2.2. Messaging keys and the encryption model

Obscura separates identity from encryption.

The wallet proves who you are. Messaging keys protect what you say.

When a wallet is connected for the first time, the client creates or derives a dedicated messaging keypair on the user’s device. This keypair is used exclusively for encrypting and decrypting messages. The public part of that key is registered so other users can send you encrypted messages. The private part never leaves the device.

This distinction matters for both security and usability. Wallet keys are designed for signing transactions and proving ownership, not for continuous encryption of message streams. Messaging keys, on the other hand, are optimized for that exact job. If anything goes wrong, you can rotate messaging keys without changing your wallet identity.

When a message is sent, the flow is straightforward but strict. The sender’s client takes the message text, encrypts it locally using the recipient’s public messaging key, and sends the resulting ciphertext to the backend. By the time the server sees it, the message is already unreadable. On the receiving side, the client uses the locally stored private messaging key to decrypt and display the message.

At no point does the server have the information required to reverse this process.