Navigation Menu

Skip to content


Repository files navigation


Travis Build Status Coverity Scan Build Join the chat at

An implementation of the axolotl ratchet ( based on libsodium.


how to get the code

After cloning the repository, the git submodules have to be initialised and updated:

$ git clone
$ git submodule update --init --recursive


Molch depends on the following:

  • libsodium
  • protobuf-c
  • Meson (build and tests)
  • C-Compiler (build)
  • C++-Compiler (build)
  • Clang Static Analyzer (tests)
  • Address Sanitizer (tests)
  • Undefined Behavior Sanitizer (tests)
  • Valgrind
  • Lua (optional, for Lua-Bindings)
  • Swig (optional, for Lua-Bindings)
  • Doxygen (optional, documentation)
  • Graphviz (optional, documentation)
  • Android-NDK (optional, for Android builds)

On Ubuntu:

sudo apt-get install libsodium18 libsodium-dev libprotobuf-c-dev libprotobuf-c1 libprotobuf-c1-dbg libprotobuf9v5:armhf protobuf-c-compiler clang libubsan0 libasan0 libasan1 libasan2 valgrind liblua5.3 lua5.3 liblua5.3-dev swig doxygen graphviz meson

On Arch:

sudo pacman -S clang-analyzer libsodium valgrind swig lua doxygen graphviz protobuf-c meson

On Max OS X (via homebrew):

brew install libsodium valgrind swig lua graphviz doxygen protobuf-c meson

supported platforms

Molch is constantly tested on the following platforms:

processor os
x86_64 Archlinux
i686 Ubuntu 16.04
ARMv7hf Archlinux ARM
AArch64 Archlinux ARM
PowerPC Apple G4 Gentoo
x86_64 Mac OS X 10.11 El Capitan

how to build

To build Molch run the script from the project root.

To run all tests, run ./ from the project root. Or you can run the scripts separately:

  • For normal build and tests with and without valgrind
  • To build and run with AddressSanitizer and UndefinedBehaviorSanitizer
  • static-analysis.: To run clang static analyzer
  • To create the documentation

on android

  1. ./
  2. ./
  3. cd molch
  4. ./
  5. exit
  6. ./
  7. ./

format of a packet

Molch uses Googles Protocol Buffers via the Protobuf-C library. You can find the protocol descriptions in lib/protobuf.


This is a brief non-complete overview of the cryptographic primitives used by molch. A detailed description of what molch does cryptographically is only provided by its source code at the moment.

Molch uses only primitives implemented by libsodium.

Key derivation: Blake2b Header encryption: Xsalsa20 with Poly1305 MAC Message encryption: XSalsa20 with Poly1305 MAC Signing keys (used to sign prekeys and the identity key): Ed25519 Other keypairs: X25519 Key exchange: ECDH with X25519

Molch allows you to mix in a low entropy random source to the creation of signing and identity keypairs. In this case, the low entropy random source is used as input to Argon2i and the output xored with high entropy random numbers provided by the operating system.

Want to help?

Take a look at the file CONTRIBUTING. And look for GitHub Issues with the help wanted label.


This library is licensed under the ISC license.

More about information can be found in the file