3.5. Assumptions and boundaries

The architecture is built with clear assumptions.

It assumes the client device is not compromised. If malware has access to a user’s device, it can read messages after decryption. This is an unavoidable boundary for any end-to-end encrypted system.

It also assumes that content privacy is the primary goal of the MVP. Metadata privacy is recognized as important, but is treated as a later layer that can be added on top of an already secure foundation.

By keeping the backend simple and the cryptography client-side, Obscura creates a system where future improvements can reduce metadata exposure without needing to redesign how messages are protected in the first place.