mojic Documentation
Install v2.1.4 Launch Web App
Visit Repository Install v2.1.4 Launch Web App

Operation Polymorphic Chaos

Mojic is a sophisticated CLI tool designed to transform readable C source code into an unrecognizable, chaotic stream of emojis. It is not a simple substitution cipher; it is a cryptographic obfuscation tool.

Current Version: v2.1.4
Core Tech: Node.js, AES-256-CTR, Scrypt (Memory-Hard)

Why use Mojic?

  • Total Polymorphism: Both keywords and raw data are whitened. Patterns like repeating indentation are effectively scrambled.
  • GPU-Resistant: Uses the Scrypt KDF to derive keys, making brute-force attacks computationally expensive on graphics hardware.
  • Base-1024 Compression: Reduces the bloat of non-keyword characters.
  • Integrity Sealed: HMAC-SHA256 signature ensures files haven't been tampered with.

How it works

You input C code. Mojic asks for a password. It generates a unique emoji dialect and uses a keystream (AES-256-CTR) to encrypt your file into a .mojic artifact.

Installation

Mojic is distributed via NPM. You can install it globally to use the command line tools.

Global Install

npm install -g mojic

Run via NPX (No Install)

npx mojic --help

Build from Source

git clone https://github.com/notamitgamer/mojic.git
cd mojic
npm install
npm run build-binaries

mojic encode

Encrypts a C source file or an entire directory of files into Mojic format.

Usage

mojic encode <path> [options]

Options

Flag Description
-r, --recursive Recursively process all .c files in a directory.
-f, --flat Minify mode. Strips whitespace and newlines before encryption to increase obfuscation density.

Examples

Encrypt a single file:

$ mojic encode main.c
> Create password for file(s): *****
> Processing: main.c -> main.mojic
> Encrypted.

Batch encrypt a project with flattening:

$ mojic encode ./src -r -f
> Initiating Mojic Encryption v2.1...
> Structural Flattening Enabled
> Scanning directory: ./src
> Processing: utils.c -> utils.mojic
> Processing: main.c -> main.mojic
> Batch encryption complete.

mojic decode

Restores .mojic files back to readable C source code.

Usage

mojic decode <path> [options]

Options

Flag Description
-r, --recursive Recursively find and decode all .mojic files.

Error Handling

Mojic includes strict integrity checks.

  • WRONG_PASSWORD: The derived key did not match the Auth Check in the Moon Header.
  • FILE_TAMPERED: The HMAC-SHA256 signature at the end of the stream failed. The file has been modified.

Security & Rotation Tools (SRT)

The srt command allows you to manage encrypted files without exposing their plaintext contents. This is useful for rotating credentials.

Rotate Password

Changes the password of a file by decrypting the stream into memory and re-encrypting with a new key.

mojic srt --pass secret.mojic

Re-Encrypt (Entropy Shuffle)

Keeps the same password but generates a new salt and AES keystream. This completely changes the visual emoji output, defeating any potential pattern analysis over time.

mojic srt --re secret.mojic

Operation Ironclad (v2.1.4)

Mojic is built on the updated CipherEngine.js. Here is how it achieves "Polymorphic Chaos".

1. The Emoji Universe

The engine generates a pool of ~1,100 valid unicode characters (Emoticons, Transport, Symbols). This pool is shuffled using a CSPRNG (AES-256-CTR) seeded by your password.

2. Polymorphic Keywords

Standard C keywords (int, void, if) are not mapped 1:1. The engine calculates a random offset for every occurrence based on the keystream.

3. XOR Whitening

Before any raw data (variable names, strings, whitespace) is encoded, it is XORed with a mask generated from the AES-256-CTR stream. This ensures that repeating patternsβ€”like 4 spaces of indentationβ€”never look the same twice.

Input: " " (4 spaces)
Stream A: 0x1A 0xB2... -> 🦁 πŸš—
Stream B: 0x4F 0x9C... -> πŸ‘Ί πŸ›Έ

4. Base-1024 Compression

The whitened data is buffered into 5-byte chunks and converted into 4 base-1024 digits (emojis), keeping file sizes manageable.

Moon Header Protocol

Mojic files do not look like random noise immediately. They start with a distinct header.

Structure

The header contains the Salt (32 bytes) and an Auth Check (4 bytes). These are encoded using a specific alphabet of moon phases and clocks.

HEADER_ALPHABET = ['πŸŒ‘', 'πŸŒ’', 'πŸŒ“', 'πŸŒ”', 'πŸŒ•', 'πŸŒ–', 'πŸŒ—', '🌘', 'πŸ•', 'πŸ•‘', 'πŸ•’', 'πŸ•“', 'πŸ•”', 'πŸ••', 'πŸ•–', 'πŸ•—'];

This allows the decode command to verify your password instantly by checking the header, rather than processing the whole file and outputting garbage.

Contributing to Mojic

First off, thanks for taking the time to contribute! Use your best judgment, and feel free to propose changes.

Development Workflow

  1. Fork the repository on GitHub.
  2. Clone your fork locally: git clone https://github.com/YOUR_USERNAME/mojic.git
  3. Create a Branch for your feature or bugfix: git checkout -b feature/amazing-feature
  4. Install Dependencies: npm install
  5. Test your changes: Run the CLI locally using npm start -- encode test.c
  6. Commit your changes using imperative mood (e.g., "Add feature").
  7. Push and Open a Pull Request.

Mojic Code Style

  • Cipher Logic: Changes to CipherEngine.js must ensure backward compatibility.
  • Streams: Always use StringDecoder when handling text streams to prevent multi-byte emoji corruption.

Code of Conduct

Our Pledge

In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation.

Enforcement

Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team. All complaints will be reviewed and investigated.

Report Issues To:
amitdutta4255@gmail.com (Priority)
mail@amit.is-a.dev

Security Policy

Warning: Please do not open public issues for security vulnerabilities.

Reporting a Vulnerability

We take security seriously. If you discover a security vulnerability within Mojic (e.g., in the CipherEngine logic or the PRNG implementation), please send an e-mail immediately.

Security Contact:
amitdutta4255@gmail.com

Scope

  • Supported: Issues regarding key derivation (Scrypt), salt collisions, HMAC integrity failures, or stream buffer overflows.
  • Not Supported: Brute-forcing weak passwords (users are responsible for password strength).

License

Mojic is licensed under the Apache License, Version 2.0.

Apache License 2.0 Summary:

You can do whatever you want with this software, as long as you include the original copyright and license notice in any copy of the software/source. It is provided "as is" without warranty.

Read Full License →

Copyright © 2026 notamitgamer