Built secure from the ground up
AeroxiChat's zero-knowledge architecture means your private data is inaccessible to everyone — including us. This isn't a promise. It's a mathematical guarantee.
Client-Side Key Generation
Your encryption keys are generated entirely on your device using cryptographically secure random number generators. Keys never leave your device unencrypted.
End-to-End Encryption
Every message, image, and file is encrypted before it leaves your device. Decryption only happens on the recipient's device. We store only cipher text.
Zero Server Visibility
Our servers act as relay points for encrypted blobs. We have no ability to read message content, view media, or identify who is talking to whom.
Minimal Metadata
We minimize metadata collection. No IP logging beyond session auth, no contact graph analysis, no behavioral profiling.
Open Source Verification
Our Android client source code is public on GitHub. Any researcher can verify our encryption implementation matches our claims.
Regular Security Updates
Security patches are prioritized and shipped immediately. Subscribe to GitHub releases to be notified of any critical updates.
What we never collect
Zero-knowledge means zero data about you. Here's what our infrastructure is architecturally prevented from accessing:
- Your private message content
- Your contact list or social graph
- Your real-time location
- Your browsing or in-app behavior
- Your device identifiers beyond session use
- Biometric data of any kind
Responsible Disclosure
Found a security vulnerability? We take all reports seriously and respond within 48 hours. Responsible disclosures are rewarded with public credit and our sincere gratitude.
Report a VulnerabilityDon't trust us — verify us. Our source code is public.
View Source on GitHub