Customize the behavior of iCanText through the config.json file.
In Business Mode, iCanText fetches a config.json file from the root directory during initialization. This file allows you to override the default system values to match your organization's infrastructure and security policies.
config.json file. The application uses a "delta" logic: any key explicitly defined in your JSON file will override the internal default, while all other parameters will retain their standard values as documented below.
The root URL of your private signaling server (endpoint). Change this to point to your own PHP rendezvous point to ensure total data sovereignty.
The specific sub-path on the signaling server where channel data is exchanged. This is appended to the API_BASE_URL.
The endpoint used by the application to identify the user session within a corporate portal or reverse-proxy environment.
The name of the file containing the signed cryptographic license. This file is required for the application to operate in Business Mode.
The HTTP header name used by your reverse proxy (Apache, Nginx) to transmit the authenticated username (LDAP/AD login) to the application.
The base frequency for polling the signaling server during the connection phase. Reducing this increases responsiveness but results in higher CPU and bandwidth load on the signaling endpoint.
List of STUN and TURN servers used to bypass corporate firewalls. Essential for P2P connectivity in strict NAT environments.
Time-To-Live for gossip messages. In a very large organization (100k+ nodes), increasing this ensures messages reach isolated network clusters at the cost of slight overhead.
Limits the number of simultaneous WebRTC connections per node. Higher values improve network mesh density but increase CPU usage on client devices.
Controls how many new users a Gatekeeper can process simultaneously. Increase this for powerful "Seed Nodes" serving as entry points for the whole company.
Maximum time allowed to establish the initial network connection. On highly filtered or slow corporate networks (satellites, VPNs), increasing this value prevents premature connection failures.
The maximum duration allowed for two nodes to complete a WebRTC handshake. If the connection isn't established within this time, the attempt is aborted to save resources.
Number of messages received through intermediaries from a specific peer before the application automatically attempts to open a direct P2P shortcut to that peer.
Stabilizes Quality of Service (QoS) routing. A new path must be at least 10% faster than the current one to be adopted. This prevents the network from constantly "flapping" between routes due to minor latency variations.
Damping period for routing tables. Multiple incoming route changes are grouped during this window before being broadcast. This significantly reduces network overhead in large, dynamic workspaces.
Stability factor for Gatekeeper leadership. A new candidate collective must have a total score 10% higher than the incumbents to trigger a role transition, ensuring leadership continuity.
Priority bonus for Gatekeeper selection. Nodes with a public IP or open NAT receive this boost, as they are technically superior for welcoming new members who may be behind restrictive firewalls.
Stability bonus for core network roles. Nodes running on devices connected to permanent power (detected via the Battery API) receive this bonus, favoring desktops and servers over mobile devices for mesh coordination.
The frequency of the coordination heartbeat between active Gatekeepers. This ensures the collective remains synchronized and detects failures within the core mesh coordination layer.
The grace period after which a Gatekeeper is considered offline if no heartbeats are received. Crossing this threshold triggers a new election to replace the missing node.
The interval for electing "Channel Guardians." Guardians are responsible for maintaining the definitive history and metadata for a specific channel, ensuring data consistency even as users come and go.
How long a peer ID remains in the "unreachable" list after a failed connection attempt. This prevents the network from wasting resources repeatedly trying to contact nodes that are likely behind non-compatible firewalls.
Time limit before a private message is considered undelivered. This parameter defines the responsiveness of the visual "✔✔" status indicators in the chat interface.
Target number of active Gatekeepers in the workspace. A higher value increases the resilience of onboarding new members in very large organizations.
The maximum time allowed for a node to collect votes and finalize its status during a self-triggered Gatekeeper election. This ensures that coordination roles are filled quickly without hanging the network logic.
Frequency at which a node broadcasts its routing health and neighbor list to its peers. A shorter interval speeds up network convergence after a node joins or leaves, at the cost of higher background traffic.
The interval for "Lazy Gossip" operations. Peers exchange summaries of message IDs they possess, allowing nodes that missed data (due to churn) to request the specific missing content.
The size of the volatile buffer used to store recent messages specifically for gossip repair. A larger cache improves the network's ability to "heal" missed messages for users with unstable connections.
Limits how many "down" peer IDs are shared in each health update. This prevents network metadata from growing too large while still informing the mesh about connectivity issues.
The safety threshold for connections. A node will refuse to prune redundant links if its neighbor count falls below this number, ensuring a minimum degree of mesh stability for every participant.
The interval between attempts to resend private messages stored in the local outbox. This handles cases where a recipient was temporarily offline or unreachable.
The time the application waits after connecting to a workspace before initiating a full history synchronization. This delay prevents network congestion during the initial handshake phase.
The maximum size in Bytes for file attachments. Since files are transmitted via DataChannels in memory, keep this under 10MB to avoid browser performance issues.
The size of binary fragments used for file transmission over WebRTC DataChannels. 16KB is the optimized standard to prevent buffer overflow and ensure compatibility across different browsers.
A security limit that prevents memory exhaustion attacks. The application will refuse to reassemble any incoming file or message that exceeds this total size in RAM.
Limits the number of simultaneous file transfers or large message reassemblies. This acts as a circuit breaker to prevent memory exhaustion if a node is flooded with large data packets.
The maximum time allowed between two fragments (chunks) of the same file. If no new data is received within this window, the partial transfer is discarded to free up RAM.
The number of messages kept in active RAM. Increasing this allows for longer scrolling without fetching from history guardians.
Determines the number of messages retrieved per request during history synchronization. Balancing this value is key to providing fast initial channel loading without overloading the "History Guardian" nodes.
Security filter to prevent the transmission of executable or dangerous files within the workspace.
Internal timer for memory management. Every interval, the application clears expired ephemeral messages and stale peer profiles from RAM to ensure long-term stability on low-memory devices.
If provided, enables the "Google Workspace" identity flow. Users can identify themselves using their corporate Google account.
Enables or disables the Google Identity Provider (IdP) for new users. When active, a Google login button is displayed in the identity selection modal for users who haven't established a local keystore yet. Organizations using Google Workspace can keep this enabled to streamline the enrollment process.
Enables or disables the LinkedIn Identity Provider (IdP). When active, users can verify their professional identity and retrieve their pseudonym via LinkedIn. Disable this if your corporate security policy restricts the use of social networks for professional authentication.
Enforces a cryptographic authorization check during the initial creation of a workspace in Business Mode.
When enabled, any user with an empty local identity (newly enrolled) who discovers an uninitialized workspace
will be prompted to provide a valid Creation Token.
Note: Existing members or administrators with a valid proofWallet in their local storage
will automatically "wake up" the workspace without being prompted for a token.
Restricts the number of channels non-admin users can create. This prevents workspace clutter in large organizations.
Anti-replay security window. Cryptographic signatures are only considered valid if the message was emitted within this timeframe. This prevents old intercepted messages from being re-injected into the network.
Security recursion limit. Defines the maximum number of administrative delegations (certificates) the system will traverse to verify a user's authority back to the Workspace Founder.
The time window given to a user to type the network password into the UI prompt. If the timer expires, the connection attempt is cancelled for security and resource management.
Prevents "flapping" in the Gatekeeper collective. Once an election is completed, the network enforces a mandatory waiting period before a new election can be triggered by peers.
The duration a node listens for concurrent "Founder" attempts on the signaling server. This is a critical anti-collision mechanism that prevents "Split Brain" scenarios where two users create the same workspace simultaneously.
The absolute time limit for resolving a "Founder Duel." If the conflict isn't settled within this window, the node aborts the creation process to prevent network fragmentation.
The maximum duration a Gatekeeper node waits for a cryptographic challenge response from a new arrival.
Important: This value is strictly dependent on PASSWORD_ENTRY_TIMEOUT.
It must always be set higher (recommended: +2000ms) than the entry timeout to account for network travel time.
If this value is too low, the Gatekeeper will drop the connection before the user has finished typing and submitting their password.
Controls how long system notifications (Toasts) remain visible on the screen before automatically disappearing. Critical security errors are exempt from this timer and remain persistent.
A debounce delay used before writing the cryptographic identity and certificates to persistent storage. This prevents unnecessary disk I/O when receiving large batches of certificates during initial sync.
Advanced: Rename the WebRTC data flow to masquerade traffic and bypass certain network traffic inspectors.
Throttles the UI refresh rate when multiple network events occur (e.g., rapid peer connections). Increasing this value significantly reduces CPU usage on older terminals or mobile devices during peak activity.
The fixed pixel height of individual rows in the peer list. This constant is used by the high-performance virtual rendering engine to support smooth scrolling with up to 100,000 members.
Limits the vertical expansion of the message input field. This ensures that long messages don't accidentally obscure the chat history while the user is typing.
The security keyword the user must type to confirm the permanent deletion of their local identity in case of a forgotten password. Essential for IT support procedures.
Below is an example of a typical corporate configuration file.
{
"API_BASE_URL": "https://p2p.acme-corp.internal",
"REMOTE_USER_HEADER": "Auth-User",
"AUTH_GOOGLE": true,
"AUTH_LINKEDIN": false,
"MAX_FILE_SIZE": 10485760,
"ICE_SERVERS": [
{ "urls": "turn:turn.acme-corp.internal", "username": "...", "credential": "..." }
],
"MAX_CHANNELS_PER_USER": 5,
"OAUTH_GOOGLE_CLIENT_ID": "12345-abc.apps.googleusercontent.com"
}