Strategic Development Roadmap
Completed Milestones
The following objectives have been fully implemented, tested, and verified in the current v0.2-beta release. These form the foundation of the SecureCall platform.
- End-to-End Encryption (XChaCha20-Poly1305 + X25519 key exchange)
- Rust Crypto Engine with JNI bridge for native performance
- Double Ratchet forward secrecy protocol
- Node.js Signaling Server with WebSocket transport
- WebRTC peer-to-peer audio with ICE/STUN/TURN
- Opus audio codec (48kHz, high-fidelity voice)
- Anti-Recording Protection (6 independent detection layers)
- Material Design 3 UI with dynamic theming
- 3 Product Tiers (Free / Pro / Premium) with feature gating
- In-App Purchases & Subscription management
- Firebase Cloud Messaging for push notifications
- Security Audit (48 findings — all Critical and High fixed)
- R8/ProGuard optimization and code shrinking
- Crashlytics integration (Free tier, opt-out available)
- Landing page website (neabouli.github.io/stealth)
- Complete documentation & Wiki
Currently In Progress
These objectives are actively being worked on and represent the immediate priorities before the first public release.
- Beta Testing — recruiting 10–20 testers for real-world validation on diverse devices and network conditions
- Google Play Store Launch — store listing, screenshots, privacy declarations, and review submission
- Production Server Deployment — scaling Railway infrastructure, monitoring, and uptime guarantees
Next Release Features
The following features are planned for the v0.3 release cycle. These extend SecureCall's capabilities while maintaining the security-first design philosophy.
- WebRTC upgrade — migration to the latest WebRTC specification for improved compatibility and performance
- Improved NAT traversal — enhanced ICE candidate gathering and fallback strategies for restrictive networks
- Group Calls (Pro/Premium) — encrypted multi-party calls supporting up to 5 simultaneous participants
- Encrypted call recording — local-only recording with device-bound encryption keys (Premium tier only)
- Biometric lock — fingerprint or face authentication required to open the app
- Widget for quick-call — home screen widget for one-tap calling to favorite contacts
Future Vision
These long-range objectives represent the strategic direction for SecureCall beyond the Android platform. Each item requires significant research and development effort and will be prioritized based on community feedback and security requirements.
- iOS Client — native Swift implementation with shared Rust crypto engine
- Desktop Client — Linux, macOS, and Windows applications for secure calls from any platform
- Post-Quantum Cryptography — migration to Kyber/ML-KEM for quantum-resistant key exchange
- GhostNet multi-hop relay network — onion-routed transport for metadata resistance
- Federation support — self-hosted server instances with cross-server calling
- End-to-end encrypted messaging — secure text communication alongside voice
- GhostOS — hardened Android distribution optimized for SecureCall and privacy
Non-Goals
The following features are explicitly not planned for SecureCall. These decisions are deliberate and rooted in our security and privacy commitments. Adding any of these would compromise the threat model or violate user trust.
- Cloud backup of call history — storing call metadata on remote servers creates an unacceptable attack surface
- Social media integration — connecting to social platforms leaks identity information and expands the trust boundary
- Read receipts or "last seen" status — presence information enables surveillance and behavioral analysis
- Contact sync with phone contacts — uploading contact lists to servers is a privacy violation regardless of encryption
- Any form of analytics or tracking — we do not collect, transmit, or store any usage telemetry beyond opt-in Crashlytics on the Free tier