168 lines
4.8 KiB
Markdown
168 lines
4.8 KiB
Markdown
# SimpleX Chat - Private Messaging Without Identifiers
|
|
|
|
**The most private messaging app - no phone number, email, or username required**
|
|
|
|
## 🎯 Threat Model
|
|
|
|
### What Problem Does This Solve?
|
|
|
|
Most "encrypted" messaging apps still leak critical metadata:
|
|
|
|
- **Phone/Email Linking**: Signal, WhatsApp, Telegram require phone numbers
|
|
- **Username Tracking**: Session, Threema use permanent usernames
|
|
- **Contact Graph**: Servers know who talks to whom
|
|
- **Central Compromise**: Single point of failure if servers are seized
|
|
|
|
### How SimpleX is Different
|
|
|
|
**No User Identifiers**
|
|
- No phone number
|
|
- No email address
|
|
- No username
|
|
- No blockchain address
|
|
- **Nothing** that identifies you across connections
|
|
|
|
**Each Contact is Isolated**
|
|
- Every contact uses different message routing
|
|
- Server can't build a social graph
|
|
- Compromise of one contact doesn't expose others
|
|
|
|
**Decentralized Infrastructure**
|
|
- Run your own server or use defaults
|
|
- Messages routed through different servers
|
|
- Ephemeral message queues (deleted after delivery)
|
|
|
|
## 🔐 Privacy Features
|
|
|
|
- ✅ End-to-end encryption (Signal Double Ratchet + post-quantum)
|
|
- ✅ Perfect forward secrecy
|
|
- ✅ No metadata leakage to servers
|
|
- ✅ Disappearing messages
|
|
- ✅ Incognito mode (temporary identities)
|
|
- ✅ Voice/video calls (also E2E encrypted)
|
|
- ✅ Group chats (fully decentralized)
|
|
- ✅ File sharing (encrypted)
|
|
|
|
## 🚀 Installation
|
|
|
|
### Debian Trixie (glibc 2.40+)
|
|
```bash
|
|
cd ~/github/privacy-toolkit
|
|
./tools/simplex/install.sh
|
|
```
|
|
|
|
The script automatically selects:
|
|
- **Ubuntu 24.04 package** for Debian Trixie
|
|
- **Ubuntu 22.04 package** for older systems
|
|
|
|
### Manual Installation
|
|
|
|
Check your glibc version:
|
|
```bash
|
|
ldd --version | head -1
|
|
```
|
|
|
|
- If glibc ≥ 2.39: Download ubuntu-24-04 package
|
|
- If glibc < 2.39: Download ubuntu-22-04 package
|
|
|
|
Download from: https://github.com/simplex-chat/simplex-chat/releases/latest
|
|
|
|
## 📖 Usage
|
|
|
|
### First Launch
|
|
1. Open SimpleX from application menu
|
|
2. Choose "Create new profile"
|
|
3. Set display name (not sent to servers!)
|
|
4. Optionally set profile image
|
|
|
|
### Adding Contacts
|
|
1. Click "+" → "Add contact"
|
|
2. Share your connection link OR
|
|
3. Scan contact's QR code
|
|
|
|
**Important**: Each contact gets a unique connection link. You can't be tracked across contacts.
|
|
|
|
### Restoring from Backup
|
|
|
|
If you have a backup (from `/tmp/restore-simplex.sh`):
|
|
1. Launch SimpleX
|
|
2. It will automatically detect restored data
|
|
3. Verify your contacts appear
|
|
4. Database files are at `~/.local/share/simplex/`
|
|
|
|
## 🔒 Security Best Practices
|
|
|
|
### Message Retention
|
|
- Enable disappearing messages for sensitive conversations
|
|
- Default: Messages stored locally forever
|
|
- Recommendation: 1 week retention for most chats
|
|
|
|
### Connection Security
|
|
- **Delete old connection links** after contact accepts
|
|
- Use **incognito mode** for temporary conversations
|
|
- **Verify contact fingerprints** for high-security conversations
|
|
|
|
### Server Trust
|
|
- Default servers are run by SimpleX team (good reputation)
|
|
- For maximum privacy: Run your own SimpleX server
|
|
- Or use community servers you trust
|
|
|
|
### Backup Your Data
|
|
SimpleX stores everything locally:
|
|
```bash
|
|
~/.local/share/simplex/ # Databases
|
|
~/.config/simplex/ # Settings
|
|
```
|
|
|
|
**Backup regularly!** If you lose this data, you lose all messages.
|
|
|
|
## 🆚 Comparison with Other Apps
|
|
|
|
| Feature | SimpleX | Signal | Session | Matrix |
|
|
|---------|---------|--------|---------|--------|
|
|
| No phone/email | ✅ | ❌ | ✅ | ✅ |
|
|
| No username | ✅ | ❌ | ❌ | ❌ |
|
|
| No user ID at all | ✅ | ❌ | ❌ | ❌ |
|
|
| Decentralized routing | ✅ | ❌ | ✅ | ✅ |
|
|
| Contact graph hidden | ✅ | ❌ | ❌ | Partial |
|
|
| Post-quantum crypto | ✅ | Partial | ❌ | ❌ |
|
|
| Metadata resistance | Excellent | Good | Good | Moderate |
|
|
|
|
## 🛠️ Advanced: Run Your Own Server
|
|
|
|
For maximum privacy, run your own SimpleX SMP server:
|
|
|
|
```bash
|
|
# Docker method
|
|
docker run -d \
|
|
--name simplex-smp \
|
|
-p 5223:5223 \
|
|
simplexchat/smp-server
|
|
|
|
# Configure SimpleX app to use your server
|
|
```
|
|
|
|
Instructions: https://github.com/simplex-chat/simplexmq#smp-server
|
|
|
|
## 🔗 Resources
|
|
|
|
- Official Website: https://simplex.chat/
|
|
- Documentation: https://simplex.chat/docs/
|
|
- GitHub: https://github.com/simplex-chat/simplex-chat
|
|
- Security Audit: https://simplex.chat/blog/simplex-chat-v5.8-private-message-routing-chat-themes/
|
|
- Whitepaper: https://github.com/simplex-chat/simplexmq/blob/stable/protocol/overview-tjr.md
|
|
|
|
## ⚠️ Limitations
|
|
|
|
- **No cloud sync**: Messages are device-local only
|
|
- **Manual backups**: You must backup yourself
|
|
- **Contact management**: Need to share new links for each contact
|
|
- **Group limitations**: Decentralized groups have size limits
|
|
|
|
**Trade-off**: Maximum privacy requires some inconvenience. SimpleX chooses privacy over convenience.
|
|
|
|
---
|
|
|
|
**Maintained by**: SimpleX Chat team
|
|
**License**: AGPL-3.0
|
|
**Last Updated**: 2025-11-12
|