NoChat is engineered on a zero-trust model: the network, the server, and even NoChat itself are all treated as untrusted. Every message is encrypted on-device and stays that way.
Security claims are easy to make and hard to verify. NoChat is a secure messaging app where the guarantees are enforced at the protocol level, not promised in marketing copy. The server stores encrypted blobs and routes them — that's its entire job. Keys are generated on your device, content is end-to-end encrypted, and the cryptography is standardized and auditable — no homegrown crypto — so you can check the claims against open standards rather than taking our word for it.
A secure messaging app is only as strong as its server architecture. If the service holds your private keys, your encryption is theater. NoChat's server stores encrypted ciphertext, routes it, and nothing else. Identity keys, exchange keys, and session keys are all generated on your device — the server never sees them and could not derive them if it tried.
Being specific about your threat model is the difference between a serious secure messaging app and a marketing one. Here's what NoChat protects against — and the one thing no app can.
NoChat uses primitives anyone can audit: AES-256-GCM for content, ECDH (P-256 / X25519) for key agreement, HKDF-SHA256 for key derivation, and P-256 ECDSA for signatures. Calls use WebRTC with DTLS-SRTP. Direct messages also run a hybrid X25519 + ML-KEM (Kyber-1024) post-quantum key exchange today (with ML-DSA-65 / FIPS 204 signatures on the post-quantum prekeys); group chats and calls remain classical for now, and extending post-quantum coverage to them is on the roadmap.
NoChat is built on open, standardized primitives — no homegrown crypto. Don't trust our word — the full cryptographic breakdown lives in our crypto inventory, which documents where keys are generated and confirms the server schema only holds ciphertext.
The service can't read your messages even if it wanted to, metadata is minimized, the cryptography is standardized and auditable, and there's no single point of trust. NoChat is built to hit all four.
Network attackers (ISPs, hotspots, on-path observers), a compromised NoChat server, and tampering in transit. The only thing it can't protect against is a malicious endpoint — if your own device is compromised, no app can save you.
There's nothing useful to steal. The database holds encrypted ciphertext with no decryption keys attached. A full dump gives an attacker exactly what it gives us: opaque blobs.
Under valid legal process we can produce account metadata where it exists, but message content is end-to-end encrypted and we have no ability to decrypt it. That's a mathematical fact about the design, not a policy choice.
Not yet formally. The cryptography is built on open, standardized primitives and documented in a crypto inventory available for independent review. No third-party audit has been completed to date — we welcome security researchers to review the implementation.
No. NoChat is free to use and free to self-host. Security shouldn't be a paid upgrade.
Free, private by design, and built on auditable cryptography. No phone number, no email required.