Each conversation has a unique encryption key derived via Diffie-Hellman on Curve25519. Your private key never leaves your device — not even the server can compute it.

Messages are encrypted in your browser before sending. The server only stores ciphertext — mathematically indistinguishable from random noise without your session key.

All traffic is encrypted in transit via WSS/HTTPS with a verified certificate. Even if the transport layer were compromised, your messages remain protected by E2E encryption.