4.1. Security model

Obscura’s security model starts from a constraint, not from a feature set.

The constraint is simple: the backend must never be in a position where reading message content is possible. That requirement shapes every other decision in the system.

All cryptographic operations that matter happen on the client. The server never receives private messaging keys, never decrypts payloads, and never handles plaintext. As a result, the server is not part of the trust boundary for message confidentiality.

This leads to a very specific guarantee: even a fully compromised backend does not reveal message content. There is no emergency switch, no admin access, no “special mode” that changes this. The server either has the keys or it doesn’t — and in Obscura, it doesn’t.

The security model assumes that correctness of cryptography and client key handling is more important than protecting a complex backend. The backend is deliberately kept minimal so that there is less to trust and less that can go wrong.