Security & encryption
The gap between “looks secure”
and “is secure.”
Every messaging-app disaster lived in that gap. Cipher is built on published cryptography, implemented in the open, and held to a standard we'll prove publicly — not just assert.
The stack
Built on proven cryptography — never invented in-house.
The first rule of building this: never write cryptography yourself if proven open-source already does it. Cipher composes audited, published building blocks rather than rolling its own.
Double Ratchet + X3DH
The same published, peer-reviewed cryptographic protocol that underlies Signal and WhatsApp — implemented independently from the public specification using audited open-source primitives (libsodium), so Cipher's guarantee never depends on a third party's license or business decisions.
BIP39 seed phrases
Account identity is a 12–24 word recovery phrase — the same standard hardware crypto wallets use. Generated with a cryptographically secure RNG, on-device, and never transmitted.
Hardware-backed key storage
Keys live in the device's Secure Enclave / Android Keystore where available — not in a file, not on a server, not recoverable by us.
On-device AI inference
Every AI feature runs locally on a small open-weight model. Message content is never transmitted for inference — zero network egress, verified at the network boundary.
Payment isolation
Two systems, deliberately never connected.
Payment system knows
Apple ID / Google account, card details, billing receipts, subscription status. It never sees message content, keys, your seed phrase, or who you talk to.
Messaging system knows
Encrypted blobs and delivery routing — nothing readable. It never sees your real name, billing email, card, or store account.
No user ID, device ID, or account ID is shared between the two databases. Without a shared key, a subpoena to one system can't be cross-referenced into the other. That's the engineering discipline — not a policy promise.
The standard we hold ourselves to
Four sentences that must each be literally, technically true before we ship.
We do not have the technical ability to read our users' messages.
If a user loses their seed phrase and their device, their data is permanently unrecoverable — by us or anyone.
If our servers were fully compromised, the attacker would gain only encrypted data they cannot decrypt.
We have had this independently audited by a qualified cryptography firm, and here is what they found.
The fourth is the one most startups skip under time or budget pressure. It's also the one that turns “we believe this is secure” into “this is verified to be secure” — and for an app whose entire premise rests on that claim, the difference isn't optional. The audit is the gate. We won't put real users' data behind anything less.
What no architecture can solve
We'll never claim to be unbreakable, anonymous, or government-proof.
End-to-end encryption protects a message in transit — not a device that's unlocked, stolen, or compromised by spyware, and not a user tricked into authorizing something. Those are device-security and human problems, true of every app. Overclaiming is exactly the mistake that destroys trust later, so we state the limits as clearly as the strengths.
Follow the build to audit.
Join the waitlist for early access and published audit findings.