KaChat in brief

Private chat and KAS payments on Kaspa.

KaChat is an app that encodes encrypted message data into Kaspa transaction payloads. Conversation content is encrypted before it leaves your device, then decrypted only by the intended recipient.

How KaChat works

1. Connect

You add a contact by wallet address. KaChat derives conversation routing aliases from key agreement.

2. Encrypt

Each message is sealed with ECDH (secp256k1) + HKDF-SHA256 + ChaCha20-Poly1305.

3. Broadcast

Payloads are carried in Kaspa transactions, using protocol headers under the ciph_msg:1: namespace.

4. Decrypt

The receiver fetches relevant transactions and decrypts locally with their private key.

Protocol at a glance

ciph_msg:1:comm:{alias}:{base64_encrypted_bytes}      # direct message
ciph_msg:1:pay:{encrypted_hex}                       # payment memo payload
ciph_msg:1:handshake:{encrypted_bytes}               # contact signaling / setup
ciph_msg:1:self_stash:{scope}:{encrypted_hex}        # self-stored handshake data

KaChat uses deterministic aliases for routing (with compatibility support for older flows) and keeps payload versioning explicit.

Core features

End-to-end encrypted 1:1 messaging

KAS transfers with optional encrypted payment memo

Voice note and file message support

Deterministic alias routing and handshake compatibility mode

Optional remote push notifications for watched conversations

Optional iCloud sync of encrypted messages and local recovery tools

FAQ: encryption, protocol, and security

What encryption does KaChat use?

KaChat uses secp256k1 ECDH for shared secret creation, HKDF-SHA256 for key derivation, and ChaCha20-Poly1305 for authenticated encryption.

Can node or indexer operators read my message content?

They can see transaction metadata, but not plaintext message bodies. Payload content is encrypted end-to-end.

Does KaChat use Signal-style double ratchet?

No. KaChat uses ECIES-style message encryption with ephemeral sender keys. It provides confidentiality and integrity, but it is not the same as a full double-ratchet design.

Are aliases proof of identity?

No. Alias labels are convenience identifiers. Trust should be anchored to verified wallet addresses and contact confirmation.

What is the handshake used for?

Handshake payloads are used for conversation signaling and compatibility across client versions. Routing aliases are now derived deterministically, not trusted as identity proof.

Are payments private?

Payment notes can be encrypted, but transfer metadata (addresses, amounts, and timing) remains visible on-chain.

Is there a central messaging server?

No single central relay is required for transport. Indexers and push services can improve sync and notifications, but encrypted payloads stay client-side decryptable only.

What happens if I enable iCloud sync?

Encrypted message data can be synchronized. As with typical CloudKit usage, metadata visibility trade-offs may exist at the platform layer.

Legal terms are available in the End User License Agreement (EULA).