLv3).

This means:
  ✓ You can use RVNT for any purpose
  ✓ You can modify RVNT
  ✓ You can distribute RVNT
  ✓ You can distribute modified versions
  ✗ You cannot make modifications proprietary
  ✗ You cannot run a modified server without publishing the source
  ✗ You cannot sublicense under different terms

AGPLv3 was chosen specifically because it prevents:
  1. Proprietary forks that remove security features
  2. Server operators running modified versions without disclosure
  3. Commercial entities building surveillance into a fork

Further Reading

Last updated: 2026-04-12

RVNT Documentation — Post-quantum encrypted communications