SimpleX chat

Private, decentralized, no global identities

You can use it from the terminal UI, with all contacts and groups in one window.

Alice

Bob

Tom

You control your chat!

SimpleX objective:

Give you the full control of who can talk to you and your chat data

with free open-source protocol and software

of simple to deploy chat servers and simple to use chat clients

providing complete privacy, security and ownership of your contacts and chat.

Security

Two-layer encryption and communication integrity

Privacy

Nobody can see your contacts or messages - they are stored locally

Convenience

Easy to add contacts and to start talking

Problem: chat security

End-to-end encryption?

Alice sends the key to Bob (e.g. via p2p network or via chat server)

Alice
Alice sends the key to Bob
Bob

Now Bob can send encrypted messages to Alice - he believes it is secure!

Alice
They believe it is secure
Bob

Man-in-the-middle attack!

But the key can be intercepted and substituted by Tom (the attacker)

Alice
key is intercepted
Bob
Tom

Now the attacker can can read the messages without Alice or Bob knowing

Alice
attacker can read messages
Bob
Tom

What is the solution?

To create secure encrypted channel you need an existing secure channel
where you can pass the encryption key (or key fingerprint).

Any alternative solution can be compromised.

How SimpleX chat app will work

To add contact and to start chat

Adding a contact in mobile app will require sharing your one-time QR code.
In the terminal UI you need to share an invitation with your contact.

mobile app: show QR code to add contact
Alice
mobile app: scan QR code
Bob
mobile app: confirm contact
Alice
mobile app: start chat
Bob

Comparison with other protocols

simplex logo SimpleX chat Signal, big platforms XMPP, Matrix P2P protocols
Requires global identity No - private Yes 1 Yes 2 Yes 3
Possibility of MITM No - secure Yes 4 Yes Yes
Dependence on DNS No - resilient Yes Yes No
Single or centralized network No - decentralized Yes No - federated 5 Yes 6
Central component or other network-wide attack No - resilient Yes Yes 2 Yes 7
  1. Usually based on a phone number, in some cases on usernames
  2. DNS-based addresses
  3. Public key or some other globally unique ID
  4. If operator’s servers are compromised
  5. Does not protect users' metadata
  6. While P2P are distributed, they are not federated - they operate as a single network
  7. P2P networks either have a central authority or the whole network can be compromised - see here

SimpleX messaging protocol

Unidirectional (simplex) queues

Simplex messaging protocol (SMP) for messaging via secure persistent queues will serve as the low level protocol for SimpleX chat - see demo server implementation.
It uses different encryption keys for each message queue - the key is passed via existing secure channel - e.g. QR code or another simplex queue.

Alice
simplex messaging protocol
Bob

Chat

Communication integrity

Each chat uses two (or more) simplex queues for duplex communication. Each message contains the hash of the previous message to detect if messages are lost or changed.

Alice
simplex chat: duplex conversation
Bob

Use SimpleX

SimpleX chat terminal client v0.4.0 is released!
It supports groups and sending files

You can use our servers or use 1-click deployment on DigitalOcean marketplace.

Sign up to be updated about the new releases.

Join SimpleX

The project can move faster with your help.
We develop it in Haskell and Dart/Flutter.