Metadata-Version: 2.4
Name: darkelf-cocoa
Version: 4.3.6
Summary: Darkelf Cocoa privacy browser for macOS
Author: Dr. Kevin Moore
License: LGPL-3.0-or-later
Requires-Python: >=3.11
Description-Content-Type: text/markdown
Requires-Dist: pyobjc
Requires-Dist: tldextract

# 🧿 Darkelf Cocoa Browser

### Ephemeral, Post-Quantum Privacy Browser (macOS / Cocoa)

Darkelf is a memory-only, privacy-first web browser built using PyObjC + WebKit, featuring a deterministic Post-Quantum Integrity Layer (PQ) and an on-device AI security engine (MiniAI Sentinel).

---

# 🚀 Darkelf Cocoa 4.3.6

### Stability • Accuracy • Privacy Reinforced • Network Intelligence Expanded

Darkelf Cocoa 4.3.6 builds on 4.3.5 with refined fingerprint realism, expanded replay protection, and a significantly enhanced Network Policy Engine introducing adaptive degradation and user-controlled downloads.

---

## 🆕 Core Updates in 4.3.6

### 🔁 PQ Replay Window Expansion

* Replay detection window increased:

  * **Previous:** ~100 page loads
  * **Now:** **~200 page loads**

#### Result

* Stronger replay attack detection across long sessions
* Improved resistance to delayed correlation attempts
* More stable long-session PQ identity behavior

---

### 🛡️ Network Policy Engine (Major Enhancement)

The Darkelf Network Policy Engine now includes:

* ⚠️ Adaptive **degrading mode**
* ⬇️ Fully **user-initiated download system**
* 🧠 Tighter integration with MiniAI Sentinel

---

## ⚠️ Adaptive Degrading (New)

Darkelf now dynamically reduces trust and capability when suspicious behavior is detected.

### Trigger Conditions

* PQ replay anomalies
* Elevated MiniAI risk levels
* High entropy / fingerprint instability
* Suspicious navigation or request patterns

### Degrade Behavior

* Removes high-entropy fingerprint signals (`_pq_fp`)
* Blocks third-party credential sharing
* Forces **ephemeral cache mode**
* Marks requests as **low trust**
* Prevents persistence hints

### Result

* Reduces attack surface without breaking browsing
* Prevents data leakage under uncertain conditions
* Maintains UX continuity (no aggressive blocking)

---

## ⬇️ User-Initiated Download System (New)

Downloads are now **securely enabled**, but strictly controlled.

### 🔐 Design Principles

* ❗ **User must explicitly initiate downloads**
* 🚫 No automatic or script-triggered downloads
* 🔒 No silent disk writes

### 🧠 Policy-Aware Behavior

* Normal mode → standard controlled download
* Degraded mode → restricted + sanitized
* High-risk mode → blocked or isolated

### 📦 Storage Model

* Temporary location:

  * `Darkelf Temp`
* Filename randomization enforced
* Optional manual save via system dialog

### 🔄 Privacy Guarantees

* No background persistence
* No cross-session retention
* Full user visibility and control

### Result

* Adds real-world usability
* Preserves zero-persistence architecture
* Prevents covert data exfiltration

---

# 📌 (Previous Release) Darkelf Cocoa 4.3.5

### 🧩 WebGL / WebGPU Hash Rotation (PQ-Linked)

Introduces a refined fingerprint rotation model for Canvas/WebGL surfaces, aligned with Post-Quantum (PQ) identity progression.

#### Rotation Model

* Fingerprint seeds now incorporate:

  * per-tab PQ seed
  * identity bucket grouping
  * previous PQ chain state

#### Behavior

* Deterministic per tab
* Stable across reloads
* Gradual variation over navigation/session time
* No JavaScript-triggered mutation

#### Result

* Eliminates long-session fingerprint “freezing”
* Improves realism of GPU-like entropy behavior
* Reduces replay and correlation detection vectors
* Maintains full cross-surface coherence

---

# 📌 (Previous Release) Darkelf Cocoa 4.3.4

### Stability • Accuracy • Privacy Reinforced

---

## 🧪 Stability & Verification

* ✅ All 59 Pytests passing
* Improved cold boot consistency
* Hardened lifecycle + state handling
* Stable under stress / long-session runtime

---

## 🧠 MiniAI Sentinel (Detection Engine)

### Enhanced Detection Accuracy

* Refined behavioral heuristics
* Reduced false positives under load
* Improved classification for:

  * scraping activity
  * credential abuse patterns
  * automation frameworks

### Smarter Thresholding

* Tuned for real-world browsing behavior
* Concurrency-safe detection logic
* No false triggers from high-performance systems

### 🆕 4.3.6 Enhancements

* PQ entropy now contributes to threat scoring
* Improved replay anomaly detection
* Better distributed probing detection

---

## 🕸️ Scraper Detection (Reworked)

### Hybrid Detection Model

* Same-path burst detection (test-safe)
* Multi-path enumeration detection (real-world)

### Improvements

* Eliminates false positives from:

  * hardware concurrency
  * rapid navigation

---

## 🛡️ Network Policy Engine

### Core Capabilities

* 🔒 HTTP → HTTPS enforcement
* 🚫 Tracker blocking (domain precision)
* ⚠️ Adaptive degradation (4.3.6)
* ⬇️ User-controlled downloads (4.3.6)
* 🧠 AI-driven enforcement

---

## 🔐 Post-Quantum Integrity Layer (PQ)

### Enhancements

* Stronger stateful request chaining
* Improved replay resistance
* Expanded replay window (**200 chains**)
* Better entropy tracking

### Identity Model

* `_pq_seed` → per-tab root identity
* `_pq_salt` → hidden entropy
* `_pq_counter` → monotonic progression
* `_pq_prev_chain` → chain continuity

### Chain Construction

```
chain = SHA3_512(
  seed +
  normalized_url +
  previous_chain +
  counter +
  salt
)
```

---

## 🎨 Fingerprint System (Enhanced)

### PQ-Based Identity

* Stable within tab
* Independent across tabs
* Hidden from websites

### Rotation Model

* Stable on reload
* Gradual variation over time
* Deterministic behavior

---

## 🧩 Fingerprint Coherence

* Canvas, WebGL, font signals aligned
* Eliminated conflicting traits

### Result

* Realistic device fingerprint
* Reduced detection risk

---

## 🕶️ User-Agent Stealth

* No Darkelf identifiers
* Appears as standard WebKit/macOS

---

## ⚙️ JavaScript Hardening

* Unified PQ-seeded entropy
* Consistent spoofing across surfaces

---

## 🔁 Fingerprint Isolation

* Per-tab deterministic identity
* No cross-tab reuse
* Crowd-blending identity buckets

---

## 🎯 Content Rules / Adblocking

* Refined rule sets
* Improved tracker filtering
* Reduced site breakage
* CNN-safe filtering improvements

---

## 🧩 Architecture Improvements

* Clear separation:

  * network policy
  * MiniAI detection
  * PQ cryptographic state

* Reduced duplication

* Improved long-session stability

---

## 🔐 Ephemeral Browsing

* No disk persistence
* Memory-only storage
* Downloads disabled by default → **now user-controlled (4.3.6)**
* Automatic cleanup on exit

---

## 🕵️ Privacy & Anti-Tracking

* First-party isolation (FPI)
* Deterministic third-party deception
* Tracker blocking
* No persistent identity

---

## 📦 PyPI

```bash
pip install darkelf-cocoa
darkelf
```

---

## 🔐 Security Model

* Zero persistence
* Deterministic identity isolation
* Replay resistance (**200-chain window**)
* Adaptive degradation
* User-controlled data egress
* No telemetry

---

## 📜 License

LGPL-3.0-or-later
© Dr. Kevin Moore (2025)
