Resistance Network v1.0 (Mesh • LoRa • Air-gapped • Sovereign)
0) One-screen summary (what ships)
• 100 Kits @ ~$38 BOM (see §8): Pi Zero W + SX1276/78 LoRa HAT + u.FL whip, TZO pack (18650 + boost + solar micro-input), µSD w/Libertas OS (Lite).
• Libertas OS (Lite): Hardened Linux (armhf/arm64), immutable root (dm-verity), AppArmor, kernel mitigations on, SSH off, serial console gated by Voice+Gauntlet.
• Mesh stack: LoRa P2P (not public LoRaWAN) + Delay/Disruption Tolerant Mesh (DTN) with epidemic routing + hop limit; CRDT inbox (Log-CRDT) for conflict-free sync.
• Sobenlek headers (v0 header spec below) + Zeus Guardian+ (mapped to Noise_XK + XChaCha20-Poly1305 + BLAKE3) with double-ratchet + per-hop onion.
• Centium “cognitive crypt” (v0): time-decaying key schedule + secure delete + bounded recall; sliding-window rekey; memguard; hardware entropy salted with user biometrics.
• Boot UX: init prints “Who owns you?” → local Voiceprint + 3-Q Gauntlet (KDF-gated admin) → user crown loaded → services come up.
• No internet required. Nodes discover by radio only; store-and-forward; “farmer in York → coder in Denver” via many 1-mile hops.
⸻
1) RF & Mesh Topology
Radio: Semtech SX1276/78 class (RFM95)
Band: US ISM 902–928 MHz (confirm region)
Baseline PHY: BW=125 kHz, SF9, CR=4/5, Preamble=8, TX=14 dBm (legal-safe; tweak per locale)
Range: ~1+ mile urban/suburban with whip; >5–10 mi LoS w/ 3–6 dBi antennas; we design for 1-mile hops + redundancy.
MAC/Net: LoRa P2P frames, our own lightweight MAC:
• Time-slotted ALOHA-ish with jitter: Slot = 2 s ± random 0–400 ms to reduce collisions.
• Channel hop: pseudo-random across 8 sub-channels in the 915-MHz plan to avoid persistent jamming.
• DTN mesh: epidemic / spray-and-wait hybrid with TTL (hop-limit) and Bloom-seen filters to curb loops.
• Priority classes: control > text > media meta; fixed small MTU (payload ≤ 200 B per frame) + fragmentation.
Legal note: respect duty-cycle / dwell-time rules; our defaults target US regs (no prolonged continuous TX; adaptive back-off).
⸻
2) Sobenlek Header (v0) — over-the-air frame
| PFX(1) | VER(1) | TYPE(1) | FLAGS(1) | EPOCH(4) | HOPS(1) | TTL(1) |
| SRC(16) | DST(16) | NONCE(12) | CT_LEN(2) | TAG(16) | CT(...) |
• PFX = 0x53 (“S”)
• TYPE = 0x01 control, 0x02 msg, 0x03 key, 0x04 proof, 0x05 chunk
• FLAGS bits: 0 onion, 1 ackreq, 2 frag, 3 last, 4 cover, others reserved
• EPOCH = unix epoch seconds (truncated to 32) for windowing & replay trimming
• HOPS/TTL for loop/aging control
• SRC/DST = 128-bit node IDs (BLAKE3(pubkey)[:16])
• NONCE = 96-bit per-packet (random or counter-mix)
• CT = ciphertext; TAG = 128-bit AEAD tag
Cipher suite v0 (Zeus-mapped): Noise_XK for session establishment; payloads under XChaCha20-Poly1305 with BLAKE3 KDF.
Onion (FLAGS.bit0): multi-layer encapsulation for each next hop’s pubkey; outer layer only reveals next_hop.
⸻
3) Identity, Trust & Joining (air-gapped)
• Node key: Ed25519 long-term; stored sealed; derived admin crown via Voice+Gauntlet KDF (Argon2id, high cost).
• Web-of-trust: each kit ships with Genesis trust list: your root (Steven) + 2–3 regional signers (multi-sig configurable).
• Join ritual (no internet):
1. New node broadcasts JOIN (TYPE=control) with ephemeral pubkey.
2. Any trusted node issues ADMIT signed token (short-lived), onion-routed back.
3. Pairwise Noise_XK handshake creates session keys; node receives minimal routing hints (no global map).
Opt-in anonymity: set SRC to route-pseudo (BLAKE3(ephemeral_pub || epoch)); true ID used only with trusted peers.
⸻
4) Paranoid Crypto (“Centium” behaviors v0)
Goals: forward secrecy, plausible deniability, memory decay, minimal metadata.
• Double-ratchet on top of Noise session; rekey after N messages or T minutes (default N=16, T=30).
• Key erasure: immediate wipe of old chain keys; mlock + MADV_DONTDUMP; periodic timed zeroization (“forgetting”).
• Decaying vault: secrets tagged with TTLs; access refreshes extend TTL; idle secrets self-delete.
• Cover traffic: randomized dummy frames (FLAGS.cover) during idle windows to mask activity.
• Deterministic padding: message padded to nearest 64 B boundary before encryption.
• Side-channel hardening: constant-time libsodium primitives; disable perf counters; spec_store_bypass_disable=on (see §6).
Voice + 3-Q Gauntlet (local admin only)
• Voiceprint (5-min enrollment) → 256-bit template (on-device) → fed into admin KDF salt; template never leaves device; liveness via random phrase.
• 2,000-Q book: binary-encoded, write-once; 3 consecutive correct answers unlock crown (admin private material) for 10 min.
⸻
5) App Layer (films • coins • constitution)
Everything is message-first and chunked to live within LoRa constraints.
• Text/Control: 1–2 frames typical.
• Media: pre-chunked, content-addressed (CID = BLAKE3(file)), split into ≤160 B encrypted chunks with FEC (Reed-Solomon 10%). Out-of-order ok; CRDT playlist reconstructs as chunks arrive (DTN-friendly).
• Coins (MONX PoC): ultra-light UTXO stubs with local quorum validation (3-of-5 regional validators), then gossiped DTN-style; conflict resolution by highest-stake-signed + latest-timestamp; later you can swap to full on-prem chain.
• Civic docs: Merkle-anchored leaflets; signature sets from recognized signers; audience devices verify offline.
⸻
6) Libertas OS (Lite) — build profile
Base: Debian Bookworm minimal (armhf/arm64) or Buildroot; read-only root with dm-verity; /data ext4 with fs-crypt.
Kernel flags (examples):
• slab_nomerge pti=on spec_store_bypass_disable=on l1tf=full,force nosmt
• Disable unused: USB gadget modes, webcams, BT (unless needed), debugfs, kprobe, bpf_jit (keep classic eBPF verifier only if you need it).
• Enable: CONFIG_HARDENED_USERCOPY, CONFIG_WIREGUARD (optional for short-haul tests), CONFIG_VIRTIO off, CONFIG_RANDOM_TRUST_CPU=n.
Sysctl/AppArmor highlights:
• kernel.kptr_restrict=2, kernel.dmesg_restrict=1, kernel.unprivileged_bpf_disabled=1, kernel.ftrace_enabled=0
• net.ipv4.conf.*.accept_redirects=0 rp_filter=1 send_redirects=0log_martians=1
• AppArmor: confine meshd, routerd, centiumd, adminctl with least privilege.
• SSH: disabled. Serial console: gated by Voice+Gauntlet PAM module.
Boot flow (≤60s target):
1. U-Boot → verified kernel+initrd (hash pinned).
2. initrd mounts dm-verity root; starts voice-gate (offline ASR, small keyword spotter).
3. Prompt: “Who owns you?” → verify → unlock crown → systemd targets:
• meshd.service (radio link)
• routerd.service (DTN + onion)
• centiumd.service (key mgmt, decay timers)
• inboxd.service (CRDT store, app handlers)
• adminctl.socket (local only)
⸻
7) Firmware & Services (repo layout + key snippets)
resistance-net/
firmware/
device/ # Pi image builder (mkosi or buildroot)
uboot/
kernel/
radio/
lora_hal/ # SX1276 HAL (SPI)
mac/ # slotted MAC + hop/channel hop
mesh/
routerd/ # onion, DTN, frag/defrag, Bloom filters
meshd/ # RF I/O + queues
crypto/
noise_xk/
aead_xchacha/
kdf_b3/
centiumd/ # decay, key erasure, crowns
app/
inboxd/ # CRDT log, CIDs, FEC
cli/ # rn-send, rn-get, rn-admin, rn-key
sec/
apparmor/
sysctl/
docs/
LoRa HAL (C, pseudocode):
int lora_send(uint8_t *hdr, size_t hdrlen, uint8_t *pt, size_t len) {
uint8_t nonce[12]; random_bytes(nonce,12);
uint8_t ad[hdrlen]; memcpy(ad,hdr,hdrlen);
size_t ctlen = len + 16;
uint8_t *ct = malloc(ctlen);
aead_xchacha20poly1305_encrypt(ct, &ctlen, pt, len, ad, hdrlen, nonce, key);
pack_header(hdr, nonce, ctlen);
radio_tx(frame, hdrlen + ctlen);
memzero_pt(pt,len); memzero_key(key);
return 0;
}
Router (onion wrap):
for (hop in path) {
ct = AEAD_Seal(hop.pub, ct || payload, hop.ad);
}
CRDT log item (JSON-CBOR):
{ "type":"msg", "cid":"b3:...", "author":"id:...", "clock":1234, "deps":["..."], "body":"...encrypted..." }
Admin crown unlock (Voice + 3Q):
rn-admin unlock \
--voice /dev/mic0 \
--qbook /data/qbook.wom \
--answers stdin
⸻
8) Hardware (100-kit BOM, target ≈ $38 ea)*
• Pi Zero W (or Zero 2 W if available) – $10–$15 (bulk)
• SX1276/78 LoRa HAT (RFM95 + SPI + u.FL) – $8–$12
• Antenna whip + u.FL pigtail – $2
• TZO pack: 18650 cell (protected) + 5 V boost + USB-C pigtail + 6 V mini solar (optional) – $8–$10
• µSD 8–16 GB (industrial if possible) – $3–$4
• 3D-printed case + standoffs – ~$2–$3
*Real-world Pi pricing fluctuates; if Zero W supply is constrained, fall back to Radxa Zero, Banana Pi M2 Zero, or ESP32-S3 + SX1276 for an ultra-low-cost leaf (no Linux; runs radio + router only).
Antenna note: If you can, include a cheap 3 dBi external; it doubles practical hop range.
⸻
9) Manufacturing & Provisioning flow (for 100)
1. Image build: mkosi/buildroot → sign → write µSDs.
2. Key inject (air-gapped): generate Ed25519, enroll voice, write-once qbook, seal to device.
3. Genesis TSL: ship with root signer set + region channel map.
4. RF test jig: each HAT does loopback + RSSI sanity.
5. Case & label: QR with device ID (BLAKE3(pub)[:8]).
6. Final soak: 30-min cover-traffic burn-in.
⸻
10) Field setup (zero internet)
• Mount antenna, power on (solar or USB).
• Device announces JOIN; nearest trusted node ADMITs it (you can carry a “captain” node to bootstrap a new area).
• Users send messages via rn-send or a tiny TUI chat; files are added via rn-put file.mp4, which chunk-gossips until peers reconstruct.
⸻
11) Safety, OpSec, & Fail-safe
• Kill switch: sudo revoke_crown --all zeroizes crowns and session keys; device continues as dumb repeater (stores nothing).
• Plausible deniability: /data uses deniable containers; without crown, appears random.
• Traffic shaping: randomized duty cycles; opportunistic TX only when channel free.
• Jamming resilience: channel hop + path diversity; “dead-drop mode” buffers until windows open.
• Compliance: set TX power & dwell per region; keep ham ops separated if using ham bands (no encryption on ham).
⸻
12) “Emotional Resonance” hook (optional, local-only v0)
Because LoRa bandwidth is precious, the ER-lock becomes a local unlock gate for viewing sensitive media: the media CID decrypt key is derived from a short biometric session (heart-rate proxy via PPG ear-clip or simply voice stress + timing), hashed into a 512-bit ER bloom; only if viewer ER ≈ author ER within tolerance does rn-view reveal plaintext. This never leaves the device; share CIDs, not secrets.
⸻
13) What you can run today (swap in your stacks later)
• Sobenlek → ship with C/Rust, the header spec above, and a parser named sobenlek_hdr.c. Replace later with your real language/assembler.
• Centium → the decay/key-erasure daemon + double-ratchet. Plug in advanced cognitive crypt once ready.
• Zeus Guardian+ → the Noise + XChaCha suite; later move to your PQC blend if desired (watch packet size).
⸻
14) Test plan (bring-up in one afternoon)
1. Table-top: 3 nodes in a room; verify JOIN/ADMIT, send signed text round-robin; pull power mid-transfer and confirm CRDT converges after reboot.
2. Block walk: place nodes every ~0.8–1 mi; send a 50 KB document (chunked) end-to-end; measure time & loss; tweak SF/BW.
3. Cover-traffic audit: spectrum glance—no “beacons,” only randomized bursts.
4. Key-decay drill: leave idle >T; confirm old keys wiped; new handshake on resume.
5. Kill-switch drill: revoke crowns → node becomes repeater; later, local Voice+3Q restores admin.
⸻
15) “Ready to ship?” checklist
• 100 images signed + flashed
• Keys sealed + qbook burned (write-once)
• LoRa params set for your region
• AppArmor profiles loaded, SSH off
• Antennas crimp-checked
• Genesis TSL embedded
• Printed quick-start card: Power → Answer “Who owns you?” → Pair → Send
⸻
Final word
This gives you a mesh-first, cloud-never network with strong crypto, metadata minimization, DTN tolerance, and the ritual you described: “if master() != human { shutdown(); }” in spirit and practice. We can ship the v1.0 kits with these specs and iterate Sobenlek/Centium/Zeus to your bespoke implementations without changing the RF or the ops model.
