The Next Generation of Safe Messaging: The Importance of Decentralization

Evolving from Encrypted Chats to Decentralized Messaging

Encrypted messaging apps are experiencing a resurgence.

Platforms like WhatsApp, iMessage, and Signal have set a standard of end-to-end encryption (E2EE) as a norm. However, many still rely on phone numbers, centralized servers, and a considerable amount of metadata, including details about your contacts, timings, IP addresses, and devices used.

Vitalik Buterin is addressing this in a recent X post and donation. He believes the future of secure communication lies in permissionless account setups devoid of phone numbers or Know Your Customer (KYC) protocols and emphasizes the need for enhanced metadata privacy. In this context, he pointed out Session and SimpleX, donating 128 Ether (ETH) to each to promote this vision.

Session serves as an illustrative example as it seeks to merge E2E encryption with decentralization. It operates without a central message server, routing traffic through onion pathways, and uses user IDs as keys instead of phone numbers.

Did you know? Forty-three percent of individuals using public WiFi report encountering a data breach, with man-in-the-middle attacks and packet sniffing targeting unencrypted data as prevalent issues.

How Messages are Stored in Session

Session operates on public key identities. Upon registration, the app creates a keypair locally and generates a Session ID without needing a phone number or email.

Messages are transmitted via a network of service nodes using onion routing, ensuring that no individual node can identify both the sender and the recipient. (You can view your message’s node path in the settings.) For messages delivered asynchronously while offline, they are stored in small groups of nodes referred to as “swarms.” Each Session ID corresponds to a designated swarm, and your messages are kept encrypted there until retrieved by your client.

Historically, messages remained in the swarm for an approximately two-week period. After this, the network copy is deleted, leaving only local copies on your devices.

Indeed, Session maintains a local database of your conversations and attachments, enabling you to scroll back through months or years. This is why the app download size might range around 60 to 80 MB, but the storage requirement increases as you send media, cache thumbnails, and preserve chat histories. Public documentation and independent assessments have highlighted this distinction between temporary network storage and enduring local storage.

You can manage your storage by deleting conversations, employing disappearing messages, or clearing media. If it’s still visible, it exists somewhere on your device.

Notifications in Fast Mode

The trade-off between privacy and user experience (UX) is most apparent in notifications.

On iOS, Session presents two modes:

• Slow Mode relies on background polling. The app periodically checks for new messages over its own network, offering greater privacy but can be delayed or inconsistent, particularly if your OS restricts background processes.

• Fast Mode utilizes push notifications. Session uses Apple Push Notification Service on iOS and a corresponding method on Android for timely alerts.

The contentious aspect is Fast Mode. According to Session’s support documentation, opting for it entails:

• Your device’s IP address and push token become visible to an Apple-operated push server.

• Your Session Account ID along with the push token is transmitted to a Session-operated push server for notification routing.

Importantly:

• The servers do not access message content as those remain E2EE.

• Session asserts that Apple and Google also do not gain insight into your contacts or the precise timing of messages beyond their basic push logging.

If this concerns you, Slow Mode is available, albeit at the cost of delayed or missed notifications. This choice highlights a crucial consideration for users of decentralized messaging platforms.

Transparency, Jurisdiction, and Government Requests

Session’s governance structure has evolved.

Initially overseen by the Australian nonprofit Oxen Privacy Tech Foundation (OPTF), in late 2024 a new Swiss organization, the Session Technology Foundation (STF), took charge of the project. OPTF’s final transparency report provides insights up to Q4 2024; subsequent information requests are managed and published by STF.

Session’s documentation on information requests indicates:

• Due to its decentralized and E2EE nature, the foundation lacks special access to user messages or keys.

• The STF releases retrospective transparency reports detailing law enforcement requests and their handling.

This transparency framework likely serves as the reference for users discussing how the platform responds to governmental inquiries. It forms a public record, chronicling when authorities seek information, the nature of their requests, and Session’s responses.

What can they offer?

• Potentially: Logs from their direct web services, file servers, or infrastructure like push relays or STUN and TURN servers, abiding by Swiss laws and relevant international mandates.

• Not: Decrypted messages or master keys for user chats, provided the implementation aligns with the protocol description.

Switzerland’s regulatory environment is relatively lenient on transparency when compared to other jurisdictions, making voluntary reporting and strict data limits particularly vital.

In essence, while decentralization doesn’t prevent governments from making requests, it does limit what can be provided.

Did you know? Following the infiltration of the EncroChat encrypted network, authorities intercepted over 115 million criminal messages from approximately 60,000 users, culminating in over 6,500 arrests and nearly 900 million euros in seized assets globally.

Resistance to Quantum Threats, Calls, and the “Forever Beta”

The concern is that adversaries can capture encrypted communications today and later decrypt them with future quantum computers.

Session addresses this with a significant redesign of its protocol. Recently, the team released Session Protocol v2, aimed at incorporating:

• Perfect forward secrecy through ephemeral keys.

• Post-quantum key exchange utilizing ML-KEM (formerly CRYSTALS-Kyber), the NIST-standardized KEM that also features in Signal’s PQXDH and Apple’s PQ3.

Is Session quantum resistant currently?

Not in the strict sense, as it still depends on classical elliptic curve cryptography until v2 is fully developed. The roadmap indicates a transition to hybrid post-quantum schemes, but until those are thoroughly implemented, audited, and deployed across clients, standard E2EE security should be assumed with plans for future upgrades.

Concerns persist regarding calls. According to Session:

• Voice and video calls are available but remain a beta feature that you need to opt into.

• Currently, they utilize peer-to-peer WebRTC, exposing your IP address to the other party and to a Session-operated STUN or TURN server for signaling and media relay.

• Onion-routed calls via Lokinet are planned for a deeper level of IP obscurity but are not yet standard.

Session’s blog and FAQ clearly alert that users in highly sensitive situations should consider avoiding calls for the time being.

Thus, the prolonged beta status partially reflects the challenges of merging low-latency calls, onion routing, and stringent anonymity assurances.

The Impact of Decentralization on Your Experience

Session exemplifies both the potential and limitations of decentralized secure messaging.

Pros include:

• You can create an account without having to provide a phone number or email (or any form of ID), aligning with Buterin’s vision of permissionless account creation.

• Your messages navigate through an onion-routed multi-node network, mitigating the risk of any single operator accessing or logging excessive metadata.

• The transition to a Swiss stewardship, combined with the reliance on open-source clients and transparency reports, potentially increases public scrutiny over modifications to the codebase or infrastructure.

However, decentralization does not equate to complete anonymity:

• Local storage on your mobile device remains a significant vulnerability if your device is compromised or taken.

• Fast Mode notifications and WebRTC calls may expose IP-level metadata to infrastructure providers, even if they do not access your plaintext messages.

• Post-quantum safeguards remain on a future roadmap until Protocol v2 is released and fully developed.

For those considering Session, it’s advisable to set Slow Mode as your default if preserving metadata privacy is a priority over instant notifications. Opt for disappearing messages and routinely delete old chats and media to minimize residual data on your devices. This same prudence applies to voice and video calls. If connecting a Session ID to an IP address is a risk for you, it may be safer to disable voice and video features until the calling infrastructure has matured.

On a broader scale, E2EE alone is no longer sufficient. As government pressures on messaging apps intensify and the threats posed by quantum computing advance, decentralization, metadata reduction, and post-quantum enhancements are becoming fundamental aspects of secure communication. Session is among several initiatives striving to tackle these challenges, each presenting its own trade-offs, advantages, and limitations.