28 March 2026 · 7 min read
Most “end-to-end encrypted” platforms still rely on central servers for key exchange, message routing, and user directory services. That central server is a single point of failure — and in adversarial environments, a single point of compromise.
We built a communications platform that eliminates this entirely. No central server. No trusted third party. Every node in the network is equal.
In a traditional E2E system like Signal, the server doesn’t see your message content, but it does see who you’re talking to, when, and how often. It manages your keys. It routes your messages. If that server is compromised, subpoenaed, or simply goes offline, your communications stop.
For defence applications, this is unacceptable. The network must function even when infrastructure is degraded or adversarial. That means peer-to-peer.
Without a central key server, peers need to establish shared secrets directly. We use a combination of pre-shared identity keys (distributed out of band) and ephemeral Diffie-Hellman key exchange for forward secrecy.
The protocol ensures that even if a peer’s long-term key is compromised, previously recorded messages cannot be decrypted. Each message uses a unique symmetric key derived from the ephemeral exchange.
In a P2P network, you can’t assume direct connectivity between all peers. Messages may need to traverse multiple hops. Each hop sees only the encrypted payload and the next destination — not the original sender or final recipient.
Our routing layer uses a gossip protocol for peer discovery and a modified Kademlia DHT for efficient message routing. Peers join and leave the network without disruption.
Networks fail. Especially in the field. Our platform handles disruption gracefully:
This isn’t theoretical. We’ve deployed this in environments where network availability is measured in minutes per day, not nines of uptime.
If you’re building communications for environments where you can’t trust the infrastructure, let’s talk.