SimpleX

- Reading time: 17 minutes -

Inhalt

• General
• Advertising promise
• Rating
• Concept
• Intended use
• Functionality
  • Identifier/ID
  • Add contacts
  • Messaging
  • Server
  • Offline messages
  • Push Notifications
  • Expert knowledge
• Development
  • Registered office
  • Financing
• References
• Conclusion

General

Evgeny Poberezkin (external) is the founder of SimpleX Chat - a messaging and application platform that does not use any user identifiers. Not even random numbers are used to identify user profiles.

Advertising promise

SimpleX is 100% private, by design! The first messenger without user IDs. The most private and secure chat and application platform. SimpleX Chat is the next generation of decentralized communication, NOT based on cryptocurrencies for a change.

These have changed in 2025/2026 (key excerpts):

Freedom & security of your communications: Your communications The first network where you own your identity, contacts, and groups.

The world’s most secure messaging system: For your security and privacy, servers cannot see your messages or who you are communicating with.

You own The Next Web: SimpleX is based on the belief that you must be the owner of your identity, your contacts, and your communities.

Communities that last: Servers are paid with vouchers so that your communities can remain free and independent.

On the project page is an interesting Comparison to other protocols (external) and also in the FAQ (external) there is information about this:

How is it different from Matrix, Session, Ricochet, Cwtch, etc., that also don’t require user identites?
Although these platforms do not require a real identity, they do rely on anonymous user identities to deliver messages – it can be, for example, an identity key or a random number. Using a persistent user identity, even anonymous, creates a risk that user’s connection graph becomes known to the observers and/or service providers, and it can lead to de-anonymizing some users. If the same user profile is used to connect to two different people via any messenger other than SimpleX, these two people can confirm if they are connected to the same person - they would use the same user identifier in the messages. With SimpleX there is no meta-data in common between your conversations with different contacts - the quality that no other messaging platform has.

Rating

• positive: there are no user IDs, as is the case with other systems!
• positive: good end-to-end encryption with “double ratchet”
• positive: Complete independence from providers. So not only in the sense that you can communicate (like with Mastodon or XMPP) with users (and the software) of other providers. But also in the sense that the account (or better the device for access) is not bound to a provider.
• positive: Messaging apps for console (desktop), iOS and Android
• positive: client is open source throughout
• positive: client for smatphone, desktop and terminal too
• positive: server is open source throughout
• positive: own servers are possible (and desired)
• positive: different (own) display names for each contact in incognito mode
• positive: no Google reCAPTCHA (info: https://dr-dsgvo.de/google-recaptcha (external))
• positive: usable without minimum age
• positive: possibility to authenticate the communication partner
• positive: no cryptocurrency atm
• positive: easy text formatting using Markdown
• positive: portable encrypted database - profile can be moved to another device
• positive: no trackers in Android app (16 permissions): Exodus (external)
• positive: according to webbkoll (external) no cookies and no third party requests on the website
• positive: German project page/help
• neutral: Interoperability or an interface to the XMPP chat standard is not desired/possible by design
• pos./neg.: external security audit (external; PDF) (audit) published in November 2022 - but is not a “full audit”
• negative: no interoperability resp. no interface to chat standard XMPP
• negative: not multi-device compatible (can only be used on one device)
• negative: current groups are “highly experimental” Source: Limitations (external)
• negative: only limited use for companies, due to legal requirements regarding documentation and record retention obligations

---

Concept

SimpleX is a relatively new messenger with an unconventional concept for avoiding metadata. User profiles, contacts, and groups are only stored on the client and not on a server.

To make it more difficult to intercept an entire conversation on the connection path, connections are not bidirectional. This means that messages can either only be sent or only received via a connection. This means that two independent connections are required for communication, and the servers involved do not receive any messages in the other direction. However, this security has nothing to do with anonymity!

Intended use

Private

In the private sphere, SimpleX can be a good addition, and for journalists, activists, whistleblowers, and generally in crisis areas, etc., a messenger without traceability and with little metadata is a must. How its power consumption and the resulting battery drain compare to traditional, server-based messengers remains to be seen.

Business use

SimpleX is fundamentally not suitable for internal company communication. This is because if legal documentation of correspondence is required or company requirements do not allow personal end-to-end encryption, this is not possible internally with enforced end-to-end encryption. The app is also not multi-device capable and can only be used on one device at a time.

However, a business solution is being worked on:

SimpleX could be used as a general contact or user service address if incoming messages are automatically transferred to the company’s communication system—however, legal and internal company requirements (retention obligations, integration into the security concept, etc.) must be observed. It could also be used as a whistleblower system for anonymous messages to a reporting office (for misconduct).

For this purpose, business addresses (external) are used, where inquiries from multiple contacts (customers) can be accepted, with the app creating a new business chat for each customer. Business chats work similarly to specialized customer support systems by combining functions for direct conversations and groups.

Functionality

Identifier/ID

Identity, profile, contacts, and metadata are supposed to be protected by the fact that, unlike other messaging platforms, there are no identifiers assigned to users. No phone numbers, domain-based addresses (like email or XMPP), usernames, public keys, or even random numbers are used to identify users. Nobody knows how many people use the SimpleX servers.

The first messenger without user IDs Other apps have user IDs: Signal, Matrix, Session, Briar, Jami, Cwtch, etc. SimpleX does not, not even random numbers.

That’s right - but then identifiers are needed for connections:

uses temporary anonymous pairwise identifiers of message queues, separate for each of your connections — there are no long term identifiers.

So there are no user IDs like in other systems - but the way of connection-related IDs or the concept is indeed unique and promises more privacy for a reason.

Since there are no fixed/server managed user IDs or chat accounts, end-to-end encrypted sessions are set up between two SimpleX clients when a chat is established. The servers just push the data packets from A to B through the network and allow off-line messages to be exchanged.

It is also possible to use the profiles from the mobile device directly with the SimpleX desktop app. However, this is only possible if both devices are in the same network - there is no real synchronization between the devices (as with the chat standard XMPP).

Add contacts

Adding contacts](https://github.com/simplex-chat/simplex-chat/blob/stable/blog/20220511-simplex-chat-v2-images-files.md#how-to-connect-with-your-contacts-in-simplex-chat) (external) can be done via one-time invitation link/QR code, which is then sent via another channel like email - or you can share your SimpleX contact address as a QR code, which allows multiple uses.

Messaging

Since there are no classic user IDs/chat accounts, there is no verification of communication partners. To ensure that one is truly connected to the desired interlocutor, establishing a chat connection can be done by scanning a one-time QR code at a face-to-face meeting, or by sending an invitation through a secure, verified channel. (There is no general answer to the question of why use SimpleX when a verified and secure communication channel already exists).

To deliver messages, SimpleX uses temporary, anonymous, pairwise identifiers of message queues, separately for received and sent messages - there are no long-term identifiers. Using it is effectively like using a separate email or phone for each contact.

Messages are encrypted end-to-end via double ratchet and transmitted over open connections via “push”. MitM attacks are not possible.

If the recipient is not online at the same time, the messages are cached on a server until retrieval/deletion.

Server

Due to the system, separate connections are used for incoming and outgoing messages and different servers (SMP relays) can be used/defined for this. In order to receive messages, the own server (more precisely: a server from the own server list) connects to a server from the list of the communication partner - even if this address is not in the own server list. Everyone can only define their own send/receive server.

Although servers are preconfigured in the app, you can enter any other SimpleX server or even a SimpleX server that you operate yourself. You can therefore specify which server should be used to receive messages and each conversation can be split between two different and independent servers.

However, to hide your own IP address from the recipient, it makes sense not to use your own private SMP server for sending (which could be reassigned), but one of the SMP standard servers.

Offline messages

… are possible. The delivery of offline messages (more info on this at Github (external)) is done via individual “relay servers”:

SimpleX stores all user data on the client devices, messages are only temporarily held on the SimpleX relay servers until they are received. …

If the recipient is not online at the same time, the messages are temporarily stored on an SMP server for a maximum of 21 days until they are collected/deleted, after which they are discarded. Larger files routed via XFTP are stored for a maximum of 48 hours for collection from the XFTP server. The retention values can be changed by server operators for their own SMP/XFTP servers.

Push Notifications

This blog post here (external) covers design for notifications on Android and iOS platforms:

In a nutshell:
Android: SMP servers push the messages themselves, no metadata is shared with other services, and nothing is used that cannot be self-hosted with our apps.
iOS: Requires a dedicated notification server per app, which has a device token and can observe some metadata; users can only host it themselves if they modify the app and register the app with Apple (it doesn’t have to be in the App Store, and Apple doesn’t actually like copies there, it can be internal to a group of users / companies - there is no approval process for such apps).

Technical background for iOS

For instant notifications to work on iOS, the user must decide at signup if push notifications should be used. If yes, a DNS request is made to the iOS push notification server (ntf2.simplex.im / 139.162.221.251) when the app is started. This cannot be turned off.

The developer writes about this (via email): It is a compromise between privacy and convenience. For security and privacy related scenarios, iOS should not really be used.

Expert knowledge

This section on anonymity is especially for those interested in technology: Only read it if the terms IP address, hop, relay mean something to you - otherwise you’ll despair!

Traffic analysis

(Data) traffic analysis refers to the analysis of data traffic in order to obtain metadata (who communicated with whom, when, for how long or not). However, such an analysis is potentially easier than with unidirectional communication, given the separation of sending and receiving paths, which I as a layman see as advantageous. SimpleX ‘paddles’ every message (even when exchanging keys) to the same length (16k characters), which in turn is very good.

The following solution is available to protect your own IP address:

“2-hop routing with sender-chosen sending relays in addition to recipient-chosen receiving relays … not only it solves IP address protection, it makes threat model for senders much better, as the receiving relays no longer have sessions with the senders, and no shared metadata at all between different messaging queues (assuming sending relays don’t share the data with the receiving relays).

---

Development

There are frequent new functions and updates; there is a rapid response to reported issues or user requests. From the Vision (external) of SimpleX:

Going forward we plan to keep the basic usage of the platform free, and at the same time we will be providing the benefits to the project sponsors. For example, there will be additional app icons and user profile badges. There also will be higher file transfer limits – currently we don’t limit it at all, only limiting the file size, but it’s unlikely to be sustainable. In any case, the app will remain highly usable for everyone for free, and fully open-source. Several other apps are already being developed based on our app core, leading to a fully decentralized network.

The developer has its own view of privacy and is redefining it. Privacy would not be possible without venture capital

https://www.poberezkin.com/posts/2022-12-07-why-privacy-needs-to-be-redefined.html
https://www.poberezkin.com/posts/2023-10-31-why-privacy-impossible-without-venture-funding.html

Further functionalities are planned such as:

• SMP queue redundancy and rotation (manual is supported)
  Random servers can also be used for existing contacts through automatic rotation, which will make it even more difficult to track communication.
• Large groups, communities and public channels
  The current groups are actually only intended for smaller numbers of participants.
• Feeds/broadcasts
• Web widgets for custom interactivity in the chats
• Programmable chat automations / rules (automatic replies/forward/deletion/sending, reminders, etc.)

Registered office

SimpleX Chat Ltd was founded on 20.10.2021 and is based in London (20-22 Wenlock Road, London N1 7GU).

Financing

To date, SimpleX has been financed primarily by international investors:

• Village Global (external)
  Source: SimpleX
• Jack Dorsay (external) (co-founder of Twitter and Bluesky) and Asymmetric Capital Partners (ACP) VC fund (external)
  Source: SimpleX (external)

Source: SimpleX (external)

Community Voucher

The continuous operation of servers is to be ensured by means of blockchain-based “community vouchers.” Server operators will receive up to 70% of the infrastructure payments. No existing cryptocurrencies will be used for this purpose, as they are…

• Speculative and volatile
• Regulated as financial transactions
• BTC and XMR blockchains do not support smart contract logic, e.g. for locked funds

Initially, the vouchers will be paid for with stablecoins (USDT/USDC). The goal is to enable the use of other popular cryptocurrencies (BTC/ETH/XMR) as well as in-app payments.

Conclusion

SimpleX is undergoing rapid development and combines certain advantages of server-based systems (offline messages) and serverless systems (anonymity).

The blanket statement “most private and secure chat and application platform” is an extreme and, as always, makes people sit up and take notice. Therefore, everyone should check for themselves whether “most private and secure” actually meets their own requirements. After all, there are many possible criteria for security and privacy/anonymity, which everyone can view individually and evaluate differently!

SimpleX is only suitable for companies to a limited extent or in specific cases, as legal requirements regarding the retention period for documents must be observed.

For private use or specific user groups, however, it is a very interesting messenger with a focus on privacy.

---

References

project page: https://simplex.chat (external)
source code: https://github.com/simplex-chat (external)
F-Droid: https://f-droid.org/de/packages/chat.simplex.app/ (external)
Community Voucher: https://simplex.chat/vouchers (external)
Current status/planning: Roadmap (external)
To the SimpleX protocol: Documentation (external), Github (external)
Comparison with other protocols: Github (external) and discussion on this at Reddit (external)
About the attack scenario: Thread model (external)

Report and short test by Kuketz (external)
In the Privacy manual (external) SimpleX is listed as “exotic with special privacy features”.

Conclusion

SimpleX is under heavy development and is a messenger that combines certain advantages of server-based systems (offline messaging) and serverless systems (anonymity).

---