How Your Messages Stay Private
When you send a message in a Council network, it's encrypted the moment you hit send. This document explains the journey your message takes and why it's impossible for anyone outside your network—including Council—to read it.
The Encryption Journey
Step 1: Your Passphrase Creates Your Keys
When you join a network with a passphrase, your device uses that passphrase to mathematically generate a set of encryption keys. This process is deterministic—the same passphrase always produces the same keys—which is how all network members can decrypt each other's messages without ever sharing keys directly.
The passphrase itself never leaves your device. Only the encrypted messages do.
Step 2: Your Device Adds Its Own Layer
Your device has a unique secret that was created when you first set up Council. This secret combines with the passphrase-derived keys to create a final encryption key. This means someone would need both your passphrase AND access to your specific device to decrypt messages.
Step 3: Time Synchronization
D4TE uses the current time as part of its encryption. Messages are tied to specific time intervals, which prevents certain types of replay attacks and adds another dimension to the key derivation.
Step 4: Each Message Gets Unique Keys
Every message you send uses a unique message key that can never be reused. Once a message is sent, the keys "ratchet" forward—old keys are mathematically destroyed. This provides what cryptographers call "forward secrecy": even if someone obtained your current keys, they couldn't decrypt past messages.
What Council Servers See
When your encrypted message passes through Council's servers, here's what they see:
| What Council Sees | What Council Cannot See |
|---|---|
| Message size | Message content |
| When it was sent | What it says |
| Which network it belongs to | The passphrase |
| Who sent it (user ID) | The encryption keys |
Council's servers are designed to route encrypted messages, not read them. They lack the mathematical ability to decrypt your messages because they never possess the passphrase or your device secrets.
Why This Matters
Traditional messaging services typically hold encryption keys or can reset your password to access your account. With Council:
No Password Reset
If you forget your passphrase, there's no way to recover it—because Council never had it.
No Backdoor Access
There are no "master keys" that could decrypt all messages.
No Compliance Risk
Even if compelled by law enforcement, Council cannot provide message content because they don't have it.
Key Takeaways
- Messages are encrypted on your device before transmission
- Your passphrase and device secrets combine to create encryption keys
- Each message uses unique keys that are destroyed after use (forward secrecy)
- Council servers mathematically cannot decrypt your messages