Undulax generates cryptographic keys by harvesting randomness from the live internet. It fetches data from eight different high-traffic websites, measures tiny timing variations in the responses, and feeds that unpredictable noise into animated lava lamp simulations. The constantly shifting patterns of the lamps are combined to produce secure random keys that cannot be predicted or reproduced.
Undulax is a hardware-free entropy harvester that builds cryptographic keys from real-world network chaos. It continuously polls eight geographically diverse web sources, extracting sub-millisecond timing jitter, TLS handshake variations, and response content changes. This raw entropy feeds dedicated lava lamp physics simulations—one per source—where nonlinear blob interactions amplify unpredictability. All lamp states are cryptographically mixed into a 512-bit entropy pool, which is then processed through HKDF and ChaCha20 to generate output keys with forward secrecy and backtracking resistance.
Undulax implements a CSPRNG seeded from network entropy harvested via nanosecond-precision timing measurements (process.hrtime.bigint) of TLS handshakes, header reception, and body transfer from eight independent high-traffic hosts. Per-source entropy contributions are domain-separated BLAKE3 hashes of timing jitter, response headers, and body content. Each source drives a server-side physics simulation with 4–7 blobs subject to thermal buoyancy, viscous damping, nonlinear repulsion, and wall collisions. Lamp states are BLAKE3-hashed and stirred into a 512-bit pool using a counter-domain-separated construct. Output extraction uses HKDF-SHA256 to simultaneously derive key material and rekey the pool, providing forward secrecy. Final output is generated via ChaCha20 PRF seeded from the extracted material, with configurable lengths (128/256/512-bit) and encodings (hex/base64/base64url).