Security at the Core

A deep dive into the technology that keeps your communications and transfers private.

Privacy Transfer Protocol

Xent's privacy transfer protocol is an overlay mechanism that never touches, custodies, or pools your funds. Instead, it creates an encrypted tunnel between your chat and your existing decentralized wallet, ensuring that on-chain transactions cannot be linked back to your chat identity.

No custody -- your private keys never leave your device

No fund pooling -- each transfer is a direct peer-to-peer on-chain settlement

No intermediary -- Xent acts purely as a privacy layer, not a financial service

Encrypted transfer intents prevent address exposure in chat

End-to-End Encryption

Every message, file, voice call, and transfer receipt is encrypted on your device before transmission. Our servers only process encrypted blobs -- the plaintext content is never accessible to us, our infrastructure providers, or any third party.

Device-level encryption before any data leaves your phone

Zero-knowledge server architecture -- we cannot read your messages

Forward secrecy ensures past sessions remain secure even if keys are compromised

Independent security audit verification (see reports below)

Key Management

Cryptographic keys are generated and stored exclusively on your device. Private keys are never uploaded to any server. Key rotation and session key derivation follow industry-best practices to ensure long-term security.

On-device key generation using cryptographically secure random number generators

Private keys stored in device secure enclave (iOS) / keystore (Android)

Automatic session key rotation for forward secrecy

No server-side key escrow or backup

Data Handling

Xent follows a strict data minimization philosophy. We collect the absolute minimum metadata necessary for message relay, and all message content is encrypted end-to-end. Stealth mode and timed destruction ensure physical-level data elimination.

Minimal metadata collection -- no contact lists, no message content stored on servers

Physical destruction of messages -- not just logical deletion

No cloud backups of chat history

Local database encryption on device at rest

Threat Model

Xent is designed to protect against a comprehensive range of threats including server compromise, network surveillance, device seizure, and social engineering attacks.

Server compromise: E2E encryption ensures attackers gain only encrypted blobs

Network surveillance: TLS + E2E double layer prevents traffic analysis

Device seizure: App-level PIN, contact hiding, and local encryption protect data at rest

Social engineering: No phone number requirement eliminates the primary social engineering vector

Trust & Transparency

We believe in verifiable security. Review our detailed documentation and third-party audit reports.