Understanding the cryptographic machinery behind MicroChat, from simple analogies to deep protocol mechanics.
MicroChat implements Messaging Layer Security (MLS), which solves the scalability issues of pairwise encryption (Signal Protocol) in large groups.
Instead of encrypting a message N times for N recipients, MLS arranges members in a left-balanced binary tree (Ratchet Tree). Each node in the tree represents a public/private key pair.
When a member updates their key (Post-Compromise Security), they generate a new path secret and encrypt it up the tree. This achieves O(log N) efficiency for group operations.
The state of the group advances in discrete Epochs. Each Commit (add, remove, or key update) transitions the group to Epoch N+1. Application messages do not advance the epoch.
Key material for Epoch N is derived from Epoch N-1 via a one-way KDF chain. Once Epoch N-1 is deleted, its keys cannot be re-derived, ensuring past messages remain secure even if current state is compromised.
If an attacker compromises a device, they can be healed out of the group. As soon as the compromised member (or any other member) sends a Key Update, the new entropy restores the group's security, locking out the attacker from future messages.
MicroChat implements Sealed Sender to decouple message routing from sender identity. Network metadata is often as sensitive as the message contents.
Our implementation issues cryptographic blinding tokens to clients representing "the right to send one message".
sender_id = NULL and a valid plaintext token.The true sender identity is embedded inside the AES-GCM encrypted payload, accessible only by group members with the current epoch key.