Skip to content
How it works

One message, four guarantees.

Follow a single message from your keyboard to your contact's screen.

01

DID:key identity

On install, Blink generates an Ed25519 signing key and an X25519 agreement key. Your identity is the public key — a did:key string. No server ever sees the private half.

02

X3DH + PQXDH key agreement

To start a chat, your device fetches the recipient's signed prekey bundle and runs Extended Triple Diffie-Hellman plus a post-quantum step (Kyber/ML-KEM). Both sides derive the same secret without ever being online at the same time.

03

Double Ratchet

Every message advances a ratchet: a new key is derived and the old one destroyed. Compromise one key and the attacker still can't read the past — or, after a DH step, the future.

04

Blind relay transport

Sealed ciphertext travels over a TLS relay that can't read it. With sealed sender it doesn't even learn who sent the message; store-and-forward holds it until the recipient is online.

ratchet --trace
session.step      = 47
root_key          = rotated (HKDF-SHA256)
message_key       = derived → used once → zeroized
header            = { dh_pub, prev_chain_len, msg_n }
aead              = ChaCha20-Poly1305(message_key, header)
forward_secrecy   = true
post_compromise   = true