Identity
Device-based cryptographic identity
Each device carries long-lived local identity material and publishes the prekey state needed to bootstrap direct messaging.
Technical
How Minyma stays private.
Minyma is built around device identity, a verified PQXDH post-quantum-strengthened direct-message bootstrap path, encrypted attachment delivery, and a Double Ratchet model for established direct messaging.
The relay handles registration, queueing, push delivery, and attachment relay without needing the private keys required to read plaintext content.
This page highlights the working security and delivery layers behind Minyma so the technical story stays as clear as the product experience.
Minyma already has a strong direct-session foundation. The strongest current direct path is PQXDH post-quantum-strengthened bootstrap followed by Double Ratchet for established direct sessions, while current call signaling uses sealed-sender delivery across direct and group call flows.
Sessions
PQ bootstrap plus Double Ratchet
The current verified direct-message path uses a PQXDH direct-message bootstrap path, then Double Ratchet for established direct sessions and direct receipts.
Relay
Secure ciphertext delivery
The relay supports registration, queueing, push delivery, and attachment relay. It still sees some operational metadata even though it is not intended to hold plaintext content.
Calling
Private voice and video calling
Minyma combines encrypted signaling, sealed-sender delivery for current call traffic, and WebRTC media transport for voice and video calling on iPhone and iPad.
Architecture summary
Identity
Device-based identity material
Bootstrap
Verified PQXDH direct-message bootstrap path
Direct messaging
Double Ratchet established sessions
Cipher
AES-GCM payload protection
Attachments
Ciphertext upload and download flow
Relay
Registration, queueing, push, and delivery
Calls
Sealed-sender signaling + WebRTC voice/video
Identity
Device-based identity material
Bootstrap
Verified PQXDH direct-message bootstrap path
Direct messaging
Double Ratchet established sessions
Cipher
AES-GCM payload protection
Attachments
Ciphertext upload and download flow
Relay
Registration, queueing, push, and delivery
Calls
Sealed-sender signaling + WebRTC voice/video
Security depth
Layers that already matter
Minyma combines network privacy, multi-device session design, post-quantum bootstrap, relay-backed calling, and private call signaling inside one coherent stack.
- Metadata-aware relay design and delivery minimization
- Linked-device session semantics and visible trust review
- Verified PQXDH bootstrap plus Double Ratchet established sessions
- TURN/STUN-backed calling with WebRTC media transport
- Sealed-sender delivery for current call signaling
Documents
Public references for how Minyma works
The White Paper is the public starting point for Minyma's encryption story. From there, the documents lane can expand with protocol notes, release security updates, and review summaries when they are ready to publish.
White Paper
A public explanation of what Minyma encrypts, what the relay still handles, and how the current device and session model is put together.
Public references
Technical, Privacy, and the White Paper keep Minyma's public security story consistent, readable, and up to date.
Operational boundary
How Minyma handles delivery
Minyma protects message content end to end and keeps the delivery boundary clear. The relay handles routing, queueing, push delivery, and attachment transfer without holding the private keys required to read plaintext content.
- The relay is not designed to hold plaintext message or attachment content
- Minyma is not built around public social graphs or ad targeting
- Minyma does not require a public phone-number directory for Minyma IDs
- Trust changes are surfaced to users instead of staying silent
Limited delivery metadata supports routing, queueing, push, and attachment transfer so the product stays fast and reliable.