Radar Resilient Information Hub

Abstract

Radar Resilient Information Hub is a cybersecurity and digital public infrastructure case study addressing information failure during network instability. The system is designed as a high-availability communication node with emphasis on data integrity, moderator accountability, and resilient African cyberspace outcomes.

In high-risk and low-stability environments, communities need systems that remain available under unstable network conditions, preserve integrity of shared information, provide accountable moderation, and reduce dependence on centralized trust bottlenecks. Radar operationalizes this through real-time room-based messaging, hash-chained audit logging, moderator-aware permission models, and passive persistence enabling recovery across network disruptions.

The platform integrates three measurable goals: Availability (maintain functional communication during network churn and packet degradation), Integrity (prevent or detect unauthorized modification of moderation actions), and Accountability (produce transparent, reviewable governance trails). The implementation emphasizes engineering rigor through formal threat modeling, structured test matrices, and reproducible resilience benchmarks.

This work combines systems engineering with applied research relevant to secure systems, trustworthy computing, and data sovereignty in African contexts, demonstrating practical approaches to digital public infrastructure that prioritize community agency and local control.

Problem Statement & Motivation

In high-risk and low-stability environments—characterized by connectivity disruptions, censorship pressure, rapid misinformation events, and infrastructure volatility—communities lose access to communication systems exactly when trusted information coordination matters most. Traditional centralized platforms offer neither resilience during instability nor user agency over moderation governance.

The technical challenge spans three dimensions:

• Availability: Communication systems fail during network churn, packet degradation, and geopolitical connectivity disruptions; recovery is manual and slow
• Integrity: Absence of immutable records enables unauthorized modification of content or moderation actions; communities cannot verify governance decisions
• Accountability: No systematic audit trail of moderation behavior; governance decisions remain opaque; communities lack recourse for policy disputes

These failures compound in African contexts where digital public infrastructure often exhibits characteristics of both technical fragility (limited redundancy, variable network quality) and governance opacity (centralized platform providers operating outside local jurisdictions). Addressing this problem requires systems that prioritize local control, transparency in governance, and explicit design for operation under realistic constraint conditions.

System Architecture & Design Rationale

Radar employs a resilience-first architecture emphasizing passive persistence, distributed coordination, and accountability through immutable audit trails. The design supports real-time communication over transient networks while preserving governance transparency.

Core Features & Operational Workflows

Guest Onboarding: Zero-friction entry point. New participants onboard as guests and receive time-limited JWT identities without pre-registration, enabling rapid community organization while maintaining modest authentication boundaries.

Real-Time Room Messaging: Participants join named rooms (public or private) and exchange messages in real time. Message delivery guaranteed through Socket.IO reliability layer; optimistic UI updates provide immediate feedback despite network latency.

Private Room Access Control: Room operators set optional password gating. Access rules enforced at both connection and message emission points; unauthorized access attempts logged to audit trail with attacker identity context.

Moderator-Aware Permissions: Room moderators possess explicit delete permissions over messages and ability to modify room properties. Moderation decisions (deletion, room configuration changes) logged immutably to audit trail with moderator identity and timestamp. Non-moderators cannot perform these actions; attempts are rejected server-side with audit recording.

Message Edit & Reaction Flows: Participants edit their own sent messages (edit history not currently exposed but logged). All participants can add emoji reactions to messages; reactions propagate in real time with optimistic updates.

Media Controls: Browser-side media capture (microphone, camera, screen share); signaling layer enables peer-to-peer media coordination. Media state tracked per-participant and broadcast to room members.

Persistent State Recovery: Server maintains append-only JSON logs of all room and message state changes. On restart, server replays log to rebuild in-memory state. Network disruptions or server restarts do not result in message loss or state corruption.

Immutable Audit Logging: All moderation actions, permission checks, and policy events written to hash-chained append-only log. Audit log integrity verified through endpoint /api/system/audit-health which reports hash chain consistency and reports any invalid entries.

Implementation Methodology

Radar was developed following an iterative, evidence-centric approach prioritizing verifiability of security and resilience claims over feature maximization. Development phases emphasized threat modeling, formal test matrix definition, and reproducible benchmarking before feature implementation.

• Phase 1 (Threat Modeling & Requirements): Formal adversary profiles, trust boundary definition, risk enumeration, and mitigation roadmap. Threat model published in docs/THREAT_MODEL.md
• Phase 2 (Test Matrix & Success Criteria): Structured definition of functional, abuse, and resilience test scenarios with pass/fail criteria. Published in docs/TEST_MATRIX.md
• Phase 3 (Core Architecture & Auth): Socket.IO real-time layer, JWT guest onboarding, moderator permission model, initial message and room state management
• Phase 4 (Persistence & Audit): Append-only JSON logging, file-based state recovery, hash-chained audit trail, integrity health endpoint
• Phase 5 (Testing & Benchmarking): Unit/integration test suites, abuse-resilience fuzzing, network fault injection, reproducible resilience benchmark script

Technology Stack Rationale

Stack choices prioritized simplicity, auditability, and offline-as-a-primary-design-target. React 19 enables responsive multi-room UI with real-time updates. Node.js Express provides lightweight event-driven server suitable for modest hardware. Socket.IO offers robust WebSocket abstraction with built-in reconnection and fallback. In-memory state + append-only file logging avoids external database dependency while guaranteeing data durability and recovery capability without external infrastructure. Hash-chained audit logs provide tamper-evident records suitable for governance review and forensic analysis.

Evaluation & Resilience Benchmarks

System evaluation employed simulation-based testing under controlled fault injection scenarios to assess performance against measurable availability, integrity, and accountability goals. Reproducible benchmarks enable validation of design claims and future comparative analysis across deployment contexts.

Evaluation Dimensions

• Functional Correctness: Auth token validation, room access control, moderator permission enforcement, message persistence and recovery verified under nominal operation
• Resilience Under Network Disruption: Socket reconnection behavior, message buffering during churn, passive state recovery, participant presence tracking validated under synthetic packet loss and disconnection events
• Abuse Resistance: Unauthorized access attempts, token misuse, replay-like behavior, and permission boundary violations tested against permission and audit systems
• Delivery Reliability: Message delivery success rate, p95 and p99 socket message latency, reconnect behavior under sustained churn measured via automated benchmark
• Audit Integrity: Hash chain consistency, immutability of log entries, and recovery accuracy verified across state rebuild scenarios

Reproducible Benchmark

Execute resilience benchmark from the backend folder:

npm run benchmark:resilience:quick

or full-duration benchmark:

npm run benchmark:resilience

The benchmark script emits JSON summary metrics including delivery success rate, p95/p99 socket latency, reconnect p95 under churn, and metadata for traceability. Results enable quantitative assessment of system resilience against network volatility.

Research Framing & African Cyberspace Context

This project is positioned at the intersection of cybersecurity engineering, digital public infrastructure, and data sovereignty in African contexts. The work aligns with research themes around secure systems, trustworthy computing, and resilience under realistic constraint conditions.

Design decisions reflect direct experience of cyberspace dynamics in African environments where connectivity remains volatile, centralized platforms operate outside local jurisdictions, and communities require systems that preserve agency and governance transparency. Radar prioritizes African cyberspace outcomes through emphasis on:

• Local control: Communities operate systems within their own infrastructure rather than depending on cloud providers or centralized intermediaries
• Data sovereignty: Information access and moderation governance remain locally interpretable and auditable
• Resilience under constraint: System operates effectively on modest hardware under variable network conditions typical of African digital infrastructure
• Transparency in governance: Moderation decisions are immutable, reviewable, and subject to community audit

The project demonstrates how systems engineering can operationalize data sovereignty principles, produce evidence of security and governance properties through formal threat modeling and testing, and remain deployable in contexts where commercial platforms remain infeasible.

Technical Evidence & Resources

Complete project documentation, design artifacts, implementation evidence, and reproducible code are provided below. All materials support evidence-centric evaluation of security, resilience, and governance properties. The GitHub repository contains the complete, executable source code with test suites and benchmark harness.

Project Genesis: Kenya Finance Bill Protests 2024

Radar was conceived during the Kenya Finance Bill Protests of June 2024, when government censorship of WhatsApp, Twitter, and cellular networks created immediate communication blackouts across the country. During this period of digital repression, citizens faced coordinated abductions and arrest, with families unable to locate missing persons. The absence of resilient, decentralized communication infrastructure became immediately apparent: centralized platforms could be shut down instantaneously, leaving communities isolated and vulnerable.

This project emerged from that experience. Radar prioritizes communication systems that communities can operate and control locally, that remain available when centralized platforms fail, and that preserve transparent governance trails to prevent abuse. The technical choices of persistence, audit logging, and local control reflect direct lessons from the moment when Kenya's information infrastructure was weaponized against its citizens.

Local Setup & Reproducibility

The system is fully reproducible. All dependencies are open-source; no proprietary licenses required. Follow the steps below to run Radar locally.

1. Clone the repository: git clone https://github.com/Swaph/Radar-Activism-Hub.git && cd Radar-Activism-Hub
2. Install backend dependencies: cd backend && npm install
3. Install frontend dependencies: cd ../frontend && npm install
4. Start the backend: cd ../backend && node server.js (runs on port 5000)
5. In a new terminal, start the frontend: cd frontend && npm run dev (runs on port 5173 with Vite)
6. Access the system: Navigate to http://localhost:5173
7. Run resilience benchmark: cd backend && npm run benchmark:resilience:quick

The frontend requires no authentication for room access; participants join as guests. Backend logs detailed operation traces to aid in understanding socket events and permission enforcement.