Privacy redefined

The first messenger
without user IDs

Other apps have user IDs: Signal, Matrix, Session, Briar, Jami, Cwtch, etc.
SimpleX does not, not even random numbers.
This radically improves your privacy.

Why user IDs are bad for privacy? How does SimpleX work? Security assessments

Make a private connection

The video shows how you connect to your friend via their 1-time QR-code, in person or via a video link. You can also connect by sharing an invitation link.

Why privacy matters

Preserving the privacy of your metadata — who you talk with — protects you from:

Advertising and price discrimination

Privacy saves you money

Manipulation of elections

Privacy gives you power

Prosecution due to innocent association

Privacy protects your freedom

Make sure your messenger can't access your data!

Why SimpleX is unique

#1

You have complete privacy

SimpleX protects the privacy of your profile, contacts and metadata, hiding it from SimpleX platform servers and any observers.

Unlike any other existing messaging platform, SimpleX has no identifiers assigned to the users — not even random numbers.

Learn more

#2

You are protected
from spam and abuse

Because you have no identifier or fixed address on the SimpleX platform, nobody can contact you unless you share a one-time or temporary user address, as a QR code or a link.

Learn more

#3

You control your data

SimpleX stores all user data on client devices in a portable encrypted database format — it can be transferred to another device.

The end-to-end encrypted messages are held temporarily on SimpleX relay servers until received, then they are permanently deleted.

Learn more

#4

You own SimpleX network

The SimpleX network is fully decentralised and independent of any crypto-currency or any other platform, other than the Internet.

You can use SimpleX with your own servers or with the servers provided by us — and still connect to any user.

Learn more

Features

E2E-encrypted messages with markdown and editing

E2E-encrypted
images, videos and files

E2E-encrypted decentralized groups — only users know they exist

E2E-encrypted voice messages

Disappearing messages

E2E-encrypted
audio and video calls

Portable encrypted app storage — move profile to another device

Incognito mode —
unique to SimpleX Chat

What makes SimpleX private

Temporary anonymous pairwise identifiers

SimpleX uses temporary anonymous pairwise addresses and credentials for each user contact or group member.

It allows to deliver messages without user profile identifiers, providing better meta-data privacy than alternatives.

Tap to close

Out-of-band
Key exchange

Many communication platforms are vulnerable to MITM attacks by servers or network providers.

To prevent it SimpleX apps pass one-time keys out-of-band, when you share an address as a link or a QR code.

Tap to close

2-layers of
End-to-end encryption

Double-ratchet protocol —
OTR messaging with perfect Forward secrecy and Break-in recovery.

NaCL cryptobox in each queue to prevent traffic correlation between message queues if TLS is compromised.

Tap to close

Message integrity
verification

To guarantee integrity the messages are sequentially numbered and include the hash of the previous message.

If any message is added, removed or changed the recipient will be alerted.

Tap to close

Additional layer of
server encryption

Additional layer of server encryption for delivery to the recipient, to prevent the correlation between received and sent server traffic if TLS is compromised.

Tap to close

Message mixing
to reduce correlation

SimpleX servers act as low latency mix nodes — the incoming and outgoing messages have different order.

Tap to close

Secure authenticated
TLS transport

Only TLS 1.2/1.3 with strong algorithms is used for client-server connections.

Server fingerprint and channel binding prevent MITM and replay attacks.

Connection resumption is disabled to prevent session attacks.

Tap to close

Optional
access via Tor

To protect your IP address you can access the servers via Tor or some other transport Overlay network.

To use SimpleX via Tor please install Orbot app and enable SOCKS5 proxy (or VPN on iOS).

Tap to close

Unidirectional
message queues

Each message queue passes messages in one direction, with the different send and receive addresses.

It reduces the attack vectors, compared with traditional message brokers, and available meta-data.

Tap to close

Multiple layers of
Content padding

SimpleX uses Content padding for each encryption layer to frustrate message size attacks.

It makes messages of different sizes look the same to the servers and network observers.

Tap to close

SimpleX Network

Simplex Chat provides the best privacy by combining the advantages of P2P and federated networks.

Unlike P2P networks

All messages are sent via the servers, both providing better metadata privacy and reliable asynchronous message delivery, while avoiding many problems of P2P networks.

Unlike federated networks

SimpleX relay servers do NOT store user profiles, contacts and delivered messages, do NOT connect to each other, and there is NO servers directory.

SimpleX network

servers provide unidirectional queues to connect the users, but they have no visibility of the network connection graph — only the users do.

Simplex explained

1. What users experience

You can create contacts and groups, and have two-way conversations, as in any other messenger.

How can it work with unidirectional queues and without user profile identifiers?

2. How does it work

For each connection you use two separate messaging queues to send and receive messages via different servers.

Servers only pass messages one way, without having the full picture of user's conversation or connections.

3. What servers see

The servers have separate Anonymous credentials for each queue, and do not know which users they belong to.

Users can further improve metadata privacy by using Tor to access servers, preventing corellation by IP address.

Comparison with other protocols

simplex logo Signal, big platforms XMPP, Matrix P2P protocols
Requires global identity No - private Yes 1 Yes 2 Yes 3
Possibility of MITM No - secure 4 Yes 5 Yes Yes
Dependence on DNS No - resilient Yes Yes No
Single or Centralized network No - decentralized Yes No - federated 6 Yes 7
Central component or other network-wide attack No - resilient Yes Yes 2 Yes 8

  1. Usually based on a phone number, in some cases on usernames
  2. DNS-based addresses
  3. Public key or some other globally unique ID
  4. SimpleX relays cannot compromise e2e encryption. Verify security code to mitigate attack on out-of-band channel
  5. If operator’s servers are compromised. Verify security code in Signal and some other apps to mitigate it
  6. Does not protect users' metadata privacy
  7. While P2P are distributed, they are not federated - they operate as a single network
  8. P2P networks either have a central authority or the whole network can be compromised - see here

Join SimpleX

We invite you to join the conversation

Sign up to receive our updates


Get SimpleX desktop app

Anonymous credentials

The credential that allows proving something, e.g. the right to access some resource, without identifying the user. This credential can either be generated by a trusted party or by the user themselves and provided together with the request to create the resource. The first approach creates some centralized dependency in most cases. The second approach does not require any trust - this is used in SimpleX network to authorize access to the messaging queues.

Blockchain

In a wide sense, blockchain means a sequence of blocks of data, where each block contains a cryptographic hash of the previous block, thus providing integrity to the whole chain. Blockchains are used in many communication and information storage systems to provide integrity and immutability of the data. For example, BluRay disks use blockchain. SimpleX messaging queues also use blockchain - each message includes the hash of the previous message, to ensure the integrity – if any message is modified it will be detected by the recipient when the next message is received. Blockchains are a subset of Merkle directed acyclic graphs.

Break-in recovery

Also known as break-in recovery, it is the quality of the end-to-end encryption scheme allowing to recover security against a passive attacker who observes encrypted messages after compromising one (or both) of the parties. Also known as recovery from compromise or break-in recovery. Double-ratchet algorithm has this quality.

Centralized network

Centralized networks are provided or controlled by a single entity. The examples are Threema, Signal, WhatsApp and Telegram. The advantage of that design is that the provider can innovate faster, and has a centralized approach to security. But the disadvantage is that the provider can change or discontinue the service, and leak, sell or disclose in some other way all users' data, including who they are connected with.

Content padding

Also known as content padding, it is the process of adding data to the beginning or the end of a message prior to encryption. Padding conceals the actual message size from any eavesdroppers. SimpleX has several encryption layers, and prior to each encryption the content is padded to a fixed size.

End-to-end encryption

A communication system where only the communicating parties can read the messages. It is designed to protect message content from any potential eavesdroppers – telecom and Internet providers, malicious actors, and also the provider of the communication service.

Forward secrecy

Also known as perfect forward secrecy, it is a feature of a key agreement protocol that ensures that session keys will not be compromised even if long-term secrets used in the session key exchange are compromised. Forward secrecy protects past sessions against future compromises of session or long-term keys.

Key exchange

Also known as key exchange, it is a process of agreeing cryptographic keys between the sender and the recipient(s) of the message. It is required for end-to-end encryption to work.

MITM attack

The attack when the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other.

Overlay network

Nodes in the overlay network can be thought of as being connected by virtual or logical links, each of which corresponds to a path, perhaps through many physical links, in the underlying network. Tor, for example, is an overlay network on top of IP network, which in its turn is also an overlay network over some underlying physical network.

© 2020-2024 SimpleX | Open-Source Project