Kimosabe.AI

Trust & threat model

Privacy claims are worth nothing without specifics. Here is exactly what Kimosabe protects, what it does not, and where we're going.

Principles

Server never sees plaintext

Message bodies and attachments are encrypted in your browser using ECDH P-256 + AES-GCM-256 before they leave your device. The server stores ciphertext and minimal routing metadata only.

No phone number, no contact upload

You sign up with email and a private @username. We never ask for your address book.

Forward secrecy

Each message uses a fresh ephemeral keypair. If a long-term key is later compromised, past message keys cannot be reconstructed.

Recovery key, not back doors

At signup you receive a one-time recovery code. It can re-wrap your encryption key if you lose your password. Lose both, and your history is permanently undecryptable — by us, by anyone.

Disappearing messages

Conversations support per-thread TTL (1 hour, 1 day, 7 days). A scheduled job deletes expired ciphertext from the server every minute.

What Kimosabe protects against

  • A server compromise reading the contents of your messages or attachments.
  • Passive network observers reading your conversations.
  • A future operator decrypting your historical messages.

What it does NOT protect against (yet)

  • A compromised device — browser malware or a malicious extension can read what you can see.
  • Traffic analysis — the server still knows who messaged whom, when, and how big the payload was.
  • Subpoena of metadata: sender, recipient, timestamp, message size.
  • Grid-down or no-internet scenarios — Kimosabe v1 is a cloud product. Mesh / off-grid is on the roadmap and requires a native app.

Roadmap

  1. Phase 1 (now): 1:1 E2EE chat, encrypted attachments, disappearing messages, installable on phone home screen.
  2. Phase 2: Group chats with sender keys, voice notes, contact safety-number verification.
  3. Phase 3: Sealed-sender to hide metadata from the server, optional relay routing.
  4. Phase 4 (native app): Bluetooth / Wi-Fi-Direct mesh and optional LoRa companion for grid-down messaging.
  5. Phase 5: Curated knowledge & memory features — the "curate your brain" promise, made personal.
Create account·Back to home