Direct messages, files, and voice notes are protected with ML-KEM — the NIST-standardised post-quantum key encapsulation mechanism (FIPS-203) — wrapped around AES-256-GCM. The same primitives the U.S. government recommends for protecting data against a future quantum computer. Two modes, both end-to-end.
Every direct message you send is encrypted with ML-KEM-768 (NIST Category 3) + AES-256-GCM. Post-quantum by default. No toggle required. Already running on the web app.
One tap in the chat menu upgrades a conversation to ML-KEM-1024 (NIST Category 5) — equivalent to AES-256 strength against quantum attackers. For the conversations that matter most.
A multi-cipher cascade mode (AES-GCM, ChaCha20-Poly1305, XChaCha20-Poly1305 with HMAC authentication and per-second rotation) remains available for group chats and as a transparent fallback when post-quantum isn't yet negotiated with a peer. Being phased out as ML-KEM coverage expands.
Sign up with just a username. No phone number. No email. No tracking. Your display name is all anyone sees.
Messages are encrypted on your device before sending. The server never sees your plaintext. Only you and the recipient can read them.
Photos, videos, audio, and documents are encrypted end-to-end on your device before upload — wrapped in the same ML-KEM-derived key as your messages.
Hold the mic to record, release to send. Audio is encrypted on your device through the same pipeline as files — never uploaded as plaintext.
The ultimate panic button. Set a deactivation PIN — if entered, ALL your data is permanently destroyed. Your account ceases to exist. No trace.
Add friends securely with QR codes that change every 60 seconds. HMAC-signed so they can't be forged or replayed.
Lock the app with fingerprint or face recognition. Real WebAuthn cryptographic verification — not just a screen overlay.
End-to-end encrypted group chats and stories that disappear after 24 hours. Group conversations currently use the cascade mode; ML-KEM coverage for groups is on the roadmap.
NoidChat voice and video calls are wrapped in ML-KEM (NIST FIPS-203) — the post-quantum key encapsulation standard. When the cryptographically relevant quantum computer arrives, your old NoidChat calls won't suddenly become readable — they were never vulnerable to begin with.
The default call cipher: ML-KEM-768 (NIST Category 3) post-quantum key exchange. Derives a fresh shared secret for every call session.
One tap in the call menu upgrades the session to ML-KEM-1024 (NIST Category 5) — equivalent to AES-256 against quantum attackers.
Once the PQC handshake derives a shared secret, every audio/video frame is encrypted in-browser with AES-256-GCM via WebRTC Insertable Streams. Zero plaintext ever touches the network.
V1 and V2 call pipelines run in parallel and never cross-wire. If a future cryptanalysis breakthrough hits one, the other holds the line. Future-proofing built into the architecture.
Continuous security review and regular vulnerability audits. Here's what's protected at the platform level:
All user input escaped. Nicknames sanitized. No injection possible.
Link previews blocked from internal networks. DNS rebinding mitigated.
Brute force blocked. Upload limits. Message throttling. Connection timeouts.
JWT with pinned algorithms. Bcrypt password hashing. Reserved username blocking.
Uploads require authentication. Random filenames. MIME validation. Size limits.
Channel membership checks on every operation. No cross-channel data leaks.
Auth database encrypted with AES-256-GCM. SSL keys restricted to owner only.
All keys, caches, cookies, and service workers wiped on logout. No residual data.
Privacy work is never finished. These are the hardening features actively in development:
A Double-Ratchet-style protocol so that compromise of a long-term key doesn't expose past messages. Each message will derive its own ephemeral key.
QR-code and shared-secret verification for one-to-one conversations — confirm out-of-band that nobody has swapped your peer's key.
Migrating private key storage from browser IndexedDB to WebAuthn-backed enclaves where the platform supports it. Keys you can't read even if your browser is compromised.
Automatic re-keying of group conversations when a member leaves or is removed, so they lose access to all future messages.
Extending post-quantum coverage from one-to-one conversations to group chats. Same Flash 768 / Flash 1024 modes, multi-recipient.
A native iOS build is in development. The web app already works on iOS via Safari; the App Store release is in the pipeline.