Roadmap¶
Planned features and architectural improvements for the Antimatter ecosystem. Items are prioritized by security first, then core functionality, then quality-of-life.
Want to help?
Many of these items are great first contributions. Check the Contributing Guide to get started.
Security & Privacy¶
End-to-End Encryption (E2EE)¶
Status: Planned
Currently, the WebSocket connection is secured by TLS (via Cloudflare) and a 256-bit pairing token with Ed25519 handshake. However, to ensure absolute privacy even from tunnel providers, we plan to implement true E2EE using a Diffie-Hellman key exchange:
- Traffic encrypted before leaving the VS Code extension
- Decrypted only on the Android device
- Zero-knowledge routing through any intermediary (Cloudflare, proxies, etc.)
Core Features¶
Advanced Terminal Integration¶
Status: Planned
The current terminal uses child_process.spawn to proxy commands. The future goal is a fully featured, isolated terminal:
| Feature | Description |
|---|---|
| PTY support | Use node-pty for a true TTY environment — interactive commands like vim, htop, and prompts |
| Sandboxing | Restrict terminal sessions to the workspace directory to prevent accidental global changes |
| ANSI rendering | Xterm.js-style renderer in Jetpack Compose for colored output, cursor movements, and complex TUI layouts |
Remote Workspace Switching¶
Status: Under consideration (long-term)
Allow users to browse and switch the active VS Code workspace from the Android app.
Security implications
Granting the companion app filesystem navigation vastly expands the attack surface. If implemented, this will require:
- Pre-approved workspace whitelists
- Secondary biometric confirmations
- Restricted filesystem read access
Status Legend¶
| Icon | Meaning |
|---|---|
| Shipped | |
| In progress | |
| Planned | |
| Under consideration |