Open Source · Privacy First

Messaging that stays yours.

HamGoftar is an end-to-end encrypted, peer-to-peer messaging platform. Your conversations live on your devices — not on our servers. No tracking. No middlemen. Just private chat.

  • E2E encrypted by default
  • Works offline
  • Self-hostable
Signal Direct when possible

Devices connect peer-to-peer first and only fall back when the network needs it.

Trust Visible security state

Identity, relay, and delivery states are shown as calm, readable status cues.

Flow Offline-ready by design

Messages can be relayed securely when a peer is not online, then delivered later.

E2EE Encrypted by default
P2P Direct device-to-device
3+ Platforms supported
100% Open source

Features

Built for privacy. Engineered for reliability.

Every message is encrypted on your device before it leaves. Here's what makes HamGoftar different.

End-to-End Encryption

X3DH key agreement and Double Ratchet protocol keep every message forward-secret and self-healing.

Peer-to-Peer

libp2p with WebRTC lets your messages travel directly between devices. The server only helps you find each other.

Cross-Platform

Native experiences on Web, Desktop (Windows, macOS, Linux), and Mobile (Android & iOS) — all sharing one secure core.

Offline Delivery

Encrypted message blobs are safely relayed when your contact is offline and delivered the moment they return.

Local Storage

Your conversation history stays on your device, encrypted at rest. No central database of your private chats.

Open Source

Every line is auditable. Self-host the signaling server on your own infrastructure, on your LAN, or behind your VPN.

How it works

From install to encrypted chat in four steps

No phone numbers. No email required. Just a username and strong cryptography.

1

Generate identity

Your device creates Ed25519 and X25519 key pairs locally. Nothing leaves your machine.

2

Register a username

Public pre-key bundles are uploaded so contacts can find and start secure sessions with you.

3

X3DH handshake

Clients negotiate a shared secret asynchronously — even if the recipient is offline.

4

Chat with forward secrecy

Double Ratchet delivers every message with a fresh key, self-healing if compromised.

Everywhere you are

One secure core. Three great apps.

Start on your phone, continue on your laptop. Your identity and conversations sync securely.

Web App

Install-free progressive web app that runs directly in your browser with full P2P support.

ReactVitePWA

Desktop

Native installers for Windows, macOS, and Linux with local storage and system integration.

ElectronWin / Mac / Linux

Mobile

Native mobile clients with low-power background delivery and secure keychain storage.

React NativeExpoAndroid · iOS

Security

Transparent cryptography. No magic.

Industry-standard primitives, auditable code, and a protocol designed for the modern threat model.

  • Forward secrecy on every message

    Double Ratchet derives a unique message key per message. Compromise of one key reveals nothing else.

  • Self-healing after compromise

    Every DH ratchet step provides break-in recovery — your future messages re-establish secrecy automatically.

  • Asynchronous key agreement

    X3DH lets anyone send you a first message securely even when you are completely offline.

  • Signed device identity

    Every signaling request and offline relay blob is Ed25519-signed with replay protection.

Cryptographic stack

Long-term identityEd25519
Key agreementX25519 · X3DH
Message cipherXChaCha20-Poly1305
Key derivationHKDF-SHA256
Session protocolDouble Ratchet
TransportNoise · libp2p
Every primitive is widely reviewed by the cryptographic community. Nothing custom or proprietary.

Get started

Running in under a minute

Clone, install, start. Your own private messaging stack on localhost.

terminal
# 1. Clone the repository $ git clone https://github.com/tahamoeini/HamGoftar.git $ cd HamGoftar # 2. Install dependencies (pnpm 10+, Node 22+) $ pnpm install # 3. Start server + web app together $ pnpm start # → Server: http://127.0.0.1:8787 # → Web app: http://127.0.0.1:5173

Take back your conversations.

Join developers and privacy advocates building a messaging platform that respects your data and your freedom.

View on GitHub Read the docs