mojic 1.0.3 → 1.1.0

package/CONTRIBUTING.md

@@ -1,23 +1,56 @@
 # Contributing to Mojic
 
-First off, thanks for taking the time to contribute! 🎉
+First off, thanks for taking the time to contribute! 
 
 The following is a set of guidelines for contributing to Mojic. These are mostly guidelines, not rules. Use your best judgment, and feel free to propose changes to this document in a pull request.
 
-## How Can I Contribute?
+## Development Workflow
 
-### Reporting Bugs
+We use the standard GitHub Pull Request workflow.
+
+1.  **Fork** the repository on GitHub:  
+    [https://github.com/notamitgamer/mojic](https://github.com/notamitgamer/mojic)
+
+2.  **Clone** your fork locally:
+    ```bash
+    git clone [https://github.com/YOUR_USERNAME/mojic.git](https://github.com/YOUR_USERNAME/mojic.git)
+    cd mojic
+    ```
+
+3.  **Create a Branch** for your feature or bugfix:
+    ```bash
+    git checkout -b feature/amazing-feature
+    ```
+
+4.  **Install Dependencies**:
+    ```bash
+    npm install
+    ```
+
+5.  **Test your changes**:
+    You can run the CLI locally using `npm start` or linking the package.
+    ```bash
+    # Run directly
+    npm start -- encode test.c
+    ```
+
+6.  **Commit** your changes (see the style guide below).
 
-This section guides you through submitting a bug report for Mojic. Following these guidelines helps maintainers and the community understand your report, reproduce the behavior, and find related reports.
+7.  **Push** to your fork:
+    ```bash
+    git push origin feature/amazing-feature
+    ```
 
+8.  **Open a Pull Request** on the main repository (`notamitgamer/mojic`).
+
+## How Can I Contribute?
+
+### Reporting Bugs
 * **Use a clear and descriptive title** for the issue to identify the problem.
 * **Describe the exact steps which reproduce the problem** in as many details as possible.
 * **Provide specific examples** to demonstrate the steps.
 
 ### Suggesting Enhancements
-
-This section guides you through submitting an enhancement suggestion for Mojic, including completely new features and minor improvements to existing functionality.
-
 * **Use a clear and descriptive title** for the issue to identify the suggestion.
 * **Provide a step-by-step description of the suggested enhancement** in as many details as possible.
 * **Explain why this enhancement would be useful** to most Mojic users.
@@ -25,14 +58,13 @@ This section guides you through submitting an enhancement suggestion for Mojic,
 ## Styleguides
 
 ### Git Commit Messages
-
 * Use the present tense ("Add feature" not "Added feature")
 * Use the imperative mood ("Move cursor to..." not "Moves cursor to...")
 * Limit the first line to 72 characters or less
 
 ### Mojic Code Style
-
-* **Cipher Logic:** Changes to `CipherEngine.js` must ensure backward compatibility with the header format.
+* **Cipher Logic:** Changes to `CipherEngine.js` must ensure backward compatibility with the header format if possible.
 * **Streams:** Always use `StringDecoder` when handling text streams to prevent multi-byte emoji corruption.
+* **Linting:** Ensure your code is clean and readable.
 
-Happy Hacking! 🚀
+Happy Hacking! 

package/README.md

@@ -1,27 +1,36 @@
-# Mojic 🔒🔮
+# Mojic v1.1.0
 
-> **Obfuscate C source code into a randomized stream of emojis using password-seeded encryption.**
+> **Operation Polymorphic Chaos: Obfuscate C source code into a randomized, password-seeded stream of emojis.**
 
-**Mojic** (Magic + Emoji + Logic) is a CLI tool that transforms readable C code into an unreadable mess of emojis. Unlike simple substitution ciphers, Mojic uses your password to seed a Pseudo-Random Number Generator (PRNG), creating a unique "Emoji Universe" for every password.
+**Mojic** (Magic + Emoji + Logic) is a sophisticated CLI tool designed to transform readable C code into an unrecognizable chaotic stream of emojis. Unlike simple substitution ciphers, Mojic uses your password to seed a cryptographically strong Pseudo-Random Number Generator (PRNG), creating a unique "Emoji Universe" and rolling cipher for every single session.
 
-## 🚀 Features
+## Key Features
 
-* **🔐 Seeded Shuffling:** Your password derives a seed that shuffles the emoji mapping. Two different passwords will produce completely different emoji outputs for the same file.
-* **🌚 Moon Header Protocol:** The file header (Salt + Auth Hash) is encoded using only Moon and Clock emojis to allow metadata reading before decryption.
-* **📂 Recursive Processing:** Encrypt or decrypt entire project directories with one flag.
-* **🔄 Security Rotation:** Rotate passwords or re-scramble the entropy of encrypted files without seeing the plaintext.
-* **⚡ Stream Based:** Handles large files efficiently using Node.js streams.
+* ** Xoshiro256** PRNG:** Uses a high-quality 256-bit state PRNG (seeded via PBKDF2-SHA512) to handle shuffling and polymorphism.
+* ** Polymorphic Keywords:** Common C keywords (`int`, `void`, `return`) are mapped to emojis that *change* every time they appear based on the PRNG state. Frequency analysis is impossible.
+* ** Base-1024 Compression:** Non-keyword code is compressed using a custom Base-1024 scheme (5 bytes → 4 emojis), keeping file size manageable.
+* ** Integrity Sealed:** Every file ends with an HMAC-SHA256 signature. Any tampering with the emoji stream results in an immediate `FILE_TAMPERED` error.
+* ** Moon Header Protocol:** Metadata (Salt + Auth Check) is encoded using a specific alphabet of Moon and Clock phases (`🌑🌒🕐`), allowing instant password verification before decryption starts.
+* ** Stream Architecture:** Built on Node.js `Transform` streams to handle large files efficiently with minimal memory footprint.
 
-## 📦 Installation
+## Installation
+
+Since Mojic is available on npm, you can install it globally with a single command:
 
 ```bash
 npm install -g mojic
 ```
 
-## 🛠️ Usage
+Or run it directly using `npx` without installing:
+
+```bash
+npx mojic encode main.c
+```
+
+## Usage
 
 ### 1. Encrypting Code (`encode`)
-Turns a `.c` file into a `.mojic` file.
+Transforms a `.c` file into a `.mojic` file.
 
 ```bash
 # Encrypt a single file
@@ -29,6 +38,9 @@ mojic encode main.c
 
 # Encrypt an entire directory recursively
 mojic encode ./src -r
+
+# Flatten/Minify code structure before encryption (Removes newlines/indentation)
+mojic encode main.c --flat
 ```
 *You will be prompted to create a password. This password is required to decrypt.*
 
@@ -44,24 +56,42 @@ mojic decode ./src -r
 ```
 
 ### 3. Security & Rotation Tools (`srt`)
-Manage encrypted files without revealing their contents.
+Manage encrypted files without ever revealing their plaintext contents.
 
 ```bash
-# Change the password of an encrypted file
+# Rotate Password: Changes the password of an encrypted file
 mojic srt --pass secret.mojic
 
-# Re-shuffle the encryption (New Salt) with the SAME password
-# (Useful if you want to change the visual emoji pattern without changing the password)
+# Re-Encrypt: Re-shuffles the entropy (New Salt) with the SAME password
+# (Useful to change the visual emoji pattern without changing the password)
 mojic srt --re secret.mojic
 ```
 
-## 🧠 How it Works
+## Under the Hood (Algorithm)
+
+Mojic v1.1.0 implements a custom crypto-system dubbed **"Operation Polymorphic Chaos"**.
+
+1.  **Derivation Phase:**
+    * **Input:** User Password + 16-byte Random Salt.
+    * **KDF:** `PBKDF2-SHA512` (100,000 iterations).
+    * **Output:** 64 bytes (32 bytes for PRNG Seed, 32 bytes for HMAC Auth Key).
+
+2.  **The Emoji Universe:**
+    * The engine generates a universe of ~1,100 valid emojis (Emoticons, Transport, Symbols).
+    * This universe is **shuffled** using the `Xoshiro256**` PRNG initialized with the derived seed.
+
+3.  **Polymorphic Encryption:**
+    * **C Keywords:** The engine detects C keywords (e.g., `while`). It assigns them a "Base Emoji" from the shuffled universe.
+    * **The Twist:** It doesn't just print the Base Emoji. It calculates a random offset using the PRNG to pick a *different* emoji that maps back to the keyword. This means `int` might look like `🚀` on line 1 and `🌮` on line 5.
+
+4.  **Base-1024 Encoding:**
+    * Non-keyword data is buffered into 5-byte chunks.
+    * These chunks are treated as a single large integer and converted into 4 base-1024 digits (mapped to emojis), effectively compressing the stream density.
 
-1.  **Key Derivation:** Mojic uses **PBKDF2** to derive a 32-bit seed and an Auth Hash from your password and a random Salt.
-2.  **The Shuffle:** It uses a custom **Mulberry32 PRNG** seeded with your key to shuffle a "Universe" of ~1500 emojis.
-3.  **Tokenization:** C keywords (`int`, `return`, `void`) are tokenized and mapped to unique emojis from the shuffled universe. Remaining characters map to other emojis.
-4.  **The Header:** The Salt and Auth Hash are written to the top of the file using a fixed "Header Alphabet" (🌑🌒🌓🌔...) so the tool can verify your password before attempting decryption.
+5.  **The Header:**
+    * The Salt and a 4-byte Auth Check are written to the file header using the **Moon/Clock Alphabet** (`🌑🌒🌓🌔...`).
+    * **Benefit:** This allows `mojic` to tell you "Incorrect Password" instantly, rather than churning out garbage data first.
 
-## 📄 License
+## License
 
-This project is licensed under the Apache License 2.0 - see the [LICENSE](LICENSE) file for details.
+This project is licensed under the Apache License 2.0.

package/SECURITY.md

@@ -4,10 +4,10 @@
 
 We take security seriously.
 
-If you discover a security vulnerability within Mojic (e.g., in the `CipherEngine` logic or the PRNG implementation), please send an e-mail to **amitdutta4255@gmail.com**. All security vulnerabilities will be promptly addressed.
+If you discover a security vulnerability within Mojic (e.g., in the `CipherEngine` logic or the PRNG implementation), please send an e-mail to **amitdutta4255@gmail.com** or **mail@amit.is-a.dev**. All security vulnerabilities will be promptly addressed.
 
 **Please do not open public issues for security vulnerabilities.**
 
 ### Scope
-* **Supported:** Issues regarding key derivation, salt collisions, or stream buffer overflows.
+* **Supported:** Issues regarding key derivation, salt collisions, HMAC integrity failures, or stream buffer overflows.
 * **Not Supported:** Brute-forcing weak passwords (users are responsible for password strength).

package/bin/mojic.js

@@ -12,7 +12,7 @@ import { CipherEngine } from '../lib/CipherEngine.js';
 program
     .name('mojic')
     .description('Obfuscate C source code into emojis')
-    .version('1.0.3')
+    .version('1.1.0')
     .addHelpCommand('help [command]', 'Display help for command')
     .showHelpAfterError();
 
@@ -78,6 +78,19 @@ const createHeaderSkipper = () => {
     });
 };
 
+// --- FLATTENING (Minifier) ---
+const createMinifier = () => {
+    return new Transform({
+        transform(chunk, encoding, cb) {
+            let str = chunk.toString();
+            str = str.replace(/\r?\n|\r/g, ' '); 
+            str = str.replace(/\s+/g, ' ');      
+            this.push(str);
+            cb();
+        }
+    });
+};
+
 // --- Recursive Logic ---
 
 async function traverseDirectory(currentPath, extension, callback) {
@@ -99,18 +112,20 @@ program
     .command('encode')
     .argument('<path>', 'File or Directory to encode')
     .option('-r, --recursive', 'Recursively encrypt all .c files in directory')
+    .option('-f, --flat', 'Flatten structure (strip whitespace/newlines) before encrypting')
     .description('Encrypt a file or directory into emojis')
     .action(async (targetPath, options) => {
         try {
             if (!fs.existsSync(targetPath)) throw new Error('Path not found');
             const stats = fs.statSync(targetPath);
 
-            // Validation
             if (stats.isDirectory() && !options.recursive) {
                 throw new Error(`'${targetPath}' is a directory. Use -r to process recursively.`);
             }
 
-            console.log(chalk.blue('🔒 Initiating Mojic Encryption...'));
+            console.log(chalk.blue('Initiating Mojic Encryption v1.1...'));
+            if (options.flat) console.log(chalk.yellow('   -> Structural Flattening Enabled'));
+
             const password = await promptPassword('Create password for file(s):');
 
             const processFile = async (filePath) => {
@@ -118,7 +133,7 @@ program
                 console.log(chalk.dim(`   Processing: ${path.basename(filePath)} -> ${path.basename(outputName)}`));
 
                 const engine = new CipherEngine(password);
-                await engine.init(); // Unique salt per file
+                await engine.init(); 
                 
                 const readStream = fs.createReadStream(filePath);
                 const writeStream = fs.createWriteStream(outputName);
@@ -126,7 +141,13 @@ program
                 writeStream.write(engine._encodeHeader());
                 
                 await new Promise((resolve, reject) => {
-                    readStream
+                    let pipeline = readStream;
+                    
+                    if (options.flat) {
+                        pipeline = pipeline.pipe(createMinifier());
+                    }
+
+                    pipeline
                         .pipe(engine.getEncryptStream())
                         .pipe(writeStream)
                         .on('finish', resolve)
@@ -135,12 +156,12 @@ program
             };
 
             if (stats.isDirectory()) {
-                console.log(chalk.blue(`📂 Scanning directory: ${targetPath}`));
+                console.log(chalk.blue(`Scanning directory: ${targetPath}`));
                 await traverseDirectory(targetPath, '.c', processFile);
-                console.log(chalk.green('✅ Batch encryption complete.'));
+                console.log(chalk.green('Batch encryption complete.'));
             } else {
                 await processFile(targetPath);
-                console.log(chalk.green(`✅ Encrypted.`));
+                console.log(chalk.green(`Encrypted.`));
             }
 
         } catch (err) {
@@ -162,8 +183,8 @@ program
                 throw new Error(`'${targetPath}' is a directory. Use -r to process recursively.`);
             }
 
-            console.log(chalk.blue('🔓 Initiating Decryption...'));
-            const password = await promptPassword('Enter password:'); // Assume same pass for dir
+            console.log(chalk.blue('Initiating Decryption...'));
+            const password = await promptPassword('Enter password:');
 
             const processFile = async (filePath) => {
                 try {
@@ -174,36 +195,61 @@ program
                     const metadata = CipherEngine.decodeHeader(headerStr);
                     
                     const engine = new CipherEngine(password);
-                    await engine.init(metadata.saltHex);
-
-                    if (engine.authHash.toString('hex') !== metadata.authHex) {
-                        console.log(chalk.red(`   ❌ Skipped ${path.basename(filePath)}: Incorrect Password`));
-                        return;
-                    }
+                    
+                    // Pass the Auth Check Hex (if available in new format)
+                    await engine.init(metadata.saltHex, metadata.authCheckHex);
 
                     const readStream = fs.createReadStream(filePath);
                     const writeStream = fs.createWriteStream(outputName);
                     
                     await new Promise((resolve, reject) => {
+                        const decryptStream = engine.getDecryptStream();
+                        
+                        decryptStream.on('error', (err) => {
+                            reject(err);
+                        });
+
                         readStream
                             .pipe(createHeaderSkipper())
-                            .pipe(engine.getDecryptStream())
+                            .pipe(decryptStream)
                             .pipe(writeStream)
                             .on('finish', resolve)
                             .on('error', reject);
                     });
+
+                    return true; // Success
                 } catch (e) {
-                    console.log(chalk.red(`   ⚠️ Error processing ${path.basename(filePath)}: ${e.message}`));
+                    const outputName = filePath.replace(/\.mojic$/, '') + '.restored.c';
+                    
+                    // Cleanup output file on error
+                    setTimeout(() => {
+                         if (fs.existsSync(outputName)) {
+                             try { fs.unlinkSync(outputName); } catch(ign){}
+                         }
+                    }, 100);
+                    
+                    // Specific Error Messaging (No Emojis)
+                    if (e.message === "WRONG_PASSWORD") {
+                        console.log(chalk.red(`   Error: Incorrect Password`));
+                    } else if (e.message === "FILE_TAMPERED") {
+                        console.log(chalk.red(`   Error: File Tampered! Integrity check failed.`));
+                    } else {
+                        console.log(chalk.red(`   Error: ${e.message}`));
+                    }
+
+                    return false; // Failure
                 }
             };
 
             if (stats.isDirectory()) {
-                console.log(chalk.blue(`📂 Scanning directory: ${targetPath}`));
+                console.log(chalk.blue(`Scanning directory: ${targetPath}`));
                 await traverseDirectory(targetPath, '.mojic', processFile);
-                console.log(chalk.green('✅ Batch decryption complete.'));
+                console.log(chalk.green('Batch decryption complete.'));
             } else {
-                await processFile(targetPath);
-                console.log(chalk.green(`✅ Restored.`));
+                const success = await processFile(targetPath);
+                if (success) {
+                    console.log(chalk.green(`Restored.`));
+                }
             }
 
         } catch (err) {
@@ -211,32 +257,24 @@ program
         }
     });
 
-// --- Security Rotation Tools (SRT) ---
+// --- SRT ---
 
 const rotatePassword = async (file) => {
     try {
         if (!fs.existsSync(file)) throw new Error('File not found');
-        console.log(chalk.yellow(`🔄 Rotating Password for ${path.basename(file)}...`));
+        console.log(chalk.yellow(`Rotating Password for ${path.basename(file)}...`));
 
-        // 1. Authenticate Old
         const headerStr = await getStreamHeader(file);
         const metadata = CipherEngine.decodeHeader(headerStr);
         const oldPass = await promptPassword('Enter CURRENT password:');
         
         const oldEngine = new CipherEngine(oldPass);
-        await oldEngine.init(metadata.saltHex);
+        await oldEngine.init(metadata.saltHex, metadata.authCheckHex);
 
-        if (oldEngine.authHash.toString('hex') !== metadata.authHex) {
-            console.error(chalk.red('❌ Incorrect Current Password'));
-            process.exit(1);
-        }
-
-        // 2. Init New
         const newPass = await promptPassword('Enter NEW password:');
         const newEngine = new CipherEngine(newPass);
         await newEngine.init(); 
 
-        // 3. Process
         const tempFile = file + '.tmp';
         const readStream = fs.createReadStream(file);
         const writeStream = fs.createWriteStream(tempFile);
@@ -244,9 +282,13 @@ const rotatePassword = async (file) => {
         writeStream.write(newEngine._encodeHeader());
 
         await new Promise((resolve, reject) => {
+            const decryptStream = oldEngine.getDecryptStream();
+            
+            decryptStream.on('error', (err) => reject(err));
+
             readStream
                 .pipe(createHeaderSkipper())
-                .pipe(oldEngine.getDecryptStream())
+                .pipe(decryptStream)
                 .pipe(newEngine.getEncryptStream())
                 .pipe(writeStream)
                 .on('finish', resolve)
@@ -254,36 +296,33 @@ const rotatePassword = async (file) => {
         });
 
         fs.renameSync(tempFile, file);
-        console.log(chalk.green(`✅ Password updated.`));
+        console.log(chalk.green(`Password updated.`));
         
     } catch (err) {
-        console.error(chalk.red('Error:'), err.message);
+        if (fs.existsSync(file + '.tmp')) fs.unlinkSync(file + '.tmp');
+        if (err.message === "WRONG_PASSWORD") {
+            console.error(chalk.red('Error: Incorrect Current Password'));
+        } else {
+            console.error(chalk.red('Error:'), err.message);
+        }
     }
 };
 
 const reEncrypt = async (file) => {
     try {
         if (!fs.existsSync(file)) throw new Error('File not found');
-        console.log(chalk.yellow(`🎲 Re-shuffling Entropy for ${path.basename(file)}...`));
+        console.log(chalk.yellow(`Re-shuffling Entropy for ${path.basename(file)}...`));
 
-        // 1. Authenticate
         const headerStr = await getStreamHeader(file);
         const metadata = CipherEngine.decodeHeader(headerStr);
         const password = await promptPassword('Enter password:');
         
         const oldEngine = new CipherEngine(password);
-        await oldEngine.init(metadata.saltHex);
+        await oldEngine.init(metadata.saltHex, metadata.authCheckHex);
 
-        if (oldEngine.authHash.toString('hex') !== metadata.authHex) {
-            console.error(chalk.red('❌ Incorrect Password'));
-            process.exit(1);
-        }
-
-        // 2. Init New
         const newEngine = new CipherEngine(password);
         await newEngine.init(); 
 
-        // 3. Process
         const tempFile = file + '.tmp';
         const readStream = fs.createReadStream(file);
         const writeStream = fs.createWriteStream(tempFile);
@@ -291,9 +330,12 @@ const reEncrypt = async (file) => {
         writeStream.write(newEngine._encodeHeader());
 
         await new Promise((resolve, reject) => {
+            const decryptStream = oldEngine.getDecryptStream();
+            decryptStream.on('error', (err) => reject(err));
+
             readStream
                 .pipe(createHeaderSkipper())
-                .pipe(oldEngine.getDecryptStream())
+                .pipe(decryptStream)
                 .pipe(newEngine.getEncryptStream())
                 .pipe(writeStream)
                 .on('finish', resolve)
@@ -301,10 +343,15 @@ const reEncrypt = async (file) => {
         });
 
         fs.renameSync(tempFile, file);
-        console.log(chalk.green(`✅ File re-encrypted.`));
+        console.log(chalk.green(`File re-encrypted.`));
 
     } catch (err) {
-        console.error(chalk.red('Error:'), err.message);
+        if (fs.existsSync(file + '.tmp')) fs.unlinkSync(file + '.tmp');
+        if (err.message === "WRONG_PASSWORD") {
+            console.error(chalk.red('Error: Incorrect Password'));
+        } else {
+            console.error(chalk.red('Error:'), err.message);
+        }
     }
 };
 
@@ -313,11 +360,6 @@ program
     .description('Security and Rotation Tools')
     .option('--pass <file>', 'Update the password for an existing file')
     .option('--re <file>', 'Re-encrypt with new random seed (Same password)')
-    .addHelpText('after', `
-Examples:
-  $ mojic srt --pass secret.mojic   # Change the password of an encrypted file
-  $ mojic srt --re secret.mojic     # Re-scramble the emojis (new salt) with same password
-`)
     .action(async (options) => {
         if (options.pass) {
             await rotatePassword(options.pass);
@@ -329,12 +371,4 @@ Examples:
         }
     });
 
-program.addHelpText('after', `
-Usage Examples:
-  $ mojic encode test.c          # Encrypt a single C file
-  $ mojic encode ./src -r        # Recursively encrypt all .c files in ./src
-  $ mojic decode test.mojic      # Decrypt a single file
-  $ mojic decode ./src -r        # Recursively decrypt all .mojic files
-`);
-
 program.parse(process.argv);

package/lib/CipherEngine.js

@@ -3,109 +3,154 @@ import { Transform } from 'stream';
 import { StringDecoder } from 'string_decoder';
 
 /**
- * Emojic CipherEngine
- * Handles the logic for mapping C-code to Emojis based on a password seed.
- * * * Updates:
- * - Uses Intl.Segmenter for robust Emoji/Grapheme decoding.
- * - Implements 'tail buffering' in streams to prevent splitting multi-codepoint emojis.
+ * MOJIC v1.1.0 CIPHER ENGINE
+ * "Operation Polymorphic Chaos"
+ * * Features:
+ * - Xoshiro256** PRNG (256-bit State)
+ * - Base-1024 Compression (5 bytes -> 4 emojis)
+ * - Polymorphic Keyword Encryption (Rolling Cipher)
+ * - HMAC-SHA256 Integrity Footer
+ * - Line Wrapping (New: Prevents lag in editors)
+ * - Instant Password Verification (New: Header Auth Check)
  */
 
+// --- EMOJI UNIVERSE GENERATION ---
 const HEADER_ALPHABET = ['🌑', '🌒', '🌓', '🌔', '🌕', '🌖', '🌗', '🌘', '🕐', '🕑', '🕒', '🕓', '🕔', '🕕', '🕖', '🕗'];
 
-const EMOJI_UNIVERSE = [
-    '😀','😃','😄','😁','😆','😅','🤣','😂','🙂','🙃','😉','😊','😇','🥰','😍','🤩',
-    '😘','😗','☺️','😚','😙','🥲','😋','😛','😜','🤪','😝','🤑','🤗','🤭','🤫','🤔',
-    '🤐','🤨','😐','😑','😶','😏','😒','🙄','😬','🤥','😌','😔','😪','🤤','😴','😷',
-    '🤒','🤕','🤢','🤮','🤧','🥵','🥶','🥴','😵','🤯','🤠','🥳','😎','🤓','🧐','😕',
-    '😟','🙁','☹️','😮','😯','😲','😳','🥺','😦','😧','😨','😰','😥','😢','😭','😱',
-    '😖','😣','😞','😓','😩','😫','🥱','😤','😡','😠','🤬','😈','👿','💀','☠️','💩',
-    '🤡','👹','👺','👻','👽','👾','🤖','😺','😸','😹','😻','😼','😽','🙀','😿','😾',
-    '🙈','🙉','🙊','💋','💌','💘','💝','💖','💗','💓','💞','💕','💟','❣️','💔','❤️',
-    '🧡','💛','💚','💙','💜','🤎','🖤','🤍','💯','💢','💥','💫','💦','💨','🕳️','💣',
-    '💬','👁️','💭','💤','👋','🤚','🖐️','✋','🖖','👌','🤏','✌️','🤞','🤟','🤘',
-    '🤙','👈','👉','👆','🖕','👇','☝️','👍','👎','✊','👊','🤛','🤜','👏','🙌','👐',
-    '🤲','🤝','🙏','✍️','💅','🤳','💪','🦾','🦿','🦵','🦶','👂','🦻','👃','🧠','🫀',
-    '🫁','🦷','🦴','👀','👅','👄','👶','🧒','👦','👧','🧑','👱','👨','🧔','👨‍🦰','👨‍🦱',
-    '🔥','🌈','☀️','⛈️','🌩️','❄️','🌵','🌷','🌲','🌳','🌴','🐲','🐉','🦕','🦖','🐍',
-    '🐎','🦄','🦓','🐆','🐅','🐂','🐄','🐖','🐏','🐑','🐐','🐪','🐫','🦙','🦒','🐘',
-    '🦏','🦛','🐁','🐀','🐹','🐰','🐇','🐿️','🦔','🦇','🐻','🐨','🐼','🦥','🦦','🦨',
-    '🦘','🦡','🐾','🦃','🐔','🐓','🐣','🐤','🐥','🐦','🐧','🕊️','🦅','🦆','🦢','🦉',
-    '🎈','🧨','🧧','🎀','🎁','🎗️','🎟️','🎫','🎖️','🏆','🏅','🥇','🥈','🥉','⚽','⚾',
-    '🥎','🏀','🏐','🏈','🏉','🎾','🥏','🎳','🏏','🏑','🏒','🥍','🏓','🏸','🥊','🥋',
-    '🥅','⛳','⛸️','🎣','🤿','🎽','🎿','🛷','🥌','🎯','🪀','🪁','🎱','🔮','🧿','🎮'
-];
+const generateUniverse = () => {
+    const universe = [];
+    const ranges = [
+        [0x1F600, 0x1F64F], // Emoticons
+        [0x1F300, 0x1F5FF], // Misc Symbols
+        [0x1F680, 0x1F6FF], // Transport
+        [0x1F900, 0x1F9FF]  // Supplemental
+    ];
+
+    const headerSet = new Set(HEADER_ALPHABET);
+
+    for (const [start, end] of ranges) {
+        for (let code = start; code <= end; code++) {
+            const char = String.fromCodePoint(code);
+            if (!headerSet.has(char)) {
+                universe.push(char);
+            }
+        }
+    }
+    return universe; // Expect > 1100 chars
+};
+
+const RAW_UNIVERSE = generateUniverse();
+
+if (RAW_UNIVERSE.length < 1080) {
+    throw new Error("Critical: Emoji Universe generation failed to produce enough tokens.");
+}
 
 const C_KEYWORDS = [
     'auto', 'break', 'case', 'char', 'const', 'continue', 'default', 'do',
     'double', 'else', 'enum', 'extern', 'float', 'for', 'goto', 'if',
     'int', 'long', 'register', 'return', 'short', 'signed', 'sizeof', 'static',
     'struct', 'switch', 'typedef', 'union', 'unsigned', 'void', 'volatile', 'while',
-    'include', 'define', 'main', 'printf', 'NULL'
+    'include', 'define', 'main', 'printf', 'NULL', '#include', '#define'
 ];
 
-const ASCII_CHARS = Array.from({ length: 95 }, (_, i) => String.fromCharCode(i + 32))
-    .concat(['\n', '\t', '\r']);
+// --- PRNG: Xoshiro256** ---
+class Xoshiro256 {
+    constructor(seedBuffer) {
+        if (seedBuffer.length < 32) throw new Error("Seed too short");
+        this.s = [
+            seedBuffer.readBigUInt64BE(0),
+            seedBuffer.readBigUInt64BE(8),
+            seedBuffer.readBigUInt64BE(16),
+            seedBuffer.readBigUInt64BE(24)
+        ];
+    }
+
+    next() {
+        const result = this.rotl(this.s[1] * 5n, 7n) * 9n;
+        const t = this.s[1] << 17n;
+
+        this.s[2] ^= this.s[0];
+        this.s[3] ^= this.s[1];
+        this.s[1] ^= this.s[2];
+        this.s[0] ^= this.s[3];
 
-const TOTAL_TOKENS = C_KEYWORDS.length + ASCII_CHARS.length;
+        this.s[2] ^= t;
+        this.s[3] = this.rotl(this.s[3], 45n);
+
+        return result; 
+    }
+
+    nextFloat() {
+        const val = Number(this.next() >> 11n);
+        return val * (2 ** -53); 
+    }
+
+    rotl(x, k) {
+        return (x << k) | (x >> (64n - k));
+    }
+}
 
 export class CipherEngine {
     constructor(password) {
         this.password = password;
-        this.tokenMap = new Map();
-        this.reverseMap = new Map();
+        this.keywordMap = new Map(); 
+        this.keywordReverseMap = new Map(); 
+        this.dataAlphabet = []; 
+        this.dataReverseMap = new Map(); 
         this.isReady = false;
-        
-        if (EMOJI_UNIVERSE.length < TOTAL_TOKENS) {
-            throw new Error(`CRITICAL: Not enough emojis. Need ${TOTAL_TOKENS}, have ${EMOJI_UNIVERSE.length}`);
-        }
+        this.hmac = null; 
+        this.lineLength = 0; // For wrapping
     }
 
-    async init(existingSaltHex = null) {
+    async init(existingSaltHex = null, expectedAuthCheck = null) {
         this.salt = existingSaltHex 
             ? Buffer.from(existingSaltHex, 'hex') 
             : crypto.randomBytes(16);
 
         const derivedKey = await new Promise((resolve, reject) => {
-            crypto.pbkdf2(this.password, this.salt, 100000, 36, 'sha256', (err, key) => {
+            crypto.pbkdf2(this.password, this.salt, 100000, 64, 'sha512', (err, key) => {
                 if (err) reject(err); else resolve(key);
             });
         });
 
-        const seedBuffer = derivedKey.subarray(0, 4);
-        this.authHash = derivedKey.subarray(4);
-        const seedInt = seedBuffer.readUInt32BE(0);
+        const seedBuffer = derivedKey.subarray(0, 32);
+        this.authKey = derivedKey.subarray(32, 64);
+        
+        // Check password correctness immediately if Auth Check is provided
+        if (expectedAuthCheck) {
+            const calculatedAuthCheck = this.authKey.subarray(0, 4).toString('hex');
+            if (calculatedAuthCheck !== expectedAuthCheck) {
+                throw new Error("WRONG_PASSWORD");
+            }
+        }
 
-        const shuffledEmojis = this._shuffleArray([...EMOJI_UNIVERSE], seedInt);
+        this.rng = new Xoshiro256(seedBuffer);
 
-        let emojiIndex = 0;
-        for (const keyword of C_KEYWORDS) {
-            const emo = shuffledEmojis[emojiIndex++];
-            this.tokenMap.set(keyword, emo);
-            this.reverseMap.set(emo, keyword);
-        }
+        const shuffled = this._shuffleArray([...RAW_UNIVERSE]);
 
-        for (const char of ASCII_CHARS) {
-            const emo = shuffledEmojis[emojiIndex++];
-            this.tokenMap.set(char, emo);
-            this.reverseMap.set(emo, char);
+        let ptr = 0;
+        this.keywordEmojis = [];
+        for (const kw of C_KEYWORDS) {
+            const emo = shuffled[ptr++];
+            this.keywordEmojis.push(emo); 
+            this.keywordMap.set(kw, emo); 
+            this.keywordReverseMap.set(emo, kw);
         }
 
-        this.isReady = true;
-    }
+        this.dataAlphabet = shuffled.slice(ptr, ptr + 1024);
+        if (this.dataAlphabet.length < 1024) throw new Error("Not enough emojis for Base-1024");
+        
+        this.dataAlphabet.forEach((emo, idx) => {
+            this.dataReverseMap.set(emo, idx);
+        });
 
-    _mulberry32(a) {
-        return function() {
-          var t = a += 0x6D2B79F5;
-          t = Math.imul(t ^ t >>> 15, t | 1);
-          t ^= t + Math.imul(t ^ t >>> 7, t | 61);
-          return ((t ^ t >>> 14) >>> 0) / 4294967296;
-        }
+        this.hmac = crypto.createHmac('sha256', this.authKey);
+        this.isReady = true;
     }
 
-    _shuffleArray(array, seed) {
-        const rng = this._mulberry32(seed);
+    _shuffleArray(array) {
         for (let i = array.length - 1; i > 0; i--) {
-            const j = Math.floor(rng() * (i + 1));
+            const j = Math.floor(this.rng.nextFloat() * (i + 1));
             [array[i], array[j]] = [array[j], array[i]];
         }
         return array;
@@ -113,11 +158,10 @@ export class CipherEngine {
 
     _encodeHeader() {
         const saltHex = this.salt.toString('hex');
-        const authHex = this.authHash.toString('hex');
-        const fullHexString = saltHex + authHex;
-
+        const authCheck = this.authKey.subarray(0, 4).toString('hex'); // 4 bytes check
+        
         let headerStr = '';
-        for (const char of fullHexString) {
+        for (const char of (saltHex + authCheck)) {
             const val = parseInt(char, 16);
             headerStr += HEADER_ALPHABET[val];
         }
@@ -126,7 +170,6 @@ export class CipherEngine {
 
     static decodeHeader(headerStr) {
         let hexString = '';
-        // Use segmenter here just in case moon emojis have variation selectors
         const segmenter = new Intl.Segmenter('en', { granularity: 'grapheme' });
         const segments = segmenter.segment(headerStr.trim());
 
@@ -135,119 +178,232 @@ export class CipherEngine {
             if (index === -1) throw new Error("Invalid Header format.");
             hexString += index.toString(16);
         }
-        const saltHex = hexString.substring(0, 32);
-        const authHex = hexString.substring(32);
-        return { saltHex, authHex };
+        
+        return { 
+            saltHex: hexString.substring(0, 32),
+            authCheckHex: hexString.length >= 40 ? hexString.substring(32, 40) : null
+        };
     }
 
+    // --- STREAMING ENCRYPTION ---
+
     getEncryptStream() {
         if (!this.isReady) throw new Error("Engine not initialized");
         const engine = this;
-        const decoder = new StringDecoder('utf8');
-        let buffer = '';
-
+        let buffer = Buffer.alloc(0); 
+        
         return new Transform({
             transform(chunk, encoding, callback) {
-                buffer += decoder.write(chunk);
+                const str = chunk.toString('utf8');
                 
                 const sortedKeywords = [...C_KEYWORDS].sort((a, b) => b.length - a.length);
                 const keywordPattern = sortedKeywords.map(k => k.replace(/[.*+?^${}()|[\]\\]/g, '\\$&')).join('|');
-                const regex = new RegExp(`\\b(${keywordPattern})\\b|([\\s\\S])`, 'g');
+                const regex = new RegExp(`(${keywordPattern})`, 'g'); 
                 
-                let match;
-                let output = '';
+                const parts = str.split(regex); 
                 
-                while ((match = regex.exec(buffer)) !== null) {
-                    const token = match[0];
-                    if (engine.tokenMap.has(token)) {
-                        output += engine.tokenMap.get(token);
+                for (const part of parts) {
+                    if (!part) continue;
+
+                    if (C_KEYWORDS.includes(part)) {
+                        if (buffer.length > 0) {
+                            this.push(engine._flushDataBuffer(buffer));
+                            buffer = Buffer.alloc(0);
+                        }
+
+                        const baseIdx = engine.keywordEmojis.indexOf(engine.keywordMap.get(part));
+                        const shift = Number(engine.rng.next() % BigInt(engine.keywordEmojis.length));
+                        const newIdx = (baseIdx + shift) % engine.keywordEmojis.length;
+                        const polyEmoji = engine.keywordEmojis[newIdx];
+                        
+                        const outBuf = Buffer.from(polyEmoji);
+                        engine.hmac.update(outBuf);
+                        
+                        // Emit wrapped
+                        this.push(engine._wrapOutput(outBuf));
+
                     } else {
-                        output += token; 
+                        buffer = Buffer.concat([buffer, Buffer.from(part, 'utf8')]);
+                        
+                        while (buffer.length >= 5) {
+                            const chunk = buffer.subarray(0, 5);
+                            buffer = buffer.subarray(5);
+                            
+                            const enc = engine._encodeBase1024(chunk);
+                            engine.hmac.update(enc);
+                            this.push(engine._wrapOutput(enc));
+                        }
                     }
                 }
-                
-                buffer = ''; 
-                this.push(output);
                 callback();
             },
+            
             flush(callback) {
-                buffer += decoder.end();
-                // Simple flush for MVP; in prod, we'd regex one last time.
+                if (buffer.length > 0) {
+                    const padded = Buffer.alloc(5);
+                    buffer.copy(padded);
+                    const enc = engine._encodeBase1024(padded);
+                    engine.hmac.update(enc);
+                    this.push(engine._wrapOutput(enc));
+                }
+
+                const digest = engine.hmac.digest(); 
+                let footerStr = '';
+                for (const byte of digest) {
+                    const hex = byte.toString(16).padStart(2, '0');
+                    for (const char of hex) {
+                        const val = parseInt(char, 16);
+                        footerStr += HEADER_ALPHABET[val];
+                    }
+                }
+                // Push footer (always starts on a new line or wrapped)
+                this.push(Buffer.from('\n' + footerStr));
                 callback();
             }
         });
     }
 
+    _wrapOutput(bufferChunk) {
+        this.lineLength += bufferChunk.length;
+        if (this.lineLength > 300) { 
+            this.lineLength = 0;
+            return Buffer.concat([bufferChunk, Buffer.from('\n')]);
+        }
+        return bufferChunk;
+    }
+
+    _encodeBase1024(buffer5) {
+        let val = 0n;
+        for (let i = 0; i < 5; i++) {
+            val += BigInt(buffer5[i]) * (256n ** BigInt(i));
+        }
+        
+        let output = '';
+        for (let i = 0; i < 4; i++) {
+            const idx = Number(val % 1024n);
+            val = val / 1024n;
+            output += this.dataAlphabet[idx];
+        }
+        return Buffer.from(output);
+    }
+
+    _flushDataBuffer(buf) {
+        if (buf.length === 0) return Buffer.alloc(0);
+        
+        const padded = Buffer.alloc(5);
+        buf.copy(padded);
+        const enc = this._encodeBase1024(padded);
+        this.hmac.update(enc);
+        return this._wrapOutput(enc);
+    }
+
+    // --- STREAMING DECRYPTION ---
+
     getDecryptStream() {
         if (!this.isReady) throw new Error("Engine not initialized");
         const engine = this;
-        const decoder = new StringDecoder('utf8');
         const segmenter = new Intl.Segmenter('en', { granularity: 'grapheme' });
         
-        let buffer = '';
+        const FOOTER_LEN = 64; 
+        let emojiBuffer = []; 
 
         return new Transform({
             transform(chunk, encoding, callback) {
-                // 1. Decode bytes to string (handles partial UTF8 bytes)
-                buffer += decoder.write(chunk);
-                
-                // 2. Segment into Graphemes (Emojis)
-                const segments = [...segmenter.segment(buffer)];
+                const str = chunk.toString('utf8');
+                const segments = [...segmenter.segment(str)];
                 
-                // 3. Process all BUT the last segment
-                // We keep the last segment in the buffer because it might be 
-                // the start of a multi-codepoint emoji that was split by the chunk boundary.
-                // (e.g. Base char is here, Variation Selector is in next chunk)
-                
-                const processUntilIndex = segments.length > 1 ? segments.length - 1 : 0;
-                let output = '';
-                let processedString = '';
-
-                // If we only have 1 segment, we can't be sure it's complete, wait for next chunk
-                // UNLESS the buffer is getting huge, then force it.
-                if (segments.length === 1 && buffer.length < 100) {
-                     // Wait for more data
-                     callback();
-                     return;
-                }
+                for (const { segment } of segments) {
+                    // Filter out whitespace/newlines used for wrapping
+                    if (segment.match(/\s/)) continue;
 
-                // Process safe segments
-                for (let i = 0; i < processUntilIndex; i++) {
-                    const char = segments[i].segment;
-                    processedString += char;
+                    emojiBuffer.push(segment);
                     
-                    if (engine.reverseMap.has(char)) {
-                        output += engine.reverseMap.get(char);
-                    } else {
-                        output += char;
+                    if (emojiBuffer.length > FOOTER_LEN) {
+                        const emo = emojiBuffer.shift();
+                        engine._processDecryptToken(emo, this);
+                        engine.hmac.update(Buffer.from(emo));
                     }
                 }
-
-                // Update buffer to only contain the remaining tail
-                // Note: buffer might contain bytes not yet in segments if StringDecoder held them? 
-                // No, decoder.write returns what is available.
-                // We just need to remove the processed part from the buffer string.
-                if (processUntilIndex > 0) {
-                    buffer = buffer.slice(processedString.length);
-                    this.push(output);
-                }
-                
                 callback();
             },
+            
             flush(callback) {
-                // Process any remaining tail (buffer + decoder leftovers)
-                buffer += decoder.end();
-                if (buffer) {
-                    const segments = segmenter.segment(buffer);
-                    let output = '';
-                    for (const { segment } of segments) {
-                        if (engine.reverseMap.has(segment)) output += engine.reverseMap.get(segment);
-                        else output += segment;
+                if (emojiBuffer.length !== FOOTER_LEN) {
+                    this.emit('error', new Error("File corrupted or truncated (No Footer)"));
+                    return;
+                }
+
+                const footerStr = emojiBuffer.join('');
+                const calcDigest = engine.hmac.digest('hex'); 
+                
+                let footerHex = '';
+                try {
+                    for (const char of footerStr) {
+                        const idx = HEADER_ALPHABET.indexOf(char);
+                        if (idx === -1) throw new Error();
+                        footerHex += idx.toString(16);
                     }
-                    this.push(output);
+                } catch (e) {
+                    this.emit('error', new Error("Invalid Integrity Seal"));
+                    return;
+                }
+
+                if (footerHex !== calcDigest) {
+                    // Critical security failure
+                    this.emit('error', new Error("FILE_TAMPERED"));
+                    return;
+                }
+
+                if (engine.decodeDataBuf.length > 0) {
                 }
                 callback();
             }
         });
     }
+
+    decodeDataBuf = []; 
+
+    _processDecryptToken(emo, stream) {
+        if (this.keywordReverseMap.has(emo)) {
+            const currentR = Number(this.rng.next() % BigInt(this.keywordEmojis.length));
+            const emoIdx = this.keywordEmojis.indexOf(emo);
+            
+            let baseIdx = (emoIdx - currentR) % this.keywordEmojis.length;
+            if (baseIdx < 0) baseIdx += this.keywordEmojis.length;
+            
+            const originalEmo = this.keywordEmojis[baseIdx];
+            const keyword = this.keywordReverseMap.get(originalEmo);
+            
+            if (this.decodeDataBuf.length > 0) {
+                this.decodeDataBuf = [];
+            }
+            
+            stream.push(keyword);
+
+        } else if (this.dataReverseMap.has(emo)) {
+            this.decodeDataBuf.push(this.dataReverseMap.get(emo));
+            if (this.decodeDataBuf.length === 4) {
+                const chunk = this._decodeBase1024(this.decodeDataBuf);
+                this.decodeDataBuf = [];
+                const cleanChunk = chunk.filter(b => b !== 0x00);
+                stream.push(cleanChunk);
+            }
+        } else {
+            // Unknown emojis are ignored now
+        }
+    }
+
+    _decodeBase1024(indices) {
+        let val = 0n;
+        for (let i = 3; i >= 0; i--) {
+            val = (val * 1024n) + BigInt(indices[i]);
+        }
+        
+        const buf = Buffer.alloc(5);
+        for (let i = 0; i < 5; i++) {
+            buf[i] = Number(val % 256n);
+            val = val / 256n;
+        }
+        return buf;
+    }
 }

package/package.json

@@ -1,14 +1,15 @@
 {
   "name": "mojic",
-  "version": "1.0.3",
-  "description": "Obfuscate C source code into emojis using password-seeded mapping",
+  "version": "1.1.0",
+  "description": "Obfuscate C source code into encrypted, password-seeded emoji streams.",
   "main": "bin/mojic.js",
   "bin": {
     "mojic": "bin/mojic.js"
   },
   "type": "module",
   "scripts": {
-    "start": "node bin/mojic.js"
+    "start": "node bin/mojic.js",
+    "build-binaries": "pkg . --out-path dist --public"
   },
   "repository": {
     "type": "git",
@@ -19,6 +20,9 @@
     "commander": "^11.1.0",
     "inquirer": "^9.2.12"
   },
+  "devDependencies": {
+    "pkg": "^5.8.1"
+  },
   "engines": {
     "node": ">=18.0.0"
   },
@@ -28,8 +32,22 @@
     "emoji",
     "obfuscation",
     "c",
-    "security"
+    "security",
+    "polymorphic"
   ],
   "author": "notamitgamer",
-  "license": "Apache-2.0"
+  "license": "Apache-2.0",
+  "pkg": {
+    "scripts": "bin/mojic.js",
+    "assets": [
+      "lib/**/*",
+      "package.json"
+    ],
+    "targets": [
+      "node18-win-x64",
+      "node18-linux-x64",
+      "node18-macos-x64"
+    ],
+    "outputPath": "dist"
+  }
 }