Notices by Delta Chat (delta@chaos.social)

As an excellent programmer once noted: constraints induce creativity and focused design. Delta Chat has been running against classic e-mail provider constraints for years and had to evolve its code to work against these constraints (rate limits, spam filters, signups, delays etc) and thus we were uniquely positioned to create a minimal #chatmail server template that beats Gmail, Outlook, iCloud etc regarding security, performance and efficiency. It's a similar story with #deepseek if you will.

@leaf yes, there are futures where servers play less of a role than they do today. We are thinking/prototyping on that.

But already today, #webxdc realtime apps eg at https://delta.chat/en/2024-11-20-webxdc-realtime#pixel-app-small-offline-first-and-realtime are using @n0iroh and thus offer a private #p2p network. Here, the rather reliable #SMTP server network is used to bootstrap lots of little private P2P ones consisting of unstable peers. Without this bootstrapping you need central root servers along with DHTs or other mechanism for discovery.

Preventing enshittification of platforms rests on credible exit for users and devs. #ActivityPub and #SMTP are not perfect but

a) are implemented und understood by many players,

b) enable freedom of choice of servers and clients,

c) implement #RightToMigrate as well as self/community custody

Many #p2p projects promise to remove servers but often promote and depend on a single implementation stack, have no spec and no interop among #p2p islands, and thus struggle to provide credible exit.

Where we stand as a project:

- delivering usable decentralized and secure super-apps across all platforms with many friendly forks and alternative, complementary community developments.

- thinking/prototyping several "next big things" (tm) and working on delivering them for real.

Delta Chat is a realist R&D endeavour involving many contributing world-class experts in their fields. Because real expertise is needed to cut through all the crap in specs and softwares.

Idealism is not enough.

@lasagne no, delta chat does not expose filenames. https://delta.chat/en/help#are-attachments-pictures-files-audio-etc-end-to-end-encrypted

When not dabbling in undusting the venerable Email system we play with rewiring the Web to free it from the possibility of billionaire platforms. With a nod to @pluralistic 's "Ulysses Pact" we just published "Replacing billionairish platforms with ZIP files"
highlighting a bunch of new #webxdc features and community developments. The challenge is on who wants to join in de-platforming Venture-Capital-backed web apps that try to mediate our private communications https://delta.chat/en/2025-01-23-webxdc-notifications

@kinetix It's totally fine to go with self-hosting but >99.99% percent of potential users are not running their own e-mail servers and it doesn't make sense to recommend it as the sellling-point then generally? Also, Delta Chat has multi-profile support. There is nothing speaking against first trying things with friends with default profiles, and if you like it use self-hosted addresses. Some first users evolved to run their own #chatmail server and migrated there.

@billseitz @kinetix we understand the sentiment and reluctance of "creating yet another account". Everybody is tired of signing up somewhere. But since chatmail servers and instant onboarding was introduced some 9 months ago, usage strongly increased and there are now at least a dozen independent #chatmail servers with many more we don't know. Did you try it? There is no "heavyness" of registration typically associated with "signing up". Chatmail addresses make e-mail cheap again! :)

PSA: please recommend newcomers to use chatmail servers instead of suggesting they start first with an existing classic e-mail address.

#Chatmail servers provide a dependable, fast and secure messaging experience, with instant push notifications for Google and Apple phones. No personal data needed. Delta Chat profiles with chatmail servers come closest to mainstream messaging experiences and typically "just work" also in many repressive situations with bad internet or partial blockings.

@ax3 @me we may eventually return to the topic of forward secrecy ... it is doable but details matter which we won't discuss much here. Please do note that up until today, nobody has come up with federated PFS protocols in real life messengers that would be as reliable as Signal. For now, PFS means centralization and that's a very high price to pay.

@me @unixtippse signal also doesn't have "sealed recipients": When a client sends a message signal server knows precisely who are the recipients including their verified phone numbers.

@me subject lines are encrypted with delta since 2018 ;) for more info see https://delta.chat/en/help#message-metadata and the whole section around encryption.

Much of what is commonly said about #email and #openpgp is wrong. It can very well be fast and secure and that's a claim backed by working code and deployments and audits (#chatmail servers and the #deltachat family of apps). There is no both-sides-have-opinions game to be played here. Internet-scale messaging alternatives are arguably either centralized or brittle. There is however much room for further improvements including deep changes in how we commonly understand email today. Stay tuned :)

A main technical and economic difference to #matrix servers/clients:
The family of #deltachat apps uses #chatmail servers as ephemeral message transports that know nothing and forget everything: Servers don't store group metadata or cryptographic identities
and delete messages after download by default. In effect, a 30EUR/month #chatmail server with 10K's of active users hums along with 2% IO and CPU pressure, 1GB RAM and negligible disk usage. No Pro-version or Kybernetes needed to scale ;)

To clarify a bit what we tried to express earlier today: we came to the Fediverse long before it was cool (musk bought Twitter wave) and we are staying on while it's currently not as cool as Bluesky. We are only doing social media via the fediverse. We are in for the long game, and in our view, this means increasing diversity and collaborative development practises and relations with a wide range of people, projects and researchers, with a shared interest in evading enshittificatiom forces.

#webxdc apps running in #deltachat are *guaranteed* to not allow any tracking: anything you do with a webxdc app can only be seen by chat partners but not by _any_ third party. That's why there is no GDPR, cookie or other consent, let alone signups, necessary. Here is an independent security audit https://delta.chat/en/2023-05-22-webxdc-security
which highlights how Chromium is the least sandboxable browser ... Meanwhile Google wants to *expand* digital fingerprinting and tracking https://mashable.com/article/google-digital-fingerprinting-user-tracking

Upcoming events:

We'll give two talks at #FOSSDEM about #chatmail and #deltachat in the modern email devroom, on Saturday late afternoon: https://fosdem.org/2025/schedule/track/modern-email/

The friday before, we'll probably also appear and talk about about #webxdc at the #Matrix barcamp.

Sunday morning, our friends from @n0iroh namely @flub, will give a talk about the P2P-iroh network architecture https://fosdem.org/2025/schedule/event/fosdem-2025-6053-building-peer-to-peer-quic/

Otherwise, you'll find us mostly around #OFFDEM for chatting and more ad-hoc sessions.

@feld here is a corollary with more precision. You need perfect forward secrecy if _all_ of the following is true:

- you use disappearing messages

- you have an adversary that has access to all your past encrypted messages (i.e. to the internal records of your message relay server)

- the same adversary also gets access to your device contents (i.e. secret decryption key)

When did anyone you know or talked to encounter such an adversary in a real life situation?

Hum, are we the only cross-platform messenger project present in 15+ app stores that primarily announces on, and interacts with, the Fediverse while others use X and maybe Bluesky? If you know of others please mention them in the replies :)

In any case, we are pretty happy here, as we are finding meaningful interactions, and organically evolving interest and collaboration with other people and projects. Probably it helps that #email shares several traits with #ActivityPub protocols? Cheers.

@liaizon thanks for the praise :) In fact, there have been whole families moving to delta after they failed with other messengers to migrate to a new device and even lost their account data. With delta a backup file contains btw all data and can be reinstated on any delta chat device, including @deltatouch