Every message is encrypted with a server-held AES-256-GCM key before being stored in the database. This protects your data from disk theft or a database leak. It is decrypted briefly on the server to deliver it to your devices and sync your history — this is what makes instant multi-device sync possible.

All traffic between your device and the server runs over WSS/HTTPS with TLS 1.3 and a verified certificate, so no one on the network in between — your ISP, a public Wi-Fi operator, etc. — can read your messages in transit.

Unlike Signal-style E2E messengers, HermesChat's server operator technically holds the decryption key. We don't read your messages, but we — or anyone who compromises the server — technically could. Don't share anything here you wouldn't want a server breach to expose.