Vauchi DocsSecurity
How Vauchi protects your data.
Security Model
Vauchi is designed with the assumption that everything outside your device is hostile:
- Relay server: Assumed compromised
- Network: Assumed monitored
- Other devices: Verified through in-person exchange
Despite these assumptions, your data stays private because of end-to-end encryption.
How We Protect You
End-to-End Encryption
All communication is encrypted so only you and your contacts can read it:
| Data | Encryption |
|---|---|
| Contact cards | XChaCha20-Poly1305 |
| Messages | XChaCha20-Poly1305 with Double Ratchet |
| Backups | XChaCha20-Poly1305 with Argon2id KDF |
| Local storage | XChaCha20-Poly1305 |
The relay server only sees encrypted blobs. It cannot:
- Read your contacts
- See your card fields
- Decrypt any messages
- Link your identity to your data
In-Person Verification
Contact exchange requires physical presence:
- QR codes contain cryptographic identity
- Proximity verification via ultrasonic audio
- No trust-on-first-use for contact verification — you verify contacts in person. Relay server identity is pinned during contact exchange.
This prevents spam, impersonation, and man-in-the-middle attacks.
Modern Cryptography
Vauchi uses battle-tested cryptographic libraries:
| Purpose | Algorithm | Library |
|---|---|---|
| Signing | Ed25519 | ed25519-dalek |
| Key exchange | X25519 | x25519-dalek |
| Symmetric encryption | XChaCha20-Poly1305 | chacha20poly1305 |
| Password KDF | Argon2id | argon2 |
| Key derivation | HKDF-SHA256 | hkdf |
All libraries are:
- Written in Rust (memory-safe)
- Well-known, widely used in production
Forward Secrecy
Each message uses a unique key derived via Double Ratchet:
- Keys are used once then deleted
- Even if one key is compromised, other messages stay safe
- Past messages can't be decrypted with current keys
Threat Model
| Threat | Mitigation |
|---|---|
| Server compromise | E2E encryption; server can't read data |
| Network surveillance | TLS + Noise NK + E2E; three layers |
| Man-in-the-middle | In-person verification of identity |
| Spam/harvesting | Proximity required; no remote adding |
| Device theft | OS-level key storage, optional biometrics |
| Lost device | Social recovery + encrypted backups |
| Traffic analysis | Padding to standardized bucket sizes |
| Replay attacks | One-time tokens, per-message nonces |
Metadata Visibility
The relay operator can observe communication patterns: which identities communicate, when messages are sent and received, and message frequency. The relay cannot read message content. Delivery jitter reduces timing correlation between senders and recipients. Running your own relay server eliminates third-party metadata exposure.
Best Practices
For Users
- Create a backup — Protect against device loss
- Use a strong backup password — A passphrase (4+ words) is recommended. Store it somewhere safe, separate from your devices
- Verify important contacts — Compare fingerprints in person
- Revoke lost devices immediately — Prevent unauthorized access
- Keep your device secure — Enable lock screen, update OS
- Only link devices you physically control — Each linked device has full access to your identity
For Privacy
- Review visibility settings — Control what each contact sees
- Limit field sharing — Only share what's needed
- Remove old contacts — They keep seeing updates otherwise
For Recovery
Set up social recovery to protect against total device loss:
- Choose diverse guardians — Spread across different social circles (e.g., one family member, one friend, one colleague)
- Don't rely on one group — If all guardians are family, a single household event could make recovery impossible
- Set threshold to at least 3 — Higher thresholds are more secure
- Update guardians when relationships change — Remove guardians you've lost touch with and add new ones
- Review periodically — Check your guardian list once a year
For Backups
- Use a strong passphrase — At least 4 random words or equivalent strength
- Store backups securely — On a USB drive, external storage, or a secure location separate from your devices
- Don't store on cloud services — Backup files are encrypted, but keeping them local is more private
- Create fresh backups — After adding new contacts or linking devices
Security Reporting
Found a security issue? Please report it responsibly:
Email: security@vauchi.app
We will:
- Acknowledge within 48 hours
- Investigate and fix verified issues
- Credit reporters (unless they prefer anonymity)
- Not pursue legal action against good-faith researchers
Open Source
All code is open source and available for inspection:
- GitLab: https://gitlab.com/vauchi
- GitHub Mirror: https://github.com/vauchi
We welcome security reviews and contributions.
Technical Details
For cryptographic implementation details, see:
- Encryption Feature — User-friendly explanation
- Cryptography Reference — Technical specification