DOCUMENTATION

> To use Etoee you need two things:

> No phone number or email is ever collected.

> Registration is a five-step process:

> Find other users by their handle. Both parties must

> accept a contact request before messages can be exchanged.

> Your contact list is stored locally on your device.

> The server has no knowledge of your contacts.

> All direct messages are encrypted end-to-end using the

> Signal Protocol (X3DH key agreement + Double Ratchet).

> Features:

> • Text messages with full Unicode support

> • Encrypted file attachments (images, documents, any file)

> • Typing indicators (sent via encrypted channel)

> • Read receipts (optional, encrypted)

> • Disappearing messages (timer set inside encrypted payload)

> Sealed sender: the server cannot determine who sent

> a message. All traffic is indistinguishable blobs.

> Groups exist only on client devices. The server has zero

> knowledge of group membership, names, or messages.

> How it works:

> Each group message is individually encrypted and delivered

> to each member's mailbox as a separate sealed-sender blob.

> The server sees N individual deliveries — not a group.

> Roles:

> • Owner — created the group, full control

> • Admin — can add/remove members, promote/demote

> • Member — can send messages and files

> Moderation:

> Group state (roles, bans, mutes) is maintained in a signed

> encrypted chain on each member's device. The server stores

> no moderation state.

> Voice and video calls are encrypted end-to-end using

> WebRTC with Insertable Streams for media encryption.

> • 1:1 calls between contacts

> • Call invitations sent via sealed sender (encrypted)

> • Audio and video encrypted before leaving your device

> • The relay server sees encrypted media frames only

> Files are encrypted on your device before upload.

> Process:

> 1. File encrypted locally with a random AES-256 key

> 2. Encrypted blob uploaded to storage (Cloudflare R2)

> 3. Decryption key sent to recipient via encrypted message

> 4. Recipient downloads blob and decrypts locally

> The server stores encrypted blobs only. Without the

> decryption key (which the server never sees), the file

> is indistinguishable from random noise.

> Safety numbers let you verify that your conversation

> is not being intercepted by a third party.

> How to verify:

> 1. Open a conversation with a contact

> 2. Go to conversation settings

> 3. Compare the displayed safety number with your

>    contact's safety number (in person or over a

>    trusted channel)

> If the numbers match, you can be confident that the

> encryption keys have not been tampered with.

> WARNING: If a contact's safety number changes unexpectedly,

> they may have re-registered or their keys may have been

> compromised. Verify before continuing to message.

> During registration, your device generates a 24-word

> recovery phrase (BIP-39 mnemonic). This phrase is the

> master key to your identity.

> What it does:

> Your cryptographic keys are derived from this phrase.

> If you lose your device, you can restore your identity

> on a new device using these 24 words.

> CRITICAL: Write down your recovery phrase on paper.

> Store it somewhere safe. Do not screenshot it.

> Do not store it digitally. If you lose it, there is

> no way to recover your identity. Etoee does not have

> access to your recovery phrase.

> You can view your recovery phrase at any time in

> Settings > Security > Recovery Phrase (requires

> passkey verification).

> What the server knows:

> • Your handle (public identifier)

> • Your public keys (by design, they are public)

> • When your account was created

> • When you last connected

> What the server does NOT know:

> • Your name, email, phone number — never collected

> • Message content — encrypted end-to-end

> • Your contact list — client-side only

> • Group names or membership — groups don't exist on server

> • Who sent a message — sealed sender

> • Call audio or video — encrypted media frames

> • File contents — encrypted before upload

> Authentication:

> Etoee uses FIDO2/WebAuthn passkeys. Your biometric

> (fingerprint, face) or hardware key is used to

> authenticate. No passwords are ever created or stored.

> Passkey credentials are domain-scoped and not

> cross-site correlatable by specification.

> For technical users who want to understand the

> cryptographic protocols used by Etoee.

> Direct messages:

> • X3DH (Extended Triple Diffie-Hellman) key agreement

> • Double Ratchet for per-message forward secrecy

> • AES-256-GCM message encryption

> • Ed25519 signing, X25519 Diffie-Hellman

> Group messages:

> • Sender Keys with hash ratchet for forward secrecy

> • Epoch re-keying every 100 messages or 1 hour

> • Fan-out: each message individually encrypted per member

> • No server-side group state

> Sealed sender:

> All messages (DMs, group, sender key distributions)

> are delivered as indistinguishable encrypted blobs

> to each user's mailbox. The server cannot determine

> the sender, recipient relationship, or message type.

> Files:

> • AES-256-GCM encryption with random per-file key

> • Encrypted at rest on Cloudflare R2

> • Key transmitted via encrypted message channel

> Calls:

> • WebRTC with Insertable Streams

> • SRTP + end-to-end media encryption

> • Ephemeral call keys, no recording

> Infrastructure:

> • Cloudflare Workers (edge compute, 330+ locations)

> • Durable Objects (per-user mailbox, per-conversation state)

> • D1 (SQLite at the edge for metadata)

> • R2 (object storage for encrypted files)

> • Zero external dependencies