Encrypted chat that uses Gmail as transport. No servers, no data storage, no middleman.
Messages are encrypted with AES-256-GCM on your device before being sent as emails via the Gmail API. Only you and your contact (who share a password) can read them.
- You type a message → it's encrypted on your PC → sent as a Gmail email
- Recipient's ArcaChat picks it up → decrypts it locally → displays it
- Gmail only ever sees encrypted ciphertext
- No chat server. No message database in the cloud. Nothing to hack or subpoena.
- Download
ArcaChatInstaller.zipfrom Releases - Extract and double-click
ArcaChatInstaller.exe - Sign in with Google
- Add a contact by their Gmail address — done
The entire app is two files:
server.py— Python backend (Gmail API, encryption, WebSocket server)static/index.html— React frontend (single file, no build tools)
To run from source:
pip install aiohttp google-api-python-client google-auth-httplib2 google-auth-oauthlib cryptography
python server.py
You'll need a credentials.json from Google Cloud Console (Gmail API, OAuth 2.0 Desktop app).
- Encryption: AES-256-GCM, per-contact shared passwords
- Transport: Gmail API (OAuth2, no app passwords)
- Backend: Python, aiohttp, SQLite
- Frontend: React 18, single HTML file, no build step
- Build: PyInstaller for Windows .exe
Early prototype — looking for testers. If you have a Gmail account and 5 minutes, I'd love your help. Open an issue or reach out.