Glossary · End-to-end encryption (E2EE)
End-to-end encryption (E2EE)
A messaging architecture where only the two parties can decrypt a message. The server never sees plaintext. Friends? DMs use this.
End-to-end encryption (E2EE) is the property where a message is encrypted on the sender's device and only decrypted on the recipient's device. The intermediary server — the messaging platform itself — sees only ciphertext. Even the platform's engineers, with full database access, cannot read the content.
Compare to "encryption in transit" (TLS), which protects messages from network eavesdroppers but lets the server read them, and "encryption at rest" (database-level), which protects messages from a stolen disk but lets the running server read them. E2EE is strictly stronger than both.
The cost of E2EE is operational complexity: the platform can't run server-side message search, can't moderate content automatically, can't show "you have a new message" notifications without a separate signaling channel, and can't easily recover messages if a user loses their device.
Are We Friends? uses XChaCha20-Poly1305 for symmetric encryption, X25519 sealed boxes for asymmetric key wrapping, and Argon2id to derive a user's master key from their passphrase. Private keys are stored only on the user's device, never sent to our servers in any form.
Related terms
XChaCha20-Poly1305
An authenticated symmetric encryption algorithm used to encrypt every Are We Friends? DM payload.
X25519
An elliptic-curve key agreement protocol. Are We Friends? uses it to wrap the per-thread DM keys.
Argon2id
A memory-hard password-hashing function. Are We Friends? uses it to derive your master encryption key from your passphrase.
Bry_NFET_SX
Are We Friends?'s internal name for our end-to-end encryption stack — XChaCha20-Poly1305 + X25519 + Argon2id.
Give it five minutes
Meet people who actually fit — and do something real.
Free tier, Big Five test, three matches nearby. No ads, ever.