Photon

Decentralized Messenger with Social Key Recovery

Zero servers • Rolling-chain encryption • UDP + TCP

Install

Version: Stelor · Updated: 2026-01-16

One-line installer downloads pre-built binaries and creates shortcuts.

Release (Recommended)

Linux/macOS/Redox:

curl -sSfL https://brobdingnagian.holdmyoscilloscope.com/photon/install-release.sh | sh

Windows (PowerShell):

powershell -ExecutionPolicy Bypass -c "irm https://brobdingnagian.holdmyoscilloscope.com/photon/install-release.ps1 | iex"

Android:

Download APK

Enable "Install unknown apps" in Settings if prompted

Development (With Logging)

For debugging. Logs to file on Windows/macOS, stdout on Linux.

Linux/macOS/Redox:

curl -sSfL https://brobdingnagian.holdmyoscilloscope.com/photon/install-development.sh | sh

Windows (PowerShell):

powershell -ExecutionPolicy Bypass -c "irm https://brobdingnagian.holdmyoscilloscope.com/photon/install-development.ps1 | iex"

After install, find Photon Messenger
in your program list
(Start Menu on Windows, app launcher on Linux).
Or run photon-messenger from terminal.

Why cryptographic signatures?
Every binary is signed with Ed25519 and
self-verifies on startup. This mostly protects against data corruption (bit flips, incomplete writes, storage failures) and tampering. If even a single bit is wrong, the binary won't run—ensuring you're always running the exact code as designed. You'll also know who signed the distribution, establishing cryptographic provenance and an immutable audit trail.

See It In Action

Watch how rolling-chain encryption evolves with each message. Every message is cryptographically bound to
all previous messages—no replay attacks, no reordering,
no tampering. The chain state only advances once the
sender receives confirmation that the message was
received and decrypted successfully. Multiple messages
can be sent using the same chain state, and they're
processed in order once receipts arrive—keeping both
sides synchronized even during network disruptions.

Turing

Unavailable

Ada

Unavailable

What is Photon?

Photon is a decentralized messaging system that eliminates corporate servers, phone numbers, and centralized control. All messages are end-to-end encrypted with rolling-chain cryptography.

Peer-to-Peer

No company servers. No data centers. Messages route peer-to-peer thru distributed hash tables. Can't be shut down, can't be subpoenaed.

Conceptual illustration of a cryptographic key fragmenting into glowing shards distributed among silhouettes of people in a circle, digital particles connecting them, warm amber and cyan lighting, holographic aesthetic, cyberpunk style

Social Key Recovery

Your identity is distributed as encrypted shards across trusted friends. Lose all devices? They reconstruct your identity.

Abstract visualization of a cryptographic chain with interconnected blocks, each message affecting the next, glowing hash connections flowing like electricity thru linked nodes, dark background with electric blue and purple gradients, technical blueprint aesthetic

Rolling-Chain Encryption

Each message affects encryption of all subsequent messages. Position-bound cryptography prevents replay and reordering attacks.

Split-screen technical illustration showing encrypted network traffic blending seamlessly with normal web traffic and BitTorrent streams, data packets flowing thru glowing pathways, indistinguishable streams merging, matrix-style green code overlay, dark tech aesthetic

Direct P2P

Messages, transfers and calls travel directly between devices over UDP. No servers in the middle, no routing through data centers, no third-party metadata collection.

Minimalist illustration of digital messages fading away with timestamp markers (1h, 24h, 7d, 30d), leaving geometric tombstone placeholders, dissolving particle effects, clean interface design with cyan and orange accents, modern UI aesthetic

Expiring Messages

Set custom expiration times or delete messages manually. Deleted/expired messages replaced with tombstones to preserve chain integrity.

Abstract representation of privacy controls with toggle switches, shield icon glowing softly, minimalist UI elements, dark interface with subtle green 'protected' indicators, clean modern design, security-first aesthetic operating system

Privacy by Default

Read receipts, typing indicators, online status are disabled by default. Features that reveal behavior or identity require opt-in.

Messaging Matrix

Property	SMS	Signal	WhatsApp	Telegram	Messenger	Matrix	Photon
Authentication count	>1	>1	>1	>1	>1	>1	1
E2EE by default	✗	✓	✓	✗	✗	✓	✓
Decentralized	✓	✗	✗	✗	✗	✓	✓
Social recovery	✗	✗	✗	✗	Partial*	✗	✓
Metadata privacy	✗	Partial	✗	✗	✗	Partial	✓
Self-sovereign data	Local***	✗	✗	✗	✗	Partial	✓
Multi-device sync	✗	✗	Cloud	Cloud	Cloud	Federation	Decentralized
Phone number required	Yes	Yes	Yes**	Yes	No	No	No
Open source	N/A	✓	✗	Client only	✗	✓	✓
Immutability	Local***	✗	✗	✗	✗	Partial	Full

* Partial social recovery: Facebook Messenger allows selecting 3-5 "trusted contacts" who can help recover your account. They receive codes to give you. This requires Facebook account access and doesn't work if Facebook locks you out. Facebook controls the keys.

** WhatsApp phone-only recovery: Account tied to phone number via SMS. If carrier invalidates your SIM (account closure, porting hijack, lost abroad), you're permanently locked out. No alternative recovery. Worse than no recovery system because it creates false sense of backup.

*** SMS local-only: Messages stored only on device. No cloud backup, no server storage, no synchronization. Messages immutable on your device but can be deleted by carrier, lost with device, modified on recipient's device, or trivially spoofed (sender ID is not authenticated).

About Immutability:

Message immutability means conversations cannot be altered, deleted, or reordered after transmission without cryptographic evidence of the modification. This prevents gaslighting, protects against retroactive censorship, and establishes verifiable provenance for disputes.

Most platforms let senders delete messages from both sides, edit history silently, or revoke entire conversations. "Unsend" features sound convenient until someone deletes evidence of harassment, agreements, or admission of wrongdoing. Courts can't subpoena deleted Signal messages. Businesses can't prove contract terms discussed over WhatsApp if the other party unsends them.

Photon supports deletion as a convenience feature, but rolling-chain encryption makes any modification cryptographically detectable—each message is mathematically bound to all previous messages. Deleting or editing requires consent from both parties and leaves verifiable proof in the chain. Your conversation history becomes cryptographic evidence. No "he said / she said"—the mathematics documents everything, and maths don't lie.

How It Works

Rolling-Chain Encryption

For a conversation between Ada and Turing, each party maintains two independent unidirectional chains:

Shared seed exchanged out-of-band → Initial state: state₀ = BLAKE3(seed)
Ada encrypts message with stateAda→Turing and sends to Turing
Turing receives, decrypts, advances his receiving state
Turing sends reply (or ACK), completing the loop
Ada advances her stateAda→Turing sending chain
Each chain advances only when the loop completes
Send → receive → acknowledge → advance
Both parties can decrypt because neither advances until confirmed
Each message cryptographically bound to entire chain history
stateᵢ = BLAKE3(stateᵢ₋₁ ‖ ciphertext)

Unlike Signal's Double Ratchet (which advances immediately), rolling-chain requires completing the loop before advancing thus guaranteeing message order and immutability.

Social Key Recovery

Your 256-bit private key is split into overlapping shards distributed across trusted friends:

Each friend stores encrypted shards
Lose all devices? Friends' devices notify them: "Ada is recovering identity"
System generates unique 3-word phrase per friend
You contact friends out-of-band via POTS, video or in-person
They approve, read phrase to you, you enter it on new device
After threshold reached, identity reconstructs cryptographically

Network Discovery

Photon uses a custom distributed hash table for discovery:

Your handle hashes to a DHT address for peer lookup
Kademlia XOR routing locates peers across the network
UDP for direct P2P messaging and status
HTTPS for initial DHT bootstrap only
All message content is end-to-end encrypted

Identity is human-readable: message fractal decoder instead of 68325246092135005593188004702279567398142131080053653706547690190910173287891. Names are bound cryptographically to public keys via deterministic DHT addressing—no DNS, no blockchain, no registration fees.

↓

Deep Dive
Identity System

↑

Project Status

Early Development — Core infrastructure functional, messaging in progress.

Linux

✓

Windows

✓

macOS

Intel + ARM

Android

✓

Redox

✓

iOS

blocked

What Works

✓ Cross-platform app
✓ CLUTCH key ceremony (8 algorithms)
✓ Peer-to-peer messaging over UDP
✓ Handle registration and DHT discovery
✓ Rolling-chain encryption
✓ Signed binary distribution

In Progress

◐ GUI polish and message rendering
◐ Invite system
◐ Social key recovery

Currently invite-only. You can register a device and test messaging, but handles aren't guaranteed until the invite system is complete—peer records may be wiped during development.

License: MIT OR Apache-2.0 (dual)

Repository: github.com/nickspiker/photon