Finally! There’s nothing I’ve been more anxious about in the articles than this particular one, as we’ve had it scheduled since a little before December 2023. However, the SimpleX Chat founder’s occupation and commitment to SimpleX Chat messaging has absorbed all of his time. Moreover, as the project becomes more widely known, more questions arise around it. Both the public and the media are turning to him for more information. You will understand that there have been a lot of feature-laden releases, so it is understandable that this has taken a little longer.
Hello, good morning/afternoon/evening, my dear, first of all, it is appreciated that you allow us, your community, to know a little more about the project and perhaps give solution to some doubts that we might have. It should be noted that your project is one of the most complete in terms of documentation and solution of frequently asked questions. Really, they are too transparent about it. Even so, there may be a question or two in between that is often of interest within the online privacy/security community. Therefore, that is why I wanted to make such a request for a conversation today.
This question is a bit contradictory, considering the purpose of the project. However, I can’t help but ask it. Tell me a little about yourself, the project members and your jurisdiction.
This question is aimed at users who are reading us for the first time and do not know SimpleX Chat.
How would you explain in an easy way what it is about?
SimpleX is the first messaging platform operating without user identifiers of any kind. As we say on our website, other apps have user IDs: Signal, Matrix, Session, Briar, Jami, Cwtch, etc. SimpleX does not, not even random numbers. This radically improves your privacy, because whether user identity contains personal information (a phone number) or not (a random number), it still can be used to deanonymize the users via statistical correlation of their communication graph in the anonymous platform with the available public networks containing personal information. The only way we see out of this problem is avoiding user identity entirely.
I see that in some places it says that they are in operation from 2020, right? If so, where have they
have you been all this time? Now, in 2023, is where people come to hear and read a bit about you.
Question is unclear, but the first release of mobile apps was in March 2022, and people could experiment with CLI app from mid 2021. 2020 is when the protocol design started.
Somewhere in your documentation I read something like “SimpleX Chat is the first messaging platform that is 100% private by design“. With respect, I ask you: how can you be so sure about that? In the crypto community, it is often said that the longer a platform, the better, the more trustworthy,
because it has been highly tested and put to the test during its operation. In the case of SimpleX Chat, it is relatively young.
“100% private by design” is a marketing tagline that is our aspiration – it refers to the complete absence of user identity in the protocol design. If you define privacy as concealment of your identity and connections, then eliminating the identity from the design entirely and making connections graph visible only to client, you achieve complete protection of privacy. In reality, this claim is of course an exaggeration, and anybody who needs privacy, knows that complete bulletproof protection is impossible – it’s only about the cost of the attack. So this tagline annoys many critics, and it also helps, as by highlighting possible attacks that would compromise privacy in SimpleX Chat, and result in improvement.
For comparison, Signal’s tagline is “Private messenger”. But Signal is a centralised, and partially open-source platform, fully controlled by a single entity, that uses phone numbers to identify users and their contacts, and that is not fully transparent about the limitations of its technology design in their announcements. So I believe the tagline “Private messenger” in relation to Signal is much further from the truth, as it is simply not private at all (if you define privacy as protection of identity and contacts) than our “100% private by design” tagline.
The issue of funding is somewhat complicated, especially when it is a project that covers a small niche that has been growing after the Post-Snowden statements. The question is: does SimpleX have any dependence on who funds it? As an example, the Matrix’s connection to the Israeli intelligence (Amdocs), Signal with the CIA and the Tor network by the US Navy, great examples of what I am referring to.
I am referring to.
PS: I take this opportunity to link to your article which has a lot of information on the subject “Why privacy is becoming the norm and requires becomes a norm and requires risk financing” and it is worth readers reading it and interpreting its contents.
I would refer you to our blog post announcing v5.0 release (https://simplex.chat/blog/20230422-simplex-chat-vision-funding-v5-videos-files-passcode.html) and also to my controversially titled post “Why privacy requires venture funding” (https://www.poberezkin.com/posts/2023-10-31-why-privacy-impossible-without-venture-funding.html). Some people in privacy community took an issue that Village Global has many high profile founders of tech companies amongst their “limited partners”. But they are effectively customers to whom Village Global provides a service. They have no operational control over funded projects and VC itself. So excluding a VC on this basis would be unfair, and also suicidal – at the time no other VC believed that privacy will ever become a value that people will pay for.
One of the community’s biggest concerns about privacy and security is whether they are actually using something secure or just a sense of security, as has been documented with intelligence programmes funding apps and cryptographers to have some kind of access breach. Also, you being from the UK, even if you participate in programmes like Five Eyes or the controversial issue with GCHQ, the question itself is: Is SimpleX Chat resistant to this kind of approach from the state and intelligence groups? Even if you were forced to cooperate, would their infrastructure and so on help with the effectiveness of having a kind of “backdoor” or super-access to the platform?
The project is fully open source, and users don’t have to use the servers we provide. We don’t have a “platform” we fully control, unlike is the case with centralised on even some decentralised solutions – people can run their own servers and use our software without us knowing they exist.
At the moment we enjoy the functioning of SimpleX Chat, could it collapse in the future if a large number of users join the platform? Bearing in mind that it could become a bit heavy.
I would refer to our v5.5 release announcement (https://simplex.chat/blog/20240124-simplex-chat-infrastructure-costs-v5-5-simplex-ux-private-notes-group-history.html), where we also write about our collaboration with Akamai, who helped us design horizontally scalable messaging approach. Current scalability is indeed limited, and we will be improving it this year. At the same time, any load would not have impact on the whole network – people using other servers will remain unaffected if our servers become overloaded.
I would like to thank you for your willingness to answer such a question, even though there are some complex questions that you might hesitate to answer or not. Moreover, I would like to continue to read and hear more about SimpleX Chat in my daily life and hopefully all my friends can migrate here, so I would like to ask: What is the future for SimpleX? And of course, how can we collaborate to ensure its existence? Thank you very much, I add: you can add as a farewell, out of the questions, some reflection you have or a message you want to transmit.
The future is both complex and simple – more users, more features. We are not building a private messenger. We are building a general purpose communication solution allowing people to exchange and consume information and services, with user sovereignty, privacy and security being the main foundational principles, but without limiting the users and usage scenarios to those that strongly require privacy and security.
I see “private messenger” or “private whatever” product categorisation as a huge mistake, and a confirmation of a failure to provide privacy and security as default to all their users, not only to those that demand it. Privacy is a natural law. Exploiting privacy does not just violate it – it amounts to enslavement (https://twitter.com/SimpleXChat/status/1751547638376222967, https://twitter.com/SimpleXChat/status/1751610501845373214).
And of course, how can we collaborate to ensure its existence?
Use it, tell your friends, write about it – at this stage growth is critical for project survival. Donate what you want and can. Without users’ donations we would be dead. We will be establishing a non-profit governance structure to manage protocol evolution, separating it from a business that provides the service. Without users donation it would not be possible, and the project would be dead long time ago.
I add that these were the questions that were raised at the time and then, they were updated as it was seen how redundant it was, to emphasize that the documentation of SimpleX Chat is one of the most complete of all existing messengers, so probably some of your doubts and questions should already be in their official documentation. In this case I wanted to make the chat a bit more sincere, that felt closer and so it was, with excellent answers from the founder Evgeny. In addition, we have the complementary support in version 5.5 that answers some of these ideas that were not there before.
I look forward to any corrections and contributions from the community. Greetings and thanks for reading.