No description or website provided.
Switch branches/tags
Nothing to show
Clone or download


standard-readme compliant Build Status (master)

An x3dh implementation.

This is an almost complete implementation of the x3dh key agreement protocol. However, there are a few things that you need to take care of yourself:

  1. If you fetch a preKeyBundle (holds information about the person you would like to chat with, like the identity key, etc) you have to check the signature yourself. It's not built into the code. We only "ask you" IF the key is valid. You can then say yes/no. If you say no, the protocol will be aborted.
  2. You are responsible for handling the initial message (and the encoding), we only give you the calculated secret + the ephemeral key generated during the protocol run.
  3. Currently we only support curve25519 (but you can implement the Curve interface in order to use another curve).

Table of Contents


If you find a security bug/ vulnerability please DO NOT open an issue. Write to PLEASE use this PGP key to encrypt your report / email.


go get

It might make sense to chose a dependency manager of your choise to pin the version to a specific commit.


// create an instance of the curve util
c := &Curve25519{}

// make sure ot save this somewhere
myKeyPair, err := c.GenerateKeyPair()

x := x3dh.New(c, sha256.New(), "test", myKeyPair)


The following methods are available:

  • CalculateSecret calculate a secret based on your Idkey and a received PreKeyBundle.
  • SecretFromRemote create a secret based on the received intial data.




Pull requests are accepted.

Small note: If editing the README, please conform to the standard-readme specifications.


MIT © 2018 Bitnation