Security model
The server holds ciphertext. Only the room holds keys.
Whatping assumes the network and the operator are untrusted. Here is exactly how confidentiality is enforced — not promised.
Keys are born in your browser
Your identity and media keys are generated client-side. Private keys never leave the device in plaintext.
Each room is an MLS group
Joining a room runs the MLS (RFC 9420) handshake. The group secret gives forward secrecy and post-compromise security.
Every track is sealed from the group key
Chat, audio, video and screen-share keys are derived from the room’s MLS group — distinct keys, one source of trust.
The server relays ciphertext
The delivery service and the media SFU forward encrypted frames they cannot decrypt. We verify this end-to-end in tests, not in a policy PDF.
Guarantees
What that buys you
🔒 Confidentiality
The relay and SFU never see plaintext. Even a full server compromise yields ciphertext, not conversations.
⏪ Forward secrecy
Compromising a key today does not unlock yesterday’s messages. MLS ratchets keys forward.
🛡️ Post-compromise security
After a member is removed or a device is healed, the group re-keys — past intruders are locked out.
🌍 Data residency
Pin hosting and the media SFU to the EU or Switzerland. Self-host to keep everything in your perimeter.
📜 Tamper-evident audit
Room activity is logged in a signed trail — useful for diligence and compliance without exposing content.
🚫 No metadata theatre
We minimise what’s collected and are explicit about what the relay can and cannot see.
FAQ
Straight answers
Can Whatping read my messages or calls?
No. We never hold a decryption key. A message stored on our relay is ciphertext; a wrong-key participant on a call decodes zero frames. That property is tested, not asserted.
What crypto do you use?
MLS (RFC 9420) for group key agreement, with AEAD (ChaCha20-Poly1305 / AES-GCM) for media and message frames. Forward secrecy and post-compromise security come from the ratchet, not from rotating passwords.
Where is data hosted?
In the region you choose — EU or Switzerland for data-sovereignty needs. Single-tenant deployments (one app + one database) are available, and you can self-host entirely.
Do you have certifications?
We’re early and honest about it: the crypto core is built on the MLS standard and continuously tested, and we’re on a path toward formal audit and SOC 2 / ISO 27001 with our first design partners. Ask us where we are today.
How does recording stay private?
Recording is explicit and consented — a live badge shows when it’s on. Server-side recording is an opt-in trade-off you control per room.
Verify it yourself
Open a call, share a screen, and watch the SFU relay ciphertext. Seeing beats trusting.