It's definitely worth looking into - TextSecure's Axolotl is best-in-class for dealing with text messaging or other scenarios with occasional one-shots.
If you want another, simpler transport that works better for more connected scenarios, like this one, ask trevp who did that: he has a very promising-looking one in the design phase.
If I can give any advice: security doesn't make a good afterthought, especially when encryption was the first word you mentioned. It's a foundational feature; treat it as one. Pick primitives that make the best, most solid foundations you can get, and do your best to make sure you can rely on them. As for the rest, extensibility needs careful thought: it can be easy to extend yourself into vulnerabilities.
Best of luck. You have an interesting project. I might keep an eye on it.
Thanks! Yes, this is great advice. security should not be an afterthought and it certainly has not been here. Also, I did not post this on HN, so those were not my words.
There are some aspects to security that I took that extend to the code. It is written using design by contract, where if a contract fails, the program quits immediately. Security should extend beyond the protocol.
As I mentioned previously, long term I won't be using a handrolled protocol, which has obvious problems. This software is alpha and I hope to migrate before 1.0
If you want another, simpler transport that works better for more connected scenarios, like this one, ask trevp who did that: he has a very promising-looking one in the design phase.
If I can give any advice: security doesn't make a good afterthought, especially when encryption was the first word you mentioned. It's a foundational feature; treat it as one. Pick primitives that make the best, most solid foundations you can get, and do your best to make sure you can rely on them. As for the rest, extensibility needs careful thought: it can be easy to extend yourself into vulnerabilities.
Best of luck. You have an interesting project. I might keep an eye on it.