Arnon

You are none.

End-to-end encrypted messaging with zero metadata. No servers. No phone number. No identity.

What is Arnon?

Arnon is a private messenger for people who need real privacy — journalists, activists, dissidents, or anyone who doesn't want to be tracked. Unlike Signal or WhatsApp, Arnon requires no phone number, no email, and no registration. You create a passphrase, and that's your identity.

How it works

1. Identity — A passphrase generates your cryptographic keys locally. Nothing is sent anywhere.
2. Contacts — Exchange URIs out-of-band (in person, another channel). No contact discovery server.
3. Messaging — Messages are encrypted with the Double Ratchet protocol (same as Signal) and sent through a blind relay.
4. Relay — The relay holds encrypted blobs. It can't read them, doesn't know who sent them, and doesn't know who they're for.

Architecture

[Alice] ←→ Double Ratchet ←→ [Blind Relay] ←→ Double Ratchet ←→ [Bob]
                                    ↑
                          Encrypted blobs only.
                          No metadata. No logs.

Encryption: Noise XX handshake → Double Ratchet (X25519, ChaCha20-Poly1305, BLAKE2s)

Forward secrecy: Every message uses a new key. Compromise one key, past messages stay safe.

Zero metadata: The relay sees encrypted blobs arrive and get picked up. It doesn't know who is who.

Components

Crate	Description
core-crypto	Double Ratchet, Noise XX, key management, identity storage
arnon-relay	Blind relay server (queue-based blob storage)
arnon-cli	Command-line messenger (full featured)
arnon-desktop	Tauri desktop app (macOS, Linux, Windows)

Quick Start

Desktop App

Download from arnon.app or GitHub Releases.

CLI

# Create identity
arnon-cli init --identity alice.db

# Add a contact (exchange URIs out-of-band)
arnon-cli add-contact --identity alice.db --name bob --uri "arnon://v0/..."

# Chat
arnon-cli chat --identity alice.db --contact bob --relay 127.0.0.1:9443

Run your own relay

# Download the relay binary from releases, or build from source:
cargo build --release --bin arnon-relay
./target/release/arnon-relay --dev-tcp 0.0.0.0:9443

The relay holds only encrypted blobs. Running your own means even the relay operator (you) can't read messages.

Building from source

git clone https://github.com/atas2390/arnon.git
cd arnon

# CLI
cargo build --release --bin arnon-cli

# Relay
cargo build --release --bin arnon-relay

# Desktop app
cd crates/arnon-desktop
npm install
npm run tauri build

Security

• Encryption: X25519 key exchange, ChaCha20-Poly1305 AEAD, BLAKE2s hashing
• Protocol: Noise XX → Double Ratchet with HKDF-SHA256 key derivation
• Identity storage: Argon2id encrypted keyfile
• Traffic analysis resistance: Fixed-size padded messages, dummy traffic, receipt suppression
• No phone number, no email, no registration

See SECURITY-AUDIT.md for a detailed security analysis.

Public relay

Two relays are available:

• TCP: relay.arnon.app:9443 (Helsinki, EU) — fast, but your IP is visible to the relay
• Tor: vp43lwvqoihvmi4nvefygemchkeh6seh34hoezgnfztaewqaysbdimid.onion:9443 — slower, but fully anonymous

The relay sees only encrypted blobs. You can run your own relay for additional privacy.

License

MIT — see LICENSE.

Credits

Built by Particular Ltd.