Blink vs Signal vs Session — including where Blink loses
We'd rather you pick the right tool than pick ours. Blink is a young, unaudited project. Below is a straight comparison — no cherry-picking, with the rows where Signal and Session are clearly ahead.
| Feature | Blink | Signal | Session |
|---|---|---|---|
| No phone number required | Identity is an on-device key | Required to register (usernames only hide it from contacts) | Random account ID |
| End-to-end encryption by default | libsignal | libsignal | Signal-derived |
| Forward secrecy (Double Ratchet) | Yes | Yes | Dropped in the Session protocol |
| Post-quantum key exchange | PQXDH (Kyber/ML-KEM) | PQXDH | Not yet |
| Sealed sender (server can't see who sent) | Yes | Yes | Via onion routing |
| Hides your IP from the server | Not yet — Tor/I2P on the roadmap | Server sees your IP (you trust Signal) | Onion routing hides it |
| Decentralized infrastructure | Default path is a single Cloudflare relay (centralized). Experimental opt-ins skip it: nearby Bluetooth (direct, no server) and Reticulum. Multi-relay is roadmap. | Centralized Signal servers | Service-node network |
| Independent security audit | None yet | Multiple | Audited (Quarkslab) |
| Open source | AGPL-3.0, incl. the relay | AGPL/GPL | GPLv3 |
| Reproducible builds | Planned | Yes | Partial |
| Platforms | Android only | Android, iOS, desktop | Android, iOS, desktop |
| Voice / video calls | Not yet | Yes | 1:1 |
| Group chats | E2EE, small groups | Yes | Yes |
| Push without Google services | Uses FCM (de-Googled push planned) | FCM with websocket fallback | No FCM |
| Maturity / user base | Brand new, tiny | Tens of millions | Established |
yes · partial / caveat · no. Comparison reflects public information as of 2026; Signal and Session move fast — check their own docs too.
The honest verdict
Choose Signal
if you're fine giving a phone number
It's the mature, independently audited, multi-platform default with calls, groups and reproducible builds. Both Signal and Blink use libsignal with post-quantum — but Signal has been reviewed and Blink has not. For most people, Signal is the safer recommendation.
Choose Session
if hiding your IP matters most
Session's onion routing hides your network path from its servers — something Blink does not do yet. The trade-off: Session dropped forward secrecy and has no post-quantum key exchange, so its message crypto is weaker than Blink's or Signal's.
Choose Blink
if you want no phone number + modern crypto, and you accept it's new
Blink's niche is the combination of no phone number, libsignal with forward secrecy and post-quantum, and a stack you can fully run and read yourself (including the relay). The honest catch: it's brand new, unaudited, Android-only, and the relay still sees your IP. Don't bet your life on it yet.
Disagree or spot an error? The whole project is open source — open an issue at github.com/tralalananala-cloud/blink and we'll fix the page.