← back to overview

Specifications.

Cove is a protocol before it’s an app. Three specs define what runs on the wire; the reference implementation follows them.

These are technical documents. If you’re evaluating Cove for your group’s day-to-day communication, the overview and getting-started guide are the right entry points. Come back here when you want to verify security claims yourself, integrate a third-party client, or run a hub with confidence about what it does and doesn’t promise.

Hub Specification

The protocol authority. Defines the canonical data model — keys, attestations, entries, threads — the wire protocol, and every responsibility the hub carries: acceptance pipeline, tamper-evident log, throttle bounds, signed tree heads, inclusion and consistency proofs. Also states honestly what a malicious hub still could do (withhold, potentially equivocate) and what it structurally cannot (forge, silently rewrite history).

Client Specification

What every Cove client — PWA, desktop, future mobile — must do to be a compliant participant. Key custody, entry construction and signing, the §5 verification chain that runs on every incoming entry, receipt emission, push behavior, offline handling. The client trusts the hub for availability and ordering, the directory for identity, and no one for content integrity.

Identity Vault Specification

How one keypair travels across every device you use — iCloud, Google, Windows, Linux — without the ecosystems needing to talk to each other. Two-layer encryption, multi-recipient wrapping, hub-stored ciphertext, per-pubkey chain CAS. Preserves every existing non-negotiable: the hub still holds no private keys, still can’t forge, still can’t rewrite. Adds one new residual (rollback attack, mitigation stated).

These docs are Draft 0.1. They evolve with the pilot. When a spec section number changes, the CHANGELOG entry notes it; the git history is the audit trail.