Security & Cryptography
Whispyr’s security model is designed to match the product’s architecture: nearby transport, modern key agreement, authenticated encryption, and local-first storage. This page explains the high-level approach in a clear and calm system view.
1. Architecture-first security
Whispyr is designed for proximity-first messaging. Instead of routing every message through a central server, the product prioritizes nearby device-to-device sessions where possible.
2. Nearby transport layer
Whispyr uses Apple’s MultipeerConnectivity stack to discover and connect nearby devices using Bluetooth and local Wi-Fi. This creates a local session optimized for real-world environments.
3. Key agreement
Session keys are negotiated using Curve25519. This modern ECDH approach provides fast, efficient key establishment suited to live peer connections.
4. Message protection
Messages are protected using ChaCha20-Poly1305 (ChaChaPoly), providing authenticated encryption — confidentiality and integrity in one modern, widely trusted construction.
5. Human-layer verification
Whispyr may surface device fingerprints and an optional safety word. These are small but meaningful UX trust cues that help confirm you’re speaking with the intended nearby device.
6. Local-first data model
Identity, chats, spaces, stories, and events are designed to live on-device by default where supported. This reduces centralized data exposure and keeps the system lightweight.
7. Real-world boundaries
No security model exists in a vacuum. Device compromise, OS-level threats, and physical access can affect the safety of any app. Whispyr’s cryptography protects message payloads in normal operation, while good device hygiene remains essential.
8. Reporting issues
If you believe you’ve found a vulnerability or security weakness, please contact support@getwhispyr.app with a clear description and reproduction details.
Short version
Whispyr pairs nearby transport with modern E2E primitives — Curve25519 for key agreement and ChaCha20-Poly1305 for message protection — aligned with a local-first storage posture.