What is RVNT

Privacy-first encrypted communications. No compromises.

Overview

RVNT is an end-to-end encrypted messaging platform designed for people who take communications security seriously. It is not a Signal clone with a different logo. It is a ground-up reimplementation of the most paranoid threat model we could construct, built in Rust, with post-quantum cryptography, sealed sender metadata protection, Tor routing, offline mesh networking, and a panic mode that performs cryptographic key destruction on command.

Every architectural decision in RVNT answers a single question: what happens when the adversary has unlimited resources? The answer is always the same: they get nothing useful.

RVNT does not require a phone number, email address, or any personally identifiable information to create an account. Your identity is a cryptographic keypair generated locally on your device. The server never learns who you are, who you talk to, or what you say. It cannot, because it never has the keys.

Open Source. Every line of RVNT's code is published under the AGPLv3 license. The cryptographic primitives, the network stack, the storage layer, the protocol implementation -- all of it is auditable. We do not ask you to trust us. We ask you to read the code.

Who Is RVNT For

RVNT is built for people operating in high-risk environments where communications security is not a preference but a requirement:

Journalists communicating with sources in hostile jurisdictions
Human rights workers coordinating in regions with pervasive surveillance
Attorneys who need attorney-client privilege to actually mean something
Security researchers discussing vulnerabilities before disclosure
Activists organizing under authoritarian regimes
Anyone who believes that private communication is a fundamental right, not a feature request

If you are comfortable with a messenger that requires your phone number, stores your social graph on a server, and trusts a single company to never be compromised, compelled, or coerced -- RVNT is not for you. If you are not comfortable with that, keep reading.

What Makes RVNT Different

No Phone Number Required

Most encrypted messengers require a phone number to register. That phone number is a persistent identifier tied to your legal identity, your location history, your financial records, and your social graph. It is the single point of failure for your privacy.

RVNT uses cryptographic identity. When you launch RVNT for the first time, the app generates an Ed25519 identity keypair locally on your device. Your public key is your identity. You choose a username (verified with proof-of-work, not a phone number). No SIM card. No carrier. No KYC. No identity document. Nothing that ties your RVNT account to your physical identity unless you choose to share it.

No Server Sees Your Messages

RVNT is peer-to-peer. Messages travel directly between devices. The server's role is limited to two functions: storing public key bundles for initial key exchange, and providing bootstrap nodes for peer discovery via a Kademlia DHT. The server never relays message content. It cannot read messages because it never possesses the decryption keys. A complete server compromise yields: public keys (which are public by design), encrypted prekey bundles, and server logs that contain no IP addresses, no sender identities, and no message content.

What the server stores:
  - Public key bundles (public by design)
  - Encrypted prekey material (cannot decrypt)
  - Username-to-public-key mappings
  - Proof-of-work registration tokens

What the server does NOT store:
  - Message content (never touches the server)
  - Sender/recipient pairs (sealed sender)
  - IP addresses (zero logging + Tor)
  - Social graph (peer-to-peer discovery)
  - Encryption keys (never leave your device)

Post-Quantum Cryptography

Every key exchange in RVNT uses a hybrid construction: classical X25519 Diffie-Hellman combined with ML-KEM-768 (FIPS 203), a lattice-based key encapsulation mechanism standardized by NIST at Security Level 3. An attacker must break both the elliptic curve and the lattice problem to recover the session key.

This matters now, not in the future. Intelligence agencies and well-funded adversaries are already harvesting encrypted traffic with the intent to decrypt it when quantum computers become available. This is called the "harvest now, decrypt later" attack. Messages you send today using classical-only encryption may be readable in 10-15 years. RVNT's hybrid construction ensures that even if a cryptographically relevant quantum computer is built, your messages remain confidential.

Forward Secrecy

RVNT implements the Double Ratchet algorithm. Every message is encrypted with a unique key derived from a continuously evolving chain. After a message is encrypted, the key used to encrypt it is deleted. Compromise of your device today does not reveal messages you sent yesterday. The ratchet provides both forward secrecy (past messages are protected) and break-in recovery (future messages are protected after the next DH ratchet step).

Sealed Sender

In most messaging systems, even end-to-end encrypted ones, the server knows who is sending a message to whom. The "from" field is visible to the routing infrastructure. RVNT eliminates this. The sender encrypts their identity inside the message envelope using the recipient's public key. The server sees only the recipient identifier and an opaque blob. It cannot determine who sent the message. The recipient decrypts the envelope to learn the sender's identity.

Tor Routing

All network traffic between RVNT clients and servers routes through the Tor anonymity network via an embedded arti-client (the Rust Tor implementation). This prevents the server from learning your IP address and prevents network observers from correlating your traffic. In standard mode, RVNT uses 3-hop Tor circuits. In maximum privacy mode, it uses 5-hop circuits with additional cover traffic and randomized timing.

Offline Mesh Networking

When the internet is unavailable -- whether due to infrastructure failure, censorship, or deliberate shutdown -- RVNT can transmit messages over Bluetooth and WiFi Direct using Multipeer Connectivity (iOS/macOS) and Wi-Fi Aware (Android). Messages are encrypted with the same Double Ratchet keys used for online communication. The mesh layer uses store-and-forward routing: if the recipient is not in direct radio range, intermediate devices can relay the encrypted envelope without being able to read it.

Panic Mode

Panic mode is a cryptographic self-destruct. When activated (via a duress PIN, a hardware button sequence, or a remote signal), RVNT performs:

3-pass DoD 5220.22-M overwrite of all local cryptographic material
Secure Enclave key invalidation (hardware-backed, irreversible)
SQLCipher database destruction (AES-256 encrypted database wiped)
Keychain entry deletion (all stored secrets)
Media cache wipe (all cached files, thumbnails, previews)

After panic mode completes, the device presents a clean state. There is no "undo." The cryptographic material is gone. A forensic examiner examining the device will find an app with no data. The private keys that could decrypt your message history no longer exist on any device, anywhere.

Duress PIN

RVNT supports a secondary PIN that, when entered at the lock screen, silently triggers panic mode while displaying a plausible decoy state. If you are compelled to unlock your device, the duress PIN destroys all sensitive data while appearing to comply. The decoy state shows an empty conversation list or a set of pre-configured innocuous conversations. The actual cryptographic material is already gone.

Technology Stack

RVNT is built on a Rust core with platform-specific UI layers:

Component	Technology	Purpose
Core Library	Rust	Cryptography, protocol, storage, networking
Desktop App	Tauri + React	macOS, Linux, Windows desktop clients
Mobile App	React Native + Rust FFI	iOS, Android mobile clients
Cryptography	X25519, Ed25519, AES-256-GCM, ML-KEM-768, BLAKE3	Key exchange, signing, encryption, hashing
Key Exchange	Hybrid X3DH (classical + post-quantum)	Initial session establishment
Ratchet	Double Ratchet with header encryption	Per-message forward secrecy
Networking	libp2p + Kademlia DHT + arti (Tor)	Peer discovery, anonymous routing
Storage	SQLCipher (AES-256-CBC + HMAC-SHA256)	Encrypted local database
PIN / Auth	Argon2id (64MB, 3 iterations, 4 lanes)	Key derivation from user PIN
Identity Server	Axum + RocksDB	Public key bundle storage

How Privacy Works End-to-End

Here is what happens from the moment you type a message to the moment your contact reads it:


  YOU                                                YOUR CONTACT
   |                                                      |
   |  1. Type message                                     |
   |  2. Compress (zstd)                                  |
   |  3. Double Ratchet encrypt (AES-256-GCM)             |
   |  4. Sealed sender wrap (hide your identity)          |
   |  5. Pad to fixed size (hide message length)          |
   |  6. Mixnet batch + random delay (hide timing)        |
   |  7. Route through Tor (hide IP address)              |
   |  8. P2P transport (no server relay)                  |
   |                                                      |
   |  -------- encrypted envelope ----------------------> |
   |                                                      |
   |                       9. Receive via Tor             |
   |                      10. Unseal envelope             |
   |                      11. Verify sender certificate   |
   |                      12. Double Ratchet decrypt      |
   |                      13. Decompress                  |
   |                      14. Display in UI               |
   |                                                      |

At no point in this pipeline does any server, relay, or intermediary have access to: the message plaintext, the sender identity, the message length, or the timing correlation between sender and recipient. The server does not relay the message. The server does not know who sent it. The server does not know how long it is. The server cannot correlate when you sent it with when your contact received it.

Threat Model Summary

RVNT is designed to resist the following adversaries:

Compromised server operator: Gets nothing. No plaintext, no keys, no metadata.
Network observer: Sees Tor traffic. Cannot determine endpoints or content.
Future quantum computer: Hybrid PQ/classical key exchange. Must break both.
Physical device seizure: Encrypted storage. Panic mode. Duress PIN.
Legal compulsion (served to RVNT): We cannot produce what we do not possess.
Compromised message key: Forward secrecy limits exposure to a single message.

RVNT does not protect against: compromised endpoint devices (malware), shoulder surfing, malicious contacts who screenshot your messages, or a global passive adversary capable of observing all internet traffic simultaneously. Read the full threat model for details.

Getting Started

Ready to try RVNT? Here are your next steps:

Quick Start Guide -- Download, install, and send your first message
How It Works -- Technical walkthrough of the message pipeline
Protocol Specification -- Full cryptographic protocol documentation
Threat Model -- What RVNT protects against and what it does not
Build from Source -- Compile RVNT yourself and verify the binary

Pre-release software. RVNT is under active development. The cryptographic core has been implemented and tested (66+ test cases passing, fuzz testing in progress), but the application has not yet undergone a formal third-party security audit. Use accordingly.