Identity
Device-based cryptographic identity
Each device carries long-lived local identity material and publishes the prekey state needed to bootstrap direct chats.
Technical
How Minyma stays private.
Minyma is built around device identity, signed prekeys, one-time prekeys, encrypted attachment delivery, and a Double Ratchet model for direct chats.
The relay handles registration, queueing, push delivery, and attachment relay without needing the private keys required to read plaintext content.
The point of this page is not to stretch the claim surface. It is to show the actual foundations Minyma uses today and the hardening work that still sits on the roadmap.
Sessions
Signed prekeys and ratcheting
Direct chats use signed prekeys, one-time prekeys, and a Double Ratchet session model for stronger forward secrecy.
Relay
Secure ciphertext delivery
The relay supports registration, queueing, push delivery, and attachment relay. It still sees some operational metadata even though it is not intended to hold plaintext content.
Calling
Encrypted signaling plus WebRTC media
Direct 1:1 audio calling uses Minyma's signaling path with WebRTC media transport, with continued network hardening actively underway.
Architecture summary
Identity → Device-based identity material Bootstrap → Signed prekeys + one-time prekeys Direct chats → Double Ratchet sessions Cipher → AES-GCM payload protection Attachments → Ciphertext upload and download flow Relay → Registration, queueing, push, and delivery Calls → Encrypted signaling + WebRTC media
Identity
Device-based identity material
Bootstrap
Signed prekeys + one-time prekeys
Direct chats
Double Ratchet sessions
Cipher
AES-GCM payload protection
Attachments
Ciphertext upload and download flow
Relay
Registration, queueing, push, and delivery
Calls
Encrypted signaling + WebRTC media
Future directions
Where Minyma can harden next
Minyma's next technical phase is focused on stronger network privacy, cleaner multi-device session semantics, and long-range cryptographic migration planning.
- Private relay and stronger metadata minimization
- Multi-device session evolution and linked-device hardening
- Deeper Double Ratchet review and migration planning
- TURN/STUN and broader direct-call hardening
- Post-quantum migration readiness
Documents
Public references for how Minyma works
The White Paper is the public starting point for Minyma's encryption story. From there, the documents lane can expand with protocol notes, release security updates, and review summaries when they are ready to publish.
White Paper
A public explanation of what Minyma encrypts, what the relay still handles, and how the current device and session model is put together.
Next documents
Future public notes can cover session migrations, relay privacy changes, call hardening, and external security updates without changing the structure of the site.
Honesty
What Minyma does and does not record
Minyma protects message content end to end and continues reducing relay-visible metadata. The safer public posture is to say exactly what the service still handles and what it is not built around.
- The relay is not designed to hold plaintext message or attachment content
- Minyma does not rely on public feeds, follower graphs, or ad-targeting layers
- Minyma does not require a public phone-number directory for Minyma IDs
- Trust changes are surfaced to users instead of staying silent
The service still carries routing, queueing, push, and attachment-delivery metadata to operate.