Back to FAQ

End-to-End Encryption

How Senden protects your conversations.

What is End-to-End Encryption?

End-to-end encryption (E2EE) means that only the sender and the recipient can read the contents of a message. Not even Senden's servers can decrypt your conversations.

Messages are encrypted on your device before being sent, and only decrypted on the recipient's device. If anyone intercepts the data in transit or reads it from our database, they see only unreadable ciphertext.

We've mainly have chosen symmetric encryption over asymmetric with automatic key exchange because it makes it easier to handle reports from bot users. Setting up keys should not take long. E2EE on senden works as an additional layer to the already much more privacy respecting architecture.

Do I Need This?

Senden is built for people who want a familiar community and gaming chat experience, without third parties reading your data, without ads and tracking. Regular messages are already transmitted over encrypted connections (TLS) and stored under Swiss privacy jurisdiction.

E2EE goes a step further: it ensures that not even Senden's servers can read your messages. This is useful if you want protection against data breaches or simply dont want any server to be able to see your conversations. It comes with trade-offs:

  • You must manage your encryption key yourself. There is absolutely NO recovery
  • Lose your key and all encrypted messages are gone forever
  • Keys don't sync across devices. You must transfer them manually
  • Push notifications can't show message content until you open the app to decrypt it on some platforms

If you're just chatting with gaming friends or running a small community group, you probably don't need E2EE. If you share sensitive documents or just don't trust any server with your plaintext, it's worth enabling on those conversations.

If You're a Journalist, Activist, or Handling Sources

Use Signal. Senden's E2EE uses AES-256-GCM with a single shared key per conversation. It has no forward secrecy, no automatic key verification, and no published audit history (but pending). Signal has all of those and a track record of protecting high-risk users.

Download signal here

You can still use Senden for everyday community chats that aren't tied to your sensitive work, but keep anything where your safety or freedom is at stake on Signal.

How It Works 🤓 ☝️

Senden uses AES-256-GCM encryption via the Web Crypto API built into your browser. Each message gets its own random 12-byte initialization vector (IV), ensuring that identical plaintext produces different ciphertext every time.

When you enable E2EE for a conversation, a 256-bit key is generated on your device using crypto.getRandomValues(). This key never leaves your browser. Messages are encrypted into a JSON envelope containing the version, IV, and ciphertext before being sent to the server. The server stores this envelope as-is without any ability to read its encrypted contents.

  • Algorithm: AES-256-GCM
  • Key size: 256 bits, generated locally
  • IV: 12 bytes, randomly generated per message
  • Each conversation has its own independent key

If you have the technical knowledge, you can audit the requests your browser sends to the server, to verify that only encrypted data is sent and no keys.

Key Sharing

Senden does not automatically exchange keys between devices. You must share the key with the other person yourself, outside of Senden, for example in person, over a phone call, or through another trusted channel.

Your key can be displayed as a 24-word mnemonic phrase (using the BIP39 standard) or as a raw 64-character hex string. The other person imports the same key into their chat settings. Both sides must have the identical key for decryption to work.

Key Storage

Your key is stored in your browser's local storage, scoped to the specific conversation. It is never sent to or stored on Senden's servers.

This means your key is lost if you:

  • Clear your browser data or local storage
  • Log out of Senden
  • Switch to a different device or browser
  • Reinstall your browser

Back up your key (the 24-word phrase or hex string) in a safe place. If you want to use E2EE on another device, you need to import the same key there manually.

Keep your key secure. If anyone has access to the key and the encrypted chat at the same time, your messages are not safe anymore.

Potential attack vectors are:

  • Malware on your system
  • Exposure through screen share/stream
  • Someone gaining access to your device

Other platforms have been criticized that their server could send updates to exfiltrate the key. This would obviously also be possible on senden when forced by law enforcement.

If you want to protect yourself against this, simply download the app for the platform of your liking, and disable auto updates and only update after you audited the changes.