← Back to Wiki

AUDITUS ROMANA CALIGULA

StealthX Platform — Full System Audit · April 16, 2026

Scope

3 Repositories · 2 Websites (40 HTML pages) · 2 Android Apps · 1 Backend · All shared documentation

Findings

Severity	Component	Finding	Status
WARNING	SecureCall Android	551+ debug log statements in production code paths	OPEN — Timber migration planned
WARNING	Website	ifrunit.tech domain unreachable (DNS down)	FIXED — Links redirected to GitHub
INFO	SecureChat Wiki	IFR cross-product note contradicted tier table	FIXED

Verified Checks (20 passed)

• PASS   ECOSYSTEM.md identical across all 3 repos
• PASS   RELAY_ARCHITECTURE.md complete (4 options: Tor / P2P / Onion / Nym)
• PASS   ALLOWED_SIGNATURES backend implementation correct
• PASS   No hardcoded secrets in backend or client code
• PASS   Rate limiting active on signaling server
• PASS   android:allowBackup="false" in all Android manifests
• PASS   android:usesCleartextTraffic="false" everywhere
• PASS   Chameleon crypto isolation perfect (:stealthx-crypto only)
• PASS   TierGate centralization — no rogue tier checks
• PASS   :domain does not import :data (dependency rule enforced)
• PASS   XChaCha20-Poly1305 as primary encryption (no AES-GCM)
• PASS   IFR tier thresholds consistent across all repos
• PASS   Product names consistent (no typos)
• PASS   Copyright 2026 on all 40 HTML pages
• PASS   html lang="en" on all pages
• PASS   Exactly 1 h1 per page
• PASS   sitemap.xml current (36 URLs total)
• PASS   robots.txt correct (includes AI crawlers)
• PASS   No broken relative links
• PASS   IFR contract address 0x769928aB… consistent everywhere

Products Audited

Product	Repo	Status	Score
SecureCall	NeaBouli/stealth	Live Beta	94/100
SecureChat	NeaBouli/securechat	In Development	96/100
Chameleon	NeaBouli/chameleon	Alpha	98/100

Audit conducted by Claude Code — automated + manually verified
StealthX Platform · Vendetta Labs, Greece · April 2026
Full report on GitHub →