One message, four guarantees.
Follow a single message from your keyboard to your contact's screen.
DID:key identity
On install, Blink generates an Ed25519 signing key and an X25519 agreement key. Your identity is the public key — a did:key string. No server ever sees the private half.
X3DH + PQXDH key agreement
To start a chat, your device fetches the recipient's signed prekey bundle and runs Extended Triple Diffie-Hellman plus a post-quantum step (Kyber/ML-KEM). Both sides derive the same secret without ever being online at the same time.
Double Ratchet
Every message advances a ratchet: a new key is derived and the old one destroyed. Compromise one key and the attacker still can't read the past — or, after a DH step, the future.
Blind relay transport
Sealed ciphertext travels over a TLS relay that can't read it. With sealed sender it doesn't even learn who sent the message; store-and-forward holds it until the recipient is online.
session.step = 47
root_key = rotated (HKDF-SHA256)
message_key = derived → used once → zeroized
header = { dh_pub, prev_chain_len, msg_n }
aead = ChaCha20-Poly1305(message_key, header)
forward_secrecy = true
post_compromise = true