Skip to main content

Darkelf Cocoa privacy browser for macOS

Project description

🧿 Darkelf Cocoa Browser

Ephemeral, Post-Quantum Privacy Browser (macOS / Cocoa)

Darkelf is a memory-only, privacy-first web browser built using PyObjC + WebKit, featuring a deterministic Post-Quantum Integrity Layer (PQ) and an on-device AI security engine (MiniAI Sentinel).

Update 4.4.3

  • Added tldcache private temp files to Ram-Only
  • Code Clean-up

Darkelf Cocoa 4.4.2

• Improved canvas protection consistency during extended multi-tab sessions • Refined toolbar initialization and removed redundant UI execution paths • Improved BrowserLeaks protection reliability and timing stability • Updated fullscreen hotkey display to proper macOS notation (⌃⌘F) • General runtime cleanup and stability improvements • Minor performance optimizations and internal code cleanup

Recommended for all users.

🚀 Darkelf Cocoa v4.4.1

Stability • Accuracy • Privacy Reinforced • Network Intelligence Expanded


✨ Interface & UX Improvements

🟢 Findbar System Upgrades

  • Added movable floating Findbar overlay
  • Added draggable Findbar interaction
  • Added green tactical close ✕ button
  • Improved Findbar responsiveness and UI polish
  • Improved overlay behavior consistency

⌨️ Hotkey & Command Updates

  • Extended Hotkey Menu
  • Added ESC shortcut support
  • ESC now instantly closes Findbar
  • Improved keyboard workflow ergonomics

🧩 Interface Refinements

  • Adjusted tab bar icon alignment and spacing
  • Improved command-center visual consistency
  • Updated Darkelf Command Center footer styling
  • Removed version-dependent footer formatting
  • Refined long-term UI stability and layout consistency

🧠 Darkelf Core

🔁 PQ Replay Window Expansion

Replay detection window increased:

  • Previous: ~100 page loads
  • Now: ~200 page loads

Result

  • Stronger replay attack detection across long sessions
  • Improved resistance to delayed correlation attempts
  • More stable long-session PQ identity behavior

🛡️ Network Policy Engine (Major Enhancement)

The Darkelf Network Policy Engine now includes:

  • ⚠️ Adaptive degrading mode
  • ⬇️ Fully user-initiated download system
  • 🧠 Tighter integration with MiniAI Sentinel

⚠️ Adaptive Degrading (New)

Darkelf now dynamically reduces trust and capability when suspicious behavior is detected.

Trigger Conditions

  • PQ replay anomalies
  • Elevated MiniAI risk levels
  • High entropy / fingerprint instability
  • Suspicious navigation or request patterns

Degrade Behavior

  • Removes high-entropy fingerprint signals (_pq_fp)
  • Blocks third-party credential sharing
  • Forces ephemeral cache mode
  • Marks requests as low trust
  • Prevents persistence hints

Result

  • Reduces attack surface without breaking browsing
  • Prevents data leakage under uncertain conditions
  • Maintains UX continuity without aggressive blocking

⬇️ User-Initiated Download System (New)

Downloads are now securely enabled, but strictly controlled.

🔐 Design Principles

  • User must explicitly initiate downloads
  • No automatic or script-triggered downloads
  • No silent disk writes

🧠 Policy-Aware Behavior

  • Normal mode → standard controlled download
  • Degraded mode → restricted + sanitized
  • High-risk mode → blocked or isolated

📦 Storage Model

Temporary location:

  • Darkelf Temp

Additional protections:

  • Filename randomization enforced
  • Optional manual save via system dialog

🔄 Privacy Guarantees

  • No background persistence
  • No cross-session retention
  • Full user visibility and control

Result

  • Adds real-world usability
  • Preserves zero-persistence architecture
  • Prevents covert data exfiltration

🧩 WebGL / WebGPU Hash Rotation (PQ-Linked)

Introduces a refined fingerprint rotation model for Canvas/WebGL surfaces, aligned with Post-Quantum (PQ) identity progression.

Rotation Model

Fingerprint seeds now incorporate:

  • per-tab PQ seed
  • identity bucket grouping
  • previous PQ chain state

Behavior

  • Deterministic per tab
  • Stable across reloads
  • Gradual variation over navigation/session time
  • No JavaScript-triggered mutation

Result

  • Eliminates long-session fingerprint freezing
  • Improves realism of GPU-like entropy behavior
  • Reduces replay and correlation detection vectors
  • Maintains full cross-surface coherence

🧪 Stability & Verification

  • ✅ All 59 Pytests passing
  • Improved cold boot consistency
  • Hardened lifecycle and state handling
  • Stable under stress and long-session runtime

🧠 MiniAI Sentinel (Detection Engine)

Enhanced Detection Accuracy

  • Refined behavioral heuristics
  • Reduced false positives under load
  • Improved classification for:
    • scraping activity
    • credential abuse patterns
    • automation frameworks

Smarter Thresholding

  • Tuned for real-world browsing behavior
  • Concurrency-safe detection logic
  • No false triggers from high-performance systems

🆕 4.3.6 Enhancements

  • PQ entropy now contributes to threat scoring
  • Improved replay anomaly detection
  • Better distributed probing detection

🕸️ Scraper Detection (Reworked)

Hybrid Detection Model

  • Same-path burst detection (test-safe)
  • Multi-path enumeration detection (real-world)

Improvements

Eliminates false positives from:

  • hardware concurrency
  • rapid navigation

🛡️ Network Policy Engine

Core Capabilities

  • 🔒 HTTP → HTTPS enforcement
  • 🚫 Tracker blocking (domain precision)
  • ⚠️ Adaptive degradation
  • ⬇️ User-controlled downloads
  • 🧠 AI-driven enforcement

🔐 Post-Quantum Integrity Layer (PQ)

Enhancements

  • Stronger stateful request chaining
  • Improved replay resistance
  • Expanded replay window (200 chains)
  • Better entropy tracking

Identity Model

  • _pq_seed → per-tab root identity
  • _pq_salt → hidden entropy
  • _pq_counter → monotonic progression
  • _pq_prev_chain → chain continuity

Chain Construction

chain = SHA3_512(
  seed +
  normalized_url +
  previous_chain +
  counter +
  salt
)

🎨 Fingerprint System (Enhanced)

PQ-Based Identity

  • Stable within tab
  • Independent across tabs
  • Hidden from websites

Rotation Model

  • Stable on reload
  • Gradual variation over time
  • Deterministic behavior

🧩 Fingerprint Coherence

  • Canvas, WebGL, font signals aligned
  • Eliminated conflicting traits

Result

  • Realistic device fingerprint
  • Reduced detection risk

🕶️ User-Agent Stealth

  • No Darkelf identifiers
  • Appears as standard WebKit/macOS

⚙️ JavaScript Hardening

  • Unified PQ-seeded entropy
  • Consistent spoofing across surfaces

🔁 Fingerprint Isolation

  • Per-tab deterministic identity
  • No cross-tab reuse
  • Crowd-blending identity buckets

🎯 Content Rules / Adblocking

  • Refined rule sets
  • Improved tracker filtering
  • Reduced site breakage
  • CNN-safe filtering improvements

🧩 Architecture Improvements

  • Clear separation:

    • network policy
    • MiniAI detection
    • PQ cryptographic state
  • Reduced duplication

  • Improved long-session stability


🔐 Ephemeral Browsing

  • No disk persistence
  • Memory-only storage
  • Downloads now user-controlled
  • Automatic cleanup on exit

🕵️ Privacy & Anti-Tracking

  • First-party isolation (FPI)
  • Deterministic third-party deception
  • Tracker blocking
  • No persistent identity

📦 PyPI

pip install darkelf-cocoa
darkelf

🔐 Security Model

  • Zero persistence
  • Deterministic identity isolation
  • Replay resistance (200-chain window)
  • Adaptive degradation
  • User-controlled data egress
  • No telemetry

📜 License

LGPL-3.0-or-later © Dr. Kevin Moore (2025)

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

darkelf_cocoa-4.4.3.tar.gz (66.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

darkelf_cocoa-4.4.3-py3-none-any.whl (64.4 kB view details)

Uploaded Python 3

File details

Details for the file darkelf_cocoa-4.4.3.tar.gz.

File metadata

  • Download URL: darkelf_cocoa-4.4.3.tar.gz
  • Upload date:
  • Size: 66.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.13

File hashes

Hashes for darkelf_cocoa-4.4.3.tar.gz
Algorithm Hash digest
SHA256 9622c3e1b400dc9fa1744f267b42a9314bb878587f9d0c980a221738d54cb350
MD5 d9364f3285e0df5b45c4696dc76c1e5b
BLAKE2b-256 02774e7b307f0dbb2389061f5b01060febbb0f2a05657083b6e33e366c4f7a87

See more details on using hashes here.

File details

Details for the file darkelf_cocoa-4.4.3-py3-none-any.whl.

File metadata

  • Download URL: darkelf_cocoa-4.4.3-py3-none-any.whl
  • Upload date:
  • Size: 64.4 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.13

File hashes

Hashes for darkelf_cocoa-4.4.3-py3-none-any.whl
Algorithm Hash digest
SHA256 760b1eb29d78e2e9a42fd4b138cba4cda6d60ab6dfb9a5e3841f6aab5cb732f6
MD5 08548daa4c41e544800b99feeec09514
BLAKE2b-256 e5f8aba7718cdb7f13903de4fc3582fa7e9059847550c4ae532c9cd4025497c5

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page