Many users care deeply about whether Keychat will eventually support a true multi-device experience, where the same ID can be used seamlessly across several devices.
Keychat relies on ratchet algorithms from the Signal and MLS protocols, deriving a fresh encryption key for every single message and discarding it after use. This makes the system inherently stateful—the cryptographic state on each device is constantly evolving—and it ensures that both past and future messages remain protected even if a device’s encryption state is later compromised. This property is known as forward secrecy and backward secrecy (also called post-compromise security).
For exactly this reason, Keychat cannot behave like Nostr DMs (NIP-4, NIP-17), which reuse a static encryption key and therefore lack forward and backward secrecy, or like Telegram, which by default does not use end-to-end encryption, and simply allow the same ID to be logged in and used actively on multiple devices at the same time.
When we think about multi-device support in Keychat, we can start from a baseline design. Suppose Alice and Bob each have a smartphone and a computer with Keychat installed. When they chat, those four devices can conceptually form a four-device group, where each pair of devices maintains its own secure session.
From there, we still need a more refined design that improves this experience and avoids relying on centralized servers.
Replies (6)
nevent1qvzqqqqqqypzpwleyw4fy3sxt7yvgrran0mpenxqlululur94r9jlax0hd3q3rc7qyxhwumn8ghj7mn0wvhxcmmvqyg8wumn8ghj7mn0wd68ytnhd9hx2qg5waehxw309aex2mrp0yhxgctdw4eju6t0qyt8wumn8ghj7un9d3shjtnwdaehgu3wvfskueqqyqhaje6qk978v9z7a4lays50q0dajq3e40555d9ej399hdly734pzat99yf
You could do it where all messages are forwarded to your desktop. It is ok to have every device have a new ID. Bens phone, bens computer. "But what about when a user sees an unfamiliar device send him a dm, I verified bens phone but not bens computer." You can have it have a badge thatsays verified by bens phone.
Not sure if it works like that with fixed public keys. Or at least the initial interaction can be with fixed public keys before switching to signal protocol
This is a very early-stage proposal and does not consider detailed design yet.
Keychat on the phone is the primary device, and Keychat on the computer is the secondary device.
On the phone there are 10 IDs. By default, the first ID is used on the phone, and the second ID is reserved for use on the computer.
After the user has already been using Keychat on their phone, they download and start using Keychat on their computer. On the login page there is a button to log in by scanning a QR code with the phone. When the user scans this code with Keychat on their phone, the second ID is logged in on the computer.
On both the phone and the computer, the first ID and the second ID are linked locally. They are named “Alice’s first ID” and “Alice’s second ID” respectively.
When Bob’s first ID adds Alice’s first ID as a friend, Alice’s first ID will automatically send a message to Bob’s first ID: “This is Alice’s second ID.” If Bob also uses a second ID, his first ID will also automatically send a message to Alice: “This is Bob’s second ID.”
These four IDs then form a small group consisting of four IDs.
If Alice’s first ID pulls Bob’s first ID into an MLS group, after Bob’s first ID joins, it will then pull Bob’s own second ID into the group.
In addition, Alice’s first ID and second ID also have a dedicated chat room. This room can be used to send MLS group invitations, and it can also serve as a personal Notes.
Could it work for this use case?
Bob carries multiple phones, each with the same set of apps and accounts, to provide immediate continuity in case a particular phone is lost / stolen / runs out of battery
In this situation, it works.
Could you tell me how many devices you’d like to sync Keychat across?
Probably 4, max 5/6
5 would be a reasonable upper limit
Great that you are solving this!
