Secure, ephemeral messaging for high-security, low-frequency communication.
ASH is a messaging application that uses One-Time Pad (OTP) encryption to provide information-theoretic security. It is designed for situations where confidentiality matters and trust in infrastructure is limited.
ASH prioritizes:
- Correctness over convenience
- Human-verifiable security
- Minimal trust in infrastructure
- Deliberate user actions
ASH is not designed for everyday chat.
- Ceremony: Two devices establish a shared One-Time Pad through an offline, QR-based transfer
- Verification: Users confirm matching mnemonic checksums
- Messaging: Messages are encrypted with OTP and relayed through an untrusted backend
- Burn: Either party can irreversibly destroy the conversation
┌────────────┐
│ Users │
└─────┬──────┘
│
┌─────▼──────┐
│ iOS App │ (SwiftUI)
└─────┬──────┘
│ FFI boundary
┌─────▼──────┐
│ core │ (Shared Rust Core)
└─────┬──────┘
│
┌─────▼──────┐
│ Backend │ (Rust Relay)
└────────────┘
- core: Rust library containing all cryptographic logic
- apps/ios: SwiftUI iOS application
- backend: Untrusted relay that never sees plaintext
Note: Android support is planned for future versions.
ASH provides:
- Message confidentiality against network and backend observers
- Information-theoretic security via One-Time Pad
- Pad non-reuse enforcement by design
- Human-verifiable ceremony correctness
ASH does not provide:
- Anonymity at the network level
- Protection against device compromise
- Protection against malicious participants
- Forensic-level secure deletion
See docs/threat-model.md for the complete threat model.
| Document | Description |
|---|---|
| Scope | What's in and out of v1 |
| Architecture | System design and boundaries |
| Threat Model | Security guarantees and limitations |
| Ceremony | Pad establishment protocol |
| Framing | QR frame format specification |
| Data Lifecycle | How data is handled and destroyed |
| Backend Contract | API invariants and behavior |
| Ethics | Ethical position and boundaries |
| Glossary | Project terminology |
See SECURITY.md for vulnerability reporting.
See LICENSE for details.