3.1. High-level layout

Obscura is built around a strict separation of responsibilities.

The system has two main zones: the client and the backend. Only one of them is allowed to understand messages.

The client is where identity, keys, encryption, and decryption live. The backend is treated as an untrusted transport layer that stores and forwards data it cannot interpret. This split is not a convenience decision — it is what makes the privacy guarantees possible.

At a high level, the flow looks like this:

A user connects their wallet in the client. The client establishes or loads a messaging keypair tied to that wallet. Messages are encrypted locally and sent to the backend as ciphertext. The backend stores the encrypted payload and routes it to the recipient. The recipient’s client decrypts the message locally.

At no point does the backend see plaintext or possess the keys needed to reconstruct it.

The important architectural consequence is that compromising the backend does not compromise message content. The backend is deliberately excluded from the trust boundary.