2.5. Privacy as a built-in property

In Obscura, privacy is not a toggle.

From the start, the assumption is that message content should be protected end-to-end. Messages are encrypted by default, and the backend never sees plaintext. Users do not need to enable “secret chats” or remember special modes for basic privacy guarantees.

That said, the current MVP makes a clear trade-off. While message content is private, the backend still sees basic metadata needed to route messages: which wallet sent a message to which other wallet, and when. This keeps the system simple and makes the product feel fast and familiar.

The important point is that the foundation is already set. Content privacy does not depend on future features or optional settings. The server’s inability to read messages is a property of the architecture itself. More advanced privacy work in the future can focus on reducing metadata exposure, but it will build on a base where message content is already locked end-to-end.