Cwtch – Privacy Preserving Messaging
47 comments
·March 14, 2025sarahjamielewis
Hi! Sarah from the Open Privacy Research Society / Cwtch team here - happy to answer questions.
Gys
There is not any background on the website. Like who is that society, who is behind it, what is the goal of the app, where comes the funding from. Why for example did you not fund Signal? It has similar goals?
sarahjamielewis
There should be a link to the society website (https://openprivacy.ca/) on the Cwtch site, but I can see that there isn't - we will get that fixed.
Open Privacy Research Society is a Canadian non profit society, founded in 2018, you can find details of our members and operating structure on our website. Most of our funds come from individual donations.
Cwtch started as an extension to the Ricochet Tor messenger which I also contributed back in 2014/2015. Our main goal behind Cwtch was to establish that metadata resistant / p2p communication could be done in a similar form factor to traditional server based / non-metadata private protocols like Signal i.e. to try and push the privacy properties that people can wield beyond end to end encryption, in a way that is still usable.
ysnp
TL;DR: Have you already written about OR off the top of your head what are some of the hard problems in usable decentralised metadata resistant communication that your project and others tackle and intend to tackle in future?
Hi Sarah. My layperson understanding is that Cwtch is where you research and implement metadata-resistant infrastructure for communication tools and by extension where you find the acceptable trade-offs for open questions in usable privacy-enhancements.
My memory might deceive me, but I feel like there used to be an "open questions" section in the documentation that I can no longer find? Anyway, sorry for the rambling but the question I wanted to ask is: have you already written about OR off the top of your head what are some of the hard problems in usable decentralised metadata resistant communication that your project and others tackle and intend to tackle in future? Is there anywhere we can read about these sort of things to keep up to date on developments? Nowadays it is very easy for projects to claim exceptional privacy or absolute privacy partly because accurate awareness of limits, trade-offs and state-of-the-art is not common knowledge in some communities.
-----
I saw a minor accident while skimming the documentation. Briar's summary in https://docs.cwtch.im/security/intro#a-brief-history-of-meta... says, "while providing resistant to metadata surveillance". Looks like resistance would fit better there.
jqpabc123
Looks interesting but the lack of an iOS client makes it a non-starter for me. I use Android but I have friends and family who don't.
sarahjamielewis
It's definitely one of the bigger challenges. Currently we don't see a viable way to deploy something like Cwtch on iOS (both in due to how locked down the platform is in general, and the requirement to run a backing onion service for each profile making mobile a hassle in the general case) - we are somewhat hopeful that advances on the Tor front might make it possible one day.
mrtesthah
would something like Orbot work?
sarahjamielewis
Cwtch requires setting up onion services, and the app currently does that automatically via establishing a control connection with a Tor process (either launched by Cwtch, or provided by the system).
Orbot can be configured to expose the same control port (or at least it could on Android when I last looked a few years back, I'm not sure about this capability on iOS), and Cwtch can be configured to use a custom control port connection - but that imposes much more work on the user, and is somewhat fragile.
That could likely be made to work on iOS in some factor, but the problem of the stability of the services themselves would remain. Its definitely something we'd like to explore.
dang
Related:
Cwtch: Decentralized, privacy-preserving, multi-party messaging protocol - https://news.ycombinator.com/item?id=27643171 - June 2021 (88 comments)
nullc
Any thoughts about direct lan/vpn communications as an option? The use of tor makes a working high quality internet connection a requirement, and potentially makes it more attractive for attackers to DOS attack tor in order to make their targets move off Cwtch and onto less secure communications methods.
sarahjamielewis
It is something we get asked about fairly frequently, its not a high priority for us right now as it requires some thought as to not break or undermine any existing cryptographic/privacy properties that Cwtch does have (see: https://git.openprivacy.ca/cwtch.im/cwtch-ui/issues/461#issu...) - but it's also not something that we have ruled out if the right combination of design/effort is available.
some_furry
Tor is important for metadata resistance.
nullc
Right but on a local network the attacker likely has no surveillance -- and if they do you probably have worse problems.
And because Tor is relatively vulnerable to DOS attack, an attacker can force users off of it and likely on to more vulnerable communications methods.
Tor also has its own vulnerable to traffic analysis which is quite significant. So I think for most users if you can satisfy communications you'd probably prefer it... Though I suppose I could argue it both ways.
some_furry
> Tor also has its own vulnerable to traffic analysis which is quite significant.
[citation needed]
Here's a contrary one https://www.theguardian.com/world/interactive/2013/oct/04/to...
kitd
Lol, not often you find Welsh in the world of tech naming!
gizajob
Who named this, are the devs welsh?
It can be a bit of a bugbear of mine, when people who’ve never been to wales and certainly don’t siarad cymraeg appropriate welsh words as names, such as the sickmaking LA lifestyle brand Hiraeth. But then again the welsh did give the world the word penguin.
sarahjamielewis
Shwmae, Sarah ydw i. I co-founded the Cwtch project, and yes I was born in Wales, lived there for 20+ years, and as a result learned Welsh in school; and while I no longer live there, I still consider myself, at least in part, Welsh.
youngtaff
Dai iawn…
I’ve often wondered how the rest of the world will pronounce Cwtch and Blodeuwedd Labs
null
mac-mc
yes they are
thaumasiotes
Are they worried that their project is going to be called "cooch"? It seems likely to severely inhibit uptake.
gizajob
da iawn wedyn
opminion
cwm the n3logic interpreter
Prunkton
direct link to the repository: https://git.openprivacy.ca/cwtch.im/cwtch
methou
Looks nice, but all my friends care about are stickers and gifs...
pluto_modadic
<3 great work
yamrzou
How does it compare to SimpleX Chat?
sarahjamielewis
SimpleX relies on out-of-band key material transfer between clients, in addition to the honesty of routing server to protect privacy and metadata.
Cwtch uses the existing infrastructure of Tor and v3 onion services to establish p2p chat sessions, thus relying on the underlying security of the Tor network. There is some nuances regarding how different kinds of groups work, we have a security handbook that goes into it a deeper: https://docs.cwtch.im/security/intro
yamrzou
I found this[1]:
Use end-to-end encrypted messaging applications for all your digital communications:
- Ideally, use peer-to-peer and metadata-resistant applications such as Cwtch or Briar. Otherwise, use metadata-resistant applications such as SimpleX or Signal.
- Email is not metadata-resistant and should be avoided if possible. If you must use email, use PGP encryption and register an address with a trusted service provider.
Do not use:
- Delta Chat or Matrix, as they are not sufficiently metadata-resistant.
- Telegram, as not all messages are end-to-end-encrypted.
Since SimpleX requires that users place some trust in the SimpleX servers, we recommend prioritizing Cwtch over SimpleX Chat for text communication with other anarchists, and using SimpleX Chat or Signal for voice and video calls. Unlike Signal, SimpleX Chat doesn't require a phone number or smartphone.
[1] https://www.notrace.how/threat-library/mitigations/digital-b...
ranger_danger
> Since SimpleX requires that users place some trust in the SimpleX servers
Do you know what they mean by this? I could not understand from the explanation given. My understanding is that the message contents are still not known in any case, so I'm curious what it is they are worried about.
yamrzou
Because a malicious SimpleX server could run a modified version of the code that allows them to collect metadata, even if they can't see message contents. So, indeed, it assumes trust in the server[1]:
Our open-source code that we are legally bound to use doesn't provide any metadata that could be used to learn who connects to whom. But the privacy of users' connections still depends on us honouring our promises and privacy policy.
[1] https://simplex.chat/blog/20241125-servers-operated-by-flux-...
zsc18
[dead]
I guess the current thread and this other ongoing one are duals:
Briar: Peer to Peer Encrypted Messaging - https://news.ycombinator.com/item?id=43363031 - March 2025 (48 comments)