Zerion

Zerion is a secure messaging app and encrypted vault designed for people who need private, anonymous, censorship-resistant communication.

Unlike traditional messengers, Zerion uses no servers, no accounts, no phone numbers, and no cloud services. All communication flows directly between devices using the Tor network, protecting users from surveillance, metadata collection, and IP exposure.

Why Zerion?

- Truly anonymous — No phone number, email, or registration - End-to-end encrypted messaging, groups, voice notes, P2P voice and video calls - Per-message post-quantum hybrid ratchet (Mode 3-Full) — Every frame in both directions carries a fresh ML-KEM-768 encapsulation against the peer's current ML-KEM public key; the shared secret is mixed into the body AEAD key on every frame - Post-Compromise Security — Triple Ratchet (X25519 DH + per-message ML-KEM-768 PQ) for per-message key evolution - Tor-only networking — Your IP address is never exposed to contacts - Direct peer-to-peer architecture — No central servers - Encrypted Vault for passwords, documents, media, and notes - Post-quantum hardened end-to-end — Hybrid ML-KEM-768 + X25519 at handshake, introductions, and on every transport frame; ML-DSA-65 + Ed25519 on every signed record - Zerion-only — Purpose-built for Zerion-to-Zerion communication with maximum security - Downgrade attack protection — PQ contacts stay PQ-secure forever - Anti-forensics protection against mobile extraction tools - Open-source and auditable

Zerion collects zero personal data. Not by policy — by cryptographic design.

Core Features

Encrypted Messaging

Private one-to-one chats and groups with end-to-end encryption using XSalsa20-Poly1305 (256-bit keys). Disappearing messages and metadata removal ensure conversations remain confidential.

Post-Compromise Security (PCS)

Zerion implements a Triple Ratchet protocol for post-compromise security:

- Forward secrecy: Past messages stay private even if your device is later compromised - Post-compromise recovery: If an attacker compromises your device, security is restored after one message round-trip - Per-message keys: Every message uses a unique encryption key derived from the current chain state

Ratchet Modes:

- Mode 2 (Double Ratchet): X25519 DH ratchet for forward secrecy and classical post-compromise security. - Mode 3 (Triple Ratchet, per-epoch PQ): Adds ML-KEM-768 post-quantum ratchet every 25 messages or 24 hours. Retained as a fallback path. - Mode 3-Full (Triple Ratchet, per-message PQ — current default since v1.7): Every single frame in both directions carries a fresh ML-KEM-768 encapsulation. The per-stream chain key, the per-message body AEAD key, and the underlying X25519 ratchet all combine into a hybrid that requires breaking both X25519 and ML-KEM-768 — on every frame, not just at epoch boundaries.

P2P Voice & Video Calls

Real peer-to-peer encrypted voice and video calls routed exclusively through Tor hidden services. No STUN, no TURN, no VoIP servers — just private communication between devices.

- Voice calls: Opus codec at 32kbps, AES-256-GCM encrypted, ~100-200ms latency - Video calls: H.264 at 320x240 15fps, AES-256-GCM encrypted with padded frames - Camera switching, video pause/resume, and correct portrait orientation - All frame metadata encrypted inside the payload — zero plaintext metadata on wire

Secure Vault

A hardware-backed encrypted vault for passwords, notes, photos, videos, and documents. Uses Argon2id, AES-256-GCM, and StrongBox/Keystore integration for strong protection.

Post-Quantum Security

All Zerion contacts use full post-quantum security:

- ML-KEM-768 + X25519 hybrid key encapsulation for quantum-resistant key exchange - ML-DSA-65 + Ed25519 hybrid signatures for quantum-resistant authentication - PCS Mode 3 (Triple Ratchet) for per-message key evolution with quantum-resistant post-compromise security

Downgrade Attack Protection

Once a contact is established with post-quantum security, it stays that way. Any attempt to reconnect with weaker security is automatically blocked.

License

GNU General Public License v3.0