iOS TestFlight
iPhone or iPad, iOS 16 or newer. The public beta is invite-only; email hello@securechat.team to request a TestFlight invite.
Public Beta · iOS end-to-end encrypted messenger
Messages that
only the recipients
can read.
SecureChat is a privacy-first iOS messenger. The relay is a blind packet dropbox: it stores and forwards opaque, client-encrypted, client-signed payloads. It never sees your plaintext, your keys, or your message bodies. No phone number. No email. No analytics. No media cloud. Source-available; self-hostable relay on a $5/month VPS.
- Public beta is live
- Curve25519 + AES-GCM, on-device only
- No analytics, no third-party scripts
Three ways to try SecureChat.
The iOS app is in public beta on TestFlight. Self-host the relay on a $5/month VPS and point the app at it. Or read the source — both the app and the relay are open.
Self-host the relay
The relay is a single Fastify container. Run it on a $5 VPS, point the iOS app at it, and you own the full stack.
Build from source
Both the iOS app and the relay are source-available under a fair license. The repo is the canonical source for the public beta.
How it works.
Three layers, each with one job. The cryptography is the same one you would write yourself if you were starting from Apple's CryptoKit and a clean spec.
-
Your public key
5a4f…c2b8
01Identity.
On first launch the app generates a Curve25519 keypair (signing + agreement) and stores the private key in the iOS Keychain. The public key is your identity; you share it as a base64 fingerprint. No email, no phone, no server-issued token.
-
Sealed envelope
AES-GCM(key, body)X25519(recipient_pub, key)Ed25519(signing_priv, …)02Envelope.
Outgoing messages are sealed with AES-GCM using a per-message symmetric key, which itself is encrypted to the recipient's Curve25519 public key. The result is signed with your signing key, then handed to the relay.
-
Relay · blind dropbox
Payload 7f3a…b9e2Sender 5a4f…c2b8Recipient 8e21…04afTTL 24h03Drop.
The relay accepts the packet (signed + sealed, plus metadata: sender, recipient, expiry), stores it for up to 24 h, and delivers it when the recipient next asks. The relay cannot read the payload; it cannot forge a sender; it cannot replay an old packet.
Privacy posture.
The relay is designed so that a successful subpoena, a server-side breach, or a curious operator is structurally incapable of reading user messages. The list below is the negative space we have engineered out of the system.
The relay never receives
- Plaintext message bodies
- Plaintext keys
- Decrypted attachments
- Contact lists
- Group membership
- Your identity fingerprint history
The relay does receive
- Opaque, base64 sealed payloads
- Signed envelopes
- Sender and recipient peer IDs (64-hex)
- Packet TTL
All of this is opaque to the operator without the recipient's private key.
Privacy Sentinel — on-device security scoring.
What it inspects
- Runtime integrity (Debugger, Jailbreak, injection indicators)
- App security settings (biometric unlock, preview hiding, keyboard suggestions)
- Relay configuration (HTTPS, production profile, valid token)
- Relay connectivity (healthy / degraded / paused backoff)
- Trusted peer set (verified vs. unverified contacts)
- Local identity (length, plausibility)
What it is — and is not
The Sentinel is fully local, deterministic, and source-inspectable. It is not a machine-learning model and it does not phone home. It does not replace an external security audit, and we say so explicitly in ADR-004.
The score and findings appear in the Dashboard, in a dedicated Sentinel view, and as part of the Production-Readiness check.
Be one of the first.
The iOS app is in public beta on TestFlight — grab a TestFlight invite with the button above. The relay, the iOS app, and the production-hardening story are shipping. Security audit is recommended before high-assurance claims.