您的身份、个人资料、联系人和元数据的完整隐私

与其他消息网络不同，SimpleX 没有分配给用户的标识符。它不依赖电话号码、基于域的地址（如电子邮件或 XMPP）、用户名、公钥甚至随机数来识别其用户—— SimpleX 服务器运营方不知道有多少人使用其服务器。

为了传递消息，SimpleX 使用单向消息队列的成对匿名地址，通常通过不同的服务器将接收和发送的消息分开。

这种设计保护了您正在与之通信的人的隐私，将其隐藏在 SimpleX 网络的服务器和任何观察者之外。要对服务器隐藏您的 IP 地址，您可以通过 Tor 连接到 SimpleX 服务器。

防止垃圾消息和平台滥用的最佳保护

因为您在 SimpleX 网络上没有标识符，所以除非您以二维码或链接的形式分享一次性或临时用户地址，没有人可以联系您。

即使使用可选的用户地址，当它被用于发送垃圾邮件联系请求，您可以更改或完全删除它而不会丢失任何连接。

您数据的所有权、控制权和安全性

SimpleX Chat 使用便携式加密数据库格式仅将所有用户数据存储在客户端设备上，该格式可以导出并传输到任何支持的设备。

端到端加密的消息在被收到前会暂时保存在 SimpleX 中继服务器上，传送完成后它们会被永久删除。

与联合网络服务器（电子邮件、XMPP 或 Matrix）不同，SimpleX 服务器不存储用户帐户，它们仅中继消息，保护双方的隐私。

发送和接收的服务器流量之间没有共同的标识符或密文—— 如果有人在观察它，他们也无法轻易确定谁与谁通信，即使 TLS 受到威胁。

完全去中心化 —— 用户拥有 SimpleX 网络

您可以将 SimpleX 与您自己的服务器一起使用，并且仍然可以与使用应用中预配置服务器的人们进行通信。

SimpleX 网络使用开放协议并提供用于创建聊天机器人的 SDK，允许用户实现通过 SimpleX Chat 应用程序与之交互的服务—我们真的很期待看到您会依托SimpleX构建哪些服务。

如果您正在考虑为在SimpleX 网络上开发，例如，为 SimpleX 应用程序用户开发聊天机器人，或将 SimpleX 聊天库集成到您的移动应用，请联系我们获取建议和支持。

		Signal、其他大平台	XMPP、Matrix	P2P协议
需要全局身份	否 - 私密	是 ¹	是 ²	是 ³
中间人攻击的可能性	不可能 - 安全 ⁴	是 ⁵	是	是
对 DNS 的依赖	不依赖 - 有韧性	是	是	否
单一或中心化网络	不依赖 - 去中心化的	是	不依赖 - 联邦式网络 ⁶	是 ⁷
中央组件或其他全网攻击	不依赖 - 有韧性	是	是 ²	是 ⁸

	Session	Briar	Element	Cwtch	Signal	SimpleX
Message padding	✗	✔︎¹	✗	✔︎	✔︎¹	✔︎
Repudiation (deniability)	✗	✗	✗	✔︎²	✔︎³	✔︎
Forward secrecy	✗	✔︎	✔︎	✔︎	✔︎	✔︎
Post-compromise security	✗	✗	✗	✔︎	✗⁴	✔︎
2-factor key exchange	✔︎	✔︎⁵	✔︎⁵	✔︎	✔︎⁵	✔︎
Post-quantum hybrid crypto	✗	✗	✗	✗	✔︎⁶	✔︎

Address portability

Similarly to phone number portability (the ability of the customer to transfer the service to another provider without changing the number), the address portability means the ability of a communication service customer to change the service provider without changing the service address. Many federated networks support SRV records to provide address portability, but allowing service users to set up their own domains for the addresses is not as commonly supported by the available server and client software as for email.

Federated network

Federated network is provided by several entities that agree upon the standards and operate the network collectively. This allows the users to choose their provider, that will hold their account, their messaging history and contacts, and communicate with other providers' servers on behalf of the user. The examples are email, XMPP, Matrix and Mastodon.

The advantage of that design is that there is no single organization that all users depend on, and the standards are more difficult to change, unless it benefits all users. There are several disadvantages: 1) the innovation is slower, 2) each user account still depends on a single organization, and in most cases can't move to another provider without changing their network address – there is no address portability, 3) the security and privacy are inevitably worse than with the centralized networks.

Federation on Wikipedia

Anonymous credentials

The credential that allows proving something, e.g. the right to access some resource, without identifying the user. This credential can either be generated by a trusted party or by the user themselves and provided together with the request to create the resource. The first approach creates some centralized dependency in most cases. The second approach does not require any trust - this is used in SimpleX network to authorize access to the messaging queues.

Digital credential on Wikipedia

Blockchain

In a wide sense, blockchain means a sequence of blocks of data, where each block contains a cryptographic hash of the previous block, thus providing integrity to the whole chain. Blockchains are used in many communication and information storage systems to provide integrity and immutability of the data. For example, BluRay disks use blockchain. SimpleX messaging queues also use blockchain - each message includes the hash of the previous message, to ensure the integrity – if any message is modified it will be detected by the recipient when the next message is received. Blockchains are a subset of Merkle directed acyclic graphs.

In a more narrow sense, particularly in media, blockchain is used to refer specifically to distributed ledger, where each record also includes the hash of the previous record, but the blocks have to be agreed by the participating peers using some consensus protocol.

Wikipedia

Merkle directed acyclic graph

Also known as Merkle DAG, a data structure based on a general graph structure where node contains the cryptographic hashes of the previous nodes that point to it. Merkle trees are a subset of Merkle DAGs - in this case each leaf contains a cryptographic hash of the parent.

This structure by design allows to verify the integrity of the whole structure by computing its hashes and comparing with the hashes included in the nodes, in the same way as with blockchain.

The motivation to use DAG in distributed environments instead of a simpler linear blockchain is to allow concurrent additions, when there is no requirement for a single order of added items. Merkle DAG is used, for example, in IPFS and will be used in decentralized SimpleX groups.

Wikipedia.

Break-in recovery

The quality of the end-to-end encryption scheme allowing to recover security against a passive attacker who observes encrypted messages after compromising one (or both) of the parties. Also known as recovery from compromise or break-in recovery. Double-ratchet algorithm has this quality.

Double ratchet algorithm

It is used by two parties to exchange end-to-end encrypted messages. The parties will use some key agreement protocol to agree on the initial shared secret key.

Double Ratchet algorithm provides perfect forward secrecy and post-compromise security. It is designed by Signal, and used in SimpleX Chat and many other secure messengers. Most experts consider it the state-of-the-art encryption protocol in message encryption.

Centralized network

Centralized networks are provided or controlled by a single entity. The examples are Threema, Signal, WhatsApp and Telegram. The advantage of that design is that the provider can innovate faster, and has a centralized approach to security. But the disadvantage is that the provider can change or discontinue the service, and leak, sell or disclose in some other way all users' data, including who they are connected with.

Content padding

Also known as content padding, it is the process of adding data to the beginning or the end of a message prior to encryption. Padding conceals the actual message size from any eavesdroppers. SimpleX has several encryption layers, and prior to each encryption the content is padded to a fixed size.

Wikipedia.

Decentralized network

Decentralized network is often used to mean "the network based on decentralized blockchain". In its original meaning, decentralized network means that there is no central authority or any other point of centralization in the network, other than network protocols specification. The advantage of decentralized networks is that they are resilient to censorship and to the provider going out of business. The disadvantage is that they are often slower to innovate, and the security may be worse than with the centralized network.

The examples of decentralized networks are email, web, DNS, XMPP, Matrix, BitTorrent, etc. All these examples have a shared global application-level address space. Cryptocurrency blockchains not only have a shared address space, but also a shared state, so they are more centralized than email. Tor network also has a shared global address space, but also a central authority. SimpleX network does not have a shared application-level address space (it relies on the shared transport-level addresses - SMP relay hostnames or IP addresses), and it does not have any central authority or any shared state.

Defense in depth

Originally, it is a military strategy that seeks to delay rather than prevent the advance of an attacker, buying time and causing additional casualties by yielding space.

In information security, defense in depth represents the use of multiple computer security techniques to help mitigate the risk of one component of the defense being compromised or circumvented. An example could be anti-virus software installed on individual workstations when there is already virus protection on the firewalls and servers within the same environment.

SimpleX network applies defense in depth approach to security by having multiple layers for the communication security and privacy:

double ratchet algorithm for end-to-end encryption with perfect forward secrecy and post-compromise security,
additional layer of end-to-end encryption for each messaging queue and another encryption layer of encryption from the server to the recipient inside TLS to prevent correlation by ciphertext,
TLS with only strong ciphers allowed,
mitigation of man-in-the-middle attack on client-server connection via server offline certificate verification,
mitigation of replay attacks via signing over transport channel binding,
multiple layers of message padding to reduce efficiency of traffic analysis,
mitigation of man-in-the-middle attack on client-client out-of-band channel when sending the invitation,
rotation of delivery queues to reduce efficiency of traffic analysis,
etc.

Wikipedia

End-to-end encryption

A communication system where only the communicating parties can read the messages. It is designed to protect message content from any potential eavesdroppers – telecom and Internet providers, malicious actors, and also the provider of the communication service.

End-to-end encryption requires agreeing cryptographic keys between the sender and the recipient in a way that no eavesdroppers can access the agreed keys. See key agreement protocol. This key exchange can be compromised via man-in-the-middle attack, particularly if key exchange happens via the same communication provider and no out-of-band channel is used to verify key exchange.

Wikipedia

Forward secrecy

Also known as perfect forward secrecy, it is a feature of a key agreement protocol that ensures that session keys will not be compromised even if long-term secrets used in the session key exchange are compromised. Forward secrecy protects past sessions against future compromises of session or long-term keys.

Wikipedia

Post-compromise security

The quality of the end-to-end encryption scheme allowing to recover security against a passive attacker who observes encrypted messages after compromising one (or both) of the parties. Also known as recovery from compromise or break-in recovery. Double-ratchet algorithm has this quality.

Man-in-the-middle attack

The attack when the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other.

This attack can be used to compromise end-to-end encryption by intercepting public keys during key exchange, substituting them with the attacker's keys, and then intercepting and re-encrypting all messages, without altering their content. With this attack, while the attacker does not change message content, but she can read the messages, while the communicating parties believe the messages are end-to-end encrypted.

Such attack is possible with any system that uses the same channel for key exchange as used to send messages - it includes almost all communication systems except SimpleX, where the initial public key is always passed out-of-band. Even with SimpleX, the attacker may intercept and substitute the key sent via another channel, gaining access to communication. This risk is substantially lower, as attacker does not know in advance which channel will be used to pass the key.

To mitigate such attack the communicating parties must verify the integrity of key exchange - SimpleX and many other messaging apps, e.g. Signal and WhatsApp, have the feature that allows it.

Wikipedia.

Message padding

Also known as content padding, it is the process of adding data to the beginning or the end of a message prior to encryption. Padding conceals the actual message size from any eavesdroppers. SimpleX has several encryption layers, and prior to each encryption the content is padded to a fixed size.

Wikipedia.

Key agreement protocol

Also known as key exchange, it is a process of agreeing cryptographic keys between the sender and the recipient(s) of the message. It is required for end-to-end encryption to work. Unless it is possible to secure the key exchange via some second factor, e.g. security code verification, it can be vulnerable to man-in-the-middle attack.

Wikipedia

Key exchange

Also known as key exchange, it is a process of agreeing cryptographic keys between the sender and the recipient(s) of the message. It is required for end-to-end encryption to work. Unless it is possible to secure the key exchange via some second factor, e.g. security code verification, it can be vulnerable to man-in-the-middle attack.

Wikipedia

MITM attack

The attack when the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other.

This attack can be used to compromise end-to-end encryption by intercepting public keys during key exchange, substituting them with the attacker's keys, and then intercepting and re-encrypting all messages, without altering their content. With this attack, while the attacker does not change message content, but she can read the messages, while the communicating parties believe the messages are end-to-end encrypted.

Such attack is possible with any system that uses the same channel for key exchange as used to send messages - it includes almost all communication systems except SimpleX, where the initial public key is always passed out-of-band. Even with SimpleX, the attacker may intercept and substitute the key sent via another channel, gaining access to communication. This risk is substantially lower, as attacker does not know in advance which channel will be used to pass the key.

To mitigate such attack the communicating parties must verify the integrity of key exchange - SimpleX and many other messaging apps, e.g. Signal and WhatsApp, have the feature that allows it.

Wikipedia.

Non-repudiation

Onion routing

A technique for anonymous communication over a computer network that uses multiple layers of message encryption, analogous to the layers of an onion. The encrypted data is transmitted through a series of network nodes called "onion routers," each of which "peels" away a single layer, revealing the data's next destination. The sender remains anonymous because each intermediary knows only the location of the immediately preceding and following nodes.

The most widely used onion network is Tor.

Some elements of SimpleX network use similar ideas in their design - different addresses for the same resource used by different parties, and additional encryption layers. Currently though, SimpleX messaging protocol does not protect sender network address, as the relay server is chosen by the recipient. The delivery relays chosen by sender that are planned for the future would make SimpleX design closer to onion routing.

Wikipedia

Overlay network

Nodes in the overlay network can be thought of as being connected by virtual or logical links, each of which corresponds to a path, perhaps through many physical links, in the underlying network. Tor, for example, is an overlay network on top of IP network, which in its turn is also an overlay network over some underlying physical network.

SimpleX Clients also form a network using SMP relays and IP or some other overlay network (e.g., Tor), to communicate with each other. SMP relays, on another hand, do not form a network.

Wikipedia

Non-repudiation

The property of the cryptographic or communication system that allows the recipient of the message to prove to any third party that the sender identified by some cryptographic key sent the message. It is the opposite to repudiation. While in some context non-repudiation may be desirable (e.g., for contractually binding messages), in the context of private communications it may be undesirable.

Wikipedia

Repudiation

The property of the cryptographic or communication system that allows the sender of the message to plausibly deny having sent the message, because while the recipient can verify that the message was sent by the sender, they cannot prove it to any third party - the recipient has a technical ability to forge the same encrypted message. This is an important quality of private communications, as it allows to have the conversation that can later be denied, similarly to having a private face-to-face conversation.

Pairwise pseudonymous identifier

Generalizing the definition from NIST Digital Identity Guidelines, it is an opaque unguessable identifier generated by a service used to access a resource by only one party.

In the context of SimpleX network, these are the identifiers generated by SMP relays to access anonymous messaging queues, with a separate identifier (and access credential) for each accessing party: recipient, sender and and optional notifications subscriber. The same approach is used by XFTP relays to access file chunks, with separate identifiers (and access credentials) for sender and each recipient.

Peer-to-peer

Peer-to-peer (P2P) is the network architecture when participants have equal rights and communicate directly via a general purpose transport or overlay network. Unlike client-server architecture, all peers in a P2P network both provide and consume the resources. In the context of messaging, P2P architecture usually means that the messages are sent between peers, without user accounts or messages being stored on any servers. Examples are Tox, Briar, Cwtch and many others.

The advantage is that the participants do not depend on any servers. There are multiple downsides to that architecture, such as no asynchronous message delivery, the need for network-wide peer addresses, possibility of network-wide attacks, that are usually mitigated only by using a centralized authority. These disadvantages are avoided with proxied P2P architecture.

Wikipedia.

Proxied peer-to-peer

Network topology of the communication system when peers communicate via proxies that do not form the network themselves. Such design is used in Pond, that has a fixed home server for each user, and in SimpleX, that uses multiple relays providing temporary connections.

Perfect forward secrecy

Also known as perfect forward secrecy, it is a feature of a key agreement protocol that ensures that session keys will not be compromised even if long-term secrets used in the session key exchange are compromised. Forward secrecy protects past sessions against future compromises of session or long-term keys.

Wikipedia

Post-quantum cryptography

Any of the proposed cryptographic systems or algorithms that are thought to be secure against an attack by a quantum computer. It appears that as of 2025 there is no system or algorithm that is proven to be secure against such attacks, or even to be secure against attacks by massively parallel conventional computers, so a general recommendation is to use post-quantum hybrid cryptography - combining post-quantum and traditional algorigthms.

Wikipedia

Post-quantum hybrid crypto

Any of the proposed cryptographic systems or algorithms that are thought to be secure against an attack by a quantum computer. It appears that as of 2025 there is no system or algorithm that is proven to be secure against such attacks, or even to be secure against attacks by massively parallel conventional computers, so a general recommendation is to use post-quantum hybrid cryptography - combining post-quantum and traditional algorigthms.

Wikipedia

Recovery from compromise

The quality of the end-to-end encryption scheme allowing to recover security against a passive attacker who observes encrypted messages after compromising one (or both) of the parties. Also known as recovery from compromise or break-in recovery. Double-ratchet algorithm has this quality.

User identity

In a communication system it refers to anything that uniquely identifies the users to the network. Depending on the communication network, it can be a phone number, email address, username, public key or a random opaque identifier. Most messaging networks rely on some form of user identity. SimpleX appears to be the only messaging network that does not rely on any kind of user identity - see this comparison.

The World's Most Secure Messaging

How to connect to others

为什么 SimpleX 是独特的

#1

您有完整的隐私

#2

您可以免受垃圾消息和平台滥用的侵害

#3

您控制您的数据

#4

您拥有 SimpleX 网络

您的身份、个人资料、联系人和元数据的完整隐私

防止垃圾消息和平台滥用的最佳保护

您数据的所有权、控制权和安全性

完全去中心化 —— 用户拥有 SimpleX 网络

功能

是什么让 SimpleX 能够保密

临时匿名成对标识符

带外密钥交换

双层端到端加密

消息完整性验证

服务器提供的另一层加密

通过消息混合减少相关性

安全认证的TLS传输

可选择通过 Tor 访问

单向消息队列

多层级的内容填充

SimpleX 网络

与 P2P 网络不同

与 P2P 通讯协议的比较

不同于联邦网络

SimpleX 网络

SimpleX 简述

与其他协议的比较

Comparison of end-to-end encryption security in different messengers

Address portability

Federated network

Anonymous credentials

Blockchain

Merkle directed acyclic graph

Break-in recovery

Double ratchet algorithm

Centralized network

Content padding

Decentralized network

Defense in depth

End-to-end encryption

Forward secrecy

Post-compromise security

Man-in-the-middle attack

Message padding

Key agreement protocol

End-to-end encryption

Forward secrecy

Key exchange

Key exchange

MITM attack

MITM attack

Message padding

Non-repudiation

Onion routing

Overlay network

Non-repudiation

Repudiation

Pairwise pseudonymous identifier

Peer-to-peer

Proxied peer-to-peer

Perfect forward secrecy

Post-compromise security

Post-quantum cryptography

Post-quantum hybrid crypto

Post-quantum hybrid crypto

Recovery from compromise

Repudiation

User identity