First of all, nice work! Learning by doing is great, especially with cryptography.

Some observations from a very quick scan:

1. You should include a disclaimer somewhere in the repo that this is an educational project, not something people should seriously use. This is the "escape hatch" for the "don't roll your own crypto" rule.

2. You're rolling your own curve math, including ECDH and ECDSA. These are not easy to get right; in particular, it looks like you've got a classic "attacker can send you a point not on the curve" bug here[1], unless I'm missing where you validate the other party's point.

3. Your protocol seems to allow variance over the curve parameters, which is notoriously dangerous (and is why X.509 and similar protocols prefer "named curve" sets over explicit parameter sets).

[1]: https://github.com/vaktibabat/ecurvechat/blob/4a1d91bd02bbc8...