Actually private.
Every message, every file, every call — encrypted end-to-end with XChaCha20-Poly1305 before it leaves your device. We can't read your messages. Nobody can. Not us, not your ISP, not a court order. The math doesn't allow it.
Your messages belong to you.
Team chat that can't be surveilled. End-to-end encrypted, open source, and self-hostable — with post-quantum cryptography so your conversations stay private today and decades from now.
Onion Address
7yo5wjcz5n62gdoaru2acm72xnajpzoh5tq7cmjrgggpri6l5yjgouid.onion
Open Tor Browser and paste this address for anonymous access.
Built for Privacy
What makes LeetSpeak the last chat app you'll ever need.
Future-proof cryptography.
While other apps wait, we've already deployed ML-KEM-768 post-quantum key exchange alongside X25519. When quantum computers arrive, your message history stays sealed. Today's secrets remain tomorrow's secrets.
Passwords are a liability.
Sign in with FIDO2 passkeys — biometric, hardware key, or platform authenticator. No passwords to phish, leak, or reuse. PRF-based seed derivation means your encryption keys are bound to your passkey. One tap. Full security.
Calls that can't be tapped.
Crystal-clear voice and video with WebRTC, encrypted frame-by-frame using Insertable Streams. Screen sharing, voice activity detection, and mesh topology that scales. All routed through TURN relays so your IP never leaks.
Your infrastructure. Your rules.
Deploy on your hardware with Docker in minutes. PostgreSQL with AES-256 column encryption. MinIO for encrypted file storage. Every line of code is open source, auditable, and yours to fork. No vendor lock-in. No trust required.
Built for everyone.
WCAG 2.1 AA compliant from day one. Semantic HTML, full keyboard navigation, screen reader support, and automated accessibility testing in CI. 62 dedicated accessibility tests ensure nothing regresses.
How we compare.
| Feature | LeetSpeak | Slack | Discord | Signal | Element |
|---|---|---|---|---|---|
| E2E Encrypted | ✓ | ✗ | ✗ | ✓ | ✓ |
| Post-Quantum | ✓ | ✗ | ✗ | ✓ | ✗ |
| Passwordless Auth | ✓ | ✗ | ✗ | ✗ | ✗ |
| Self-Hosted | ✓ | ✗ | ✗ | ✗ | ✓ |
| Open Source | ✓ | ✗ | ✗ | ✓ | ✓ |
| Voice & Video | ✓ | ✓ | ✓ | ✓ | ✓ |
| E2E Calls | ✓ | ✗ | ✓ | ✓ | ✓ |
| Team Channels | ✓ | ✓ | ✓ | ✗ | ✓ |
| WCAG Compliant | ✓ | ~ | ~ | ~ | ~ |
| Free | ✓ | ~ | ✓ | ✓ | ✓ |
Your Data Stays Private
LeetSpeak encrypts every message, file, and call end-to-end before data leaves your device. We use XChaCha20-Poly1305 — the same family of ciphers trusted by security researchers worldwide — with 256-bit keys derived through HKDF and X25519 Diffie-Hellman key agreement.
Authentication is passwordless by default. FIDO2 passkeys eliminate the single biggest attack vector in communication software: passwords. No phishing. No credential stuffing. No password databases to breach. Your encryption seed is bound to your passkey through the WebAuthn PRF extension — your biometric is your key.
We've already deployed post-quantum key exchange (ML-KEM-768) alongside classical X25519, protecting today's conversations against tomorrow's quantum computers. This isn't a roadmap item. It's shipping now.
XChaCha20-Poly1305
X25519
ML-KEM-768
Ed25519
HKDF-SHA256
FIDO2
OPAQUE
Read the full breakdown →
Get LeetSpeak
Native performance on every platform. Built with Tauri 2 — your OS, your hardware, our encryption.
Or skip the download entirely. LeetSpeak works in any modern browser.
Open LeetSpeak in Browser →Security Deep-Dive
For the cryptographers, the auditors, and the paranoid. Here's exactly what we do and why.
Message & File Encryption
Every message is encrypted on your device before transmission using XChaCha20-Poly1305 (RFC 8439 extended-nonce variant) with 256-bit symmetric keys. The extended 192-bit nonce eliminates nonce-reuse risks even at high message volumes — safe for 296 messages per key without collision.
Wire format: version(1B) | key_version(4B BE) | nonce(24B) | ciphertext + tag(16B) Total overhead: 45 bytes per message
Additional Authenticated Data (AAD): Each message binds message_id and timestamp into the AEAD construction. Tampering with metadata is cryptographically detectable.
File encryption uses per-file random 256-bit keys, wrapped with the channel key using domain-separated AAD (file-key-wrap:{channelId}). Files are encrypted client-side before upload to MinIO, which applies an additional layer of server-side KMS encryption.
Key Exchange & Distribution
Direct Messages use an X3DH-like (Extended Triple Diffie-Hellman) protocol for initial key establishment. Each user publishes a pre-key bundle: identity key (Ed25519/X25519), signed pre-key, and a pool of one-time pre-keys.
Alice Bob
------ ----
Identity Key (IK_A) Identity Key (IK_B)
Ephemeral Key (EK_A) Signed Pre-Key (SPK_B)
One-Time Pre-Key (OPK_B)
DH1 = X25519(IK_A, SPK_B)
DH2 = X25519(EK_A, IK_B)
DH3 = X25519(EK_A, SPK_B)
DH4 = X25519(EK_A, OPK_B)
SK = HKDF(DH1 || DH2 || DH3 || DH4)
Post-Quantum Upgrade (PQXDH): An additional ML-KEM-768 encapsulation is mixed into the key derivation, ensuring quantum resistance. Even if X25519 is broken by a quantum computer, the ML-KEM component independently secures the session.
Channel Keys are 256-bit symmetric keys generated by the channel creator and distributed to members via DH-wrapped key distribution.
Passwordless Authentication
LeetSpeak uses FIDO2/WebAuthn as the primary authentication mechanism, with OPAQUE (RFC 9807) as a password-based fallback.
Passkey Flow:
1. Registration creates a resident credential on the user's authenticator (biometric, hardware key, or platform).
2. Login is a challenge-response: server sends a random challenge, authenticator signs it with the private key that never leaves the device.
3. The PRF extension derives a deterministic secret from the passkey, used to decrypt the user's E2E encryption seed — your biometric unlocks your crypto keys.
Why this matters: Passwords are the #1 attack vector. Phishing, credential stuffing, rainbow tables, weak passwords — all eliminated. A FIDO2 credential cannot be phished because it's bound to the origin. It cannot be replayed because each challenge is unique. It cannot be stolen remotely because the private key never leaves the hardware.
Recovery: 8 recovery codes (Argon2id-hashed) allow account recovery if all passkeys are lost.
Transport & Network
Transport: All HTTP and WebSocket traffic is encrypted with TLS 1.3. Protobuf binary serialization over WebSocket minimizes message overhead and parsing surface.
WebRTC: All call media is routed through TURN relays (relay-only ICE transport policy). Your IP address is never exposed to call participants. Media frames are E2E encrypted using XChaCha20-Poly1305 via the Insertable Streams API.
CSP: Strict Content Security Policy headers prevent XSS, clickjacking, and data exfiltration. Script sources are limited to 'self' with nonce-based inline scripts.
CSRF: SameSite=Strict cookies with CSRF token validation on all state-changing requests.
Rate Limiting: Authentication endpoints, file uploads, and user search are rate-limited to prevent brute-force and abuse.
Trust Verification & Auditing
Identity Verification (TOFU): LeetSpeak implements Trust-on-First-Use for identity keys. Each user's identity key fingerprint is stored locally. If a user's key changes, you'll see a prominent warning.
Safety Numbers: Verify any contact's identity through a 60-digit safety number (12 groups of 5 digits). Compare these digits in person or over a trusted channel.
Message Signatures: Every message is signed with the sender's Ed25519 identity key. The recipient verifies the signature, ensuring messages cannot be forged even by the server operator.
Audit Logging: Channel and server actions are logged with actor, target, timestamp, and change details. Admins can review the full audit trail.
Open Source: The entire codebase is public. Every cryptographic decision is auditable. We publish our threat model, security fixes, and test results.
Open Source
LeetSpeak is fully open source. Every line of code, every cryptographic decision, every test result is public and auditable. Transparency isn't a feature — it's the foundation.