Home

Built a small encrypted messenger that runs over any MQTT broker you host. The broker is just a dumb relay — it only sees ciphertext, never plaintext. Setup is dead simple: spin up an MQTT broker (EMQX, Mosquitto, whatever), share a room name and encryption key with someone, done. ChaCha20-Poly1305 + Argon2id, fresh salt and nonce per message. Rust backend (Tauri), React frontend, single portable exe around 5MB. There’s also a clipboard encryption mode — type plaintext, it encrypts to clipboard, paste into any app. Useful if you don’t want to run a dedicated chat client. Originally designed for people in censored regions, but it works as a minimal self-hosted secure chat for anyone who wants it. Limitations: no forward secrecy, no traffic obfuscation, Windows only for now. Tauri should make cross-compilation straightforward if anyone wants to build for Linux/macOS. Unlicense, public domain. I’m not maintaining it — fork and do what you want.

Due to throwaway account limitations, I can’t post this in many places. If you think this project is useful, feel free to share it wherever you think it fits.

Why the 1-off release with no further development?

Interestimg take though, using MQTT instead of XMPP

You and your peer agree on an encryption key (any string).

This is unacceptably unsecure for the usecases you mention. There is a reason why the most secure messaging apps don’t use symettric encryption, don’t use passphrases, and they also possess forward secrecy.

It’s pointless to push this as a censhorship circumvention method

I appreciate the projects, but use of this to bypass

Thank you very much for your reply. In fact, this project is a one-off project and a vision. The original idea came from fear — the fear of having your communications surveilled, and the legal risks that come with having your speech monitored.

It had many ideas, which were eventually abandoned. I’m unable to continuously maintain and update this project, so it would need community forks.

The 9-month silence was also for the same reason. The account replying to you (clinamen0) will also be retired soon, to prevent tracing.

Thank you for your reply. In fact, this project is a one-off project and a vision. The original idea came from fear — my fear. The fear of having your communications surveilled, and the legal risks that come with having your speech monitored. I face all of these.

My vision: the software should be simple, easy to use, quickly distributable, non-commercial, available to every ordinary person, maximizing the cost of censorship for authoritarian governments — until the day when we can finally see the light.

For this reason, I gave up many complex designs.

Its goal: “two people get the software and can use it right away.” Only this way can more ordinary people in authoritarian countries embrace this kind of information protection. Indeed, more secure methods exist, but those tools are too complex. Moreover, citizens in authoritarian countries are naturally hostile toward such software. But an app that lets you chat in ciphertext directly on social media, or use it standalone, is something interesting. And citizens in many authoritarian countries are about to face ubiquitous surveillance — because of AI.

Based on this, anyone with some basic knowledge of Rust can quickly build and distribute it. For higher-risk scenarios, excellent community forks can address those needs.

This is my vision.

Note: This account will be retired soon to prevent tracing. And I hope we shall meet again, in the place where there is no darkness.