The RC4-based security model is fundementally broken #33
Description
I was browsing github and found this. I noticed your protocol uses the RC4 cipher, which is now considered broken and insecure. Heres a long list of attacks that are possible on RC4: https://en.wikipedia.org/wiki/RC4#Security. Theres other issues with the protocol such as no integrity & a probably oracle attack.
I don't think its possible to invent a new protocol that won't have some kind of security issue (look at how complicated SSL / TLS is - thats for good reason!). Consider using the crypto/tls package, but switch up the verification so you don't have to use public certificates.