Whisper Bridge is an ultra-lightweight, secure, and fully anonymous infrastructure designed for collecting community feedback and strategic ideas. Built with Go and following a Serverless architecture, this project provides a footprint-free communication channel for high-risk environments.
The system follows a multi-stage protocol to guarantee 100% anonymity and transparency:
- Secure Submission (Frontend): User messages are sent via an isolated web form. [cite_start]A Honeypot filter identifies bots, and the first layer of Sanitization neutralizes malicious payloads.
- [cite_start]Reception & Hashing (API): The server generates a temporary one-way Hash (fingerprint) for rate-limiting purposes without ever storing IP addresses or identifying metadata.
- [cite_start]Private Vault Archiving: Messages are initially stored in a Private GitHub Repository for security auditing (removing accidental personal identifiers)[cite: 1].
- Dual Public Release: After initial auditing, data is released in two formats:
- [cite_start]Raw Data: Original messages to ensure integrity and enable public auditing[cite: 1].
- [cite_start]Summarized Versions: AI-processed summaries for rapid analysis[cite: 1].
- The Forge (Public Refinement): This is where true collaboration happens. [cite_start]Professionals from all sectors—doctors, engineers, bakers, and lawyers—can critique and refine the ideas[cite: 1].
- [cite_start]Collective Approval: Once an idea is refined through "The Forge," the final output is integrated into the official Charter or Task Lists[cite: 1].
We aim for continuous optimization through this pattern:
- [cite_start]Matching: Preventing information silos by checking for existing discussions[cite: 1].
- [cite_start]Refinement: Processing inputs using advanced AI models (e.g., Gemini) for clarity and safety[cite: 1, 2].
- [cite_start]Transparency: Users can always cross-reference the summarized output with the raw input to ensure accuracy[cite: 1].
- [cite_start]Zero Logging: No IP addresses, browser User-Agents, or cookies are stored[cite: 1].
- [cite_start]Absolute Transparency: All processing logic is public in this repository for communal auditing[cite: 1].
- [cite_start]No Trackers: Strictly no third-party analytics or tracking services are used[cite: 1].
The project follows a modular Go structure to ensure complete Separation of Concerns (SoC) and maximum security:
- [cite_start]api/: Manages incoming Vercel Serverless requests[cite: 1].
- [cite_start]internal/ratelimit: Implements anti-spam logic based on temporary fingerprints[cite: 1].
- [cite_start]internal/security: Dedicated layer for text sanitization and payload neutralization[cite: 1].
- [cite_start]internal/github: Secure management of data transfer to the Private Vault[cite: 1].
- [cite_start]web/: Lightweight, isolated UI with a strict No-Tracker Policy[cite: 1].
- Language: Go 1.21+
- Framework: Gin Gonic (for high-performance routing)
- Deployment: Vercel Serverless Functions
- Integration: GitHub API (for secure data persistence)