Darkelf Cocoa privacy browser for macOS
Project description
🧿 Darkelf Cocoa Browser
Ephemeral, Post-Quantum Privacy Browser (macOS / Cocoa)
Darkelf is a memory-only, privacy-first web browser built using PyObjC + WebKit, featuring a deterministic Post-Quantum Integrity Layer (PQ) and an on-device AI security engine (MiniAI Sentinel).
🚀 Darkelf Cocoa 4.3.6
Stability • Accuracy • Privacy Reinforced • Network Intelligence Expanded
Darkelf Cocoa 4.3.6 builds on 4.3.5 with refined fingerprint realism, expanded replay protection, and a significantly enhanced Network Policy Engine introducing adaptive degradation and user-controlled downloads.
🆕 Core Updates in 4.3.6
🔁 PQ Replay Window Expansion
-
Replay detection window increased:
- Previous: ~100 page loads
- Now: ~200 page loads
Result
- Stronger replay attack detection across long sessions
- Improved resistance to delayed correlation attempts
- More stable long-session PQ identity behavior
🛡️ Network Policy Engine (Major Enhancement)
The Darkelf Network Policy Engine now includes:
- ⚠️ Adaptive degrading mode
- ⬇️ Fully user-initiated download system
- 🧠 Tighter integration with MiniAI Sentinel
⚠️ Adaptive Degrading (New)
Darkelf now dynamically reduces trust and capability when suspicious behavior is detected.
Trigger Conditions
- PQ replay anomalies
- Elevated MiniAI risk levels
- High entropy / fingerprint instability
- Suspicious navigation or request patterns
Degrade Behavior
- Removes high-entropy fingerprint signals (
_pq_fp) - Blocks third-party credential sharing
- Forces ephemeral cache mode
- Marks requests as low trust
- Prevents persistence hints
Result
- Reduces attack surface without breaking browsing
- Prevents data leakage under uncertain conditions
- Maintains UX continuity (no aggressive blocking)
⬇️ User-Initiated Download System (New)
Downloads are now securely enabled, but strictly controlled.
🔐 Design Principles
- ❗ User must explicitly initiate downloads
- 🚫 No automatic or script-triggered downloads
- 🔒 No silent disk writes
🧠 Policy-Aware Behavior
- Normal mode → standard controlled download
- Degraded mode → restricted + sanitized
- High-risk mode → blocked or isolated
📦 Storage Model
-
Temporary location:
Darkelf Temp
-
Filename randomization enforced
-
Optional manual save via system dialog
🔄 Privacy Guarantees
- No background persistence
- No cross-session retention
- Full user visibility and control
Result
- Adds real-world usability
- Preserves zero-persistence architecture
- Prevents covert data exfiltration
📌 (Previous Release) Darkelf Cocoa 4.3.5
🧩 WebGL / WebGPU Hash Rotation (PQ-Linked)
Introduces a refined fingerprint rotation model for Canvas/WebGL surfaces, aligned with Post-Quantum (PQ) identity progression.
Rotation Model
-
Fingerprint seeds now incorporate:
- per-tab PQ seed
- identity bucket grouping
- previous PQ chain state
Behavior
- Deterministic per tab
- Stable across reloads
- Gradual variation over navigation/session time
- No JavaScript-triggered mutation
Result
- Eliminates long-session fingerprint “freezing”
- Improves realism of GPU-like entropy behavior
- Reduces replay and correlation detection vectors
- Maintains full cross-surface coherence
📌 (Previous Release) Darkelf Cocoa 4.3.4
Stability • Accuracy • Privacy Reinforced
🧪 Stability & Verification
- ✅ All 59 Pytests passing
- Improved cold boot consistency
- Hardened lifecycle + state handling
- Stable under stress / long-session runtime
🧠 MiniAI Sentinel (Detection Engine)
Enhanced Detection Accuracy
-
Refined behavioral heuristics
-
Reduced false positives under load
-
Improved classification for:
- scraping activity
- credential abuse patterns
- automation frameworks
Smarter Thresholding
- Tuned for real-world browsing behavior
- Concurrency-safe detection logic
- No false triggers from high-performance systems
🆕 4.3.6 Enhancements
- PQ entropy now contributes to threat scoring
- Improved replay anomaly detection
- Better distributed probing detection
🕸️ Scraper Detection (Reworked)
Hybrid Detection Model
- Same-path burst detection (test-safe)
- Multi-path enumeration detection (real-world)
Improvements
-
Eliminates false positives from:
- hardware concurrency
- rapid navigation
🛡️ Network Policy Engine
Core Capabilities
- 🔒 HTTP → HTTPS enforcement
- 🚫 Tracker blocking (domain precision)
- ⚠️ Adaptive degradation (4.3.6)
- ⬇️ User-controlled downloads (4.3.6)
- 🧠 AI-driven enforcement
🔐 Post-Quantum Integrity Layer (PQ)
Enhancements
- Stronger stateful request chaining
- Improved replay resistance
- Expanded replay window (200 chains)
- Better entropy tracking
Identity Model
_pq_seed→ per-tab root identity_pq_salt→ hidden entropy_pq_counter→ monotonic progression_pq_prev_chain→ chain continuity
Chain Construction
chain = SHA3_512(
seed +
normalized_url +
previous_chain +
counter +
salt
)
🎨 Fingerprint System (Enhanced)
PQ-Based Identity
- Stable within tab
- Independent across tabs
- Hidden from websites
Rotation Model
- Stable on reload
- Gradual variation over time
- Deterministic behavior
🧩 Fingerprint Coherence
- Canvas, WebGL, font signals aligned
- Eliminated conflicting traits
Result
- Realistic device fingerprint
- Reduced detection risk
🕶️ User-Agent Stealth
- No Darkelf identifiers
- Appears as standard WebKit/macOS
⚙️ JavaScript Hardening
- Unified PQ-seeded entropy
- Consistent spoofing across surfaces
🔁 Fingerprint Isolation
- Per-tab deterministic identity
- No cross-tab reuse
- Crowd-blending identity buckets
🎯 Content Rules / Adblocking
- Refined rule sets
- Improved tracker filtering
- Reduced site breakage
- CNN-safe filtering improvements
🧩 Architecture Improvements
-
Clear separation:
- network policy
- MiniAI detection
- PQ cryptographic state
-
Reduced duplication
-
Improved long-session stability
🔐 Ephemeral Browsing
- No disk persistence
- Memory-only storage
- Downloads disabled by default → now user-controlled (4.3.6)
- Automatic cleanup on exit
🕵️ Privacy & Anti-Tracking
- First-party isolation (FPI)
- Deterministic third-party deception
- Tracker blocking
- No persistent identity
📦 PyPI
pip install darkelf-cocoa
darkelf
🔐 Security Model
- Zero persistence
- Deterministic identity isolation
- Replay resistance (200-chain window)
- Adaptive degradation
- User-controlled data egress
- No telemetry
📜 License
LGPL-3.0-or-later © Dr. Kevin Moore (2025)
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file darkelf_cocoa-4.3.6.tar.gz.
File metadata
- Download URL: darkelf_cocoa-4.3.6.tar.gz
- Upload date:
- Size: 60.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
2f8dbf79075ab0ca71e62512fd50cc6597052d8511620e7497b08a466e1d3e9e
|
|
| MD5 |
f882a1ce7bb038d31baf6f2782293bc0
|
|
| BLAKE2b-256 |
892931000ea39ddfaaef22f6bd0cac7c31bfe2f674e0aba868bf2a1a13e3ccee
|
File details
Details for the file darkelf_cocoa-4.3.6-py3-none-any.whl.
File metadata
- Download URL: darkelf_cocoa-4.3.6-py3-none-any.whl
- Upload date:
- Size: 58.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b8a42a11c04d6cafaa0d7240c531bd8da8dcc2a95067dcbfa5fa0ec4c49845ae
|
|
| MD5 |
d2d9458c2a0e45a83459acd48f8aeded
|
|
| BLAKE2b-256 |
3b4440d89c2b866efdc4bcbddc0dd3ac96f2ea4414967a249618d1df601796d8
|
