Ephemeral P2P encrypted messaging over I2P. No server, no accounts, no message persistence.
- End-to-end encrypted - X3DH key agreement + Double Ratchet (ChaCha20-Poly1305)
- Anonymous transport - all traffic routes through the embedded I2P router; no IPs exchanged
- No persistence - messages live only in RAM, wiped by TTL or on demand
- Self-contained - embedded I2P router, no external software required
- No accounts - identity is ephemeral, generated fresh each session
On launch, ech0 starts an embedded I2P router and establishes an anonymous session. Once ready, a shareable ech0:// link is generated. Send it to your peer over any channel - when they paste it in, both sides perform an X3DH handshake over the I2P tunnel and begin exchanging encrypted messages.
Messages expire automatically by a configurable TTL (30s / 1m / 5m / session). The wipe button destroys all messages, session keys, and identity material immediately.
See ARCHITECTURE.md for the full cryptographic and transport design.
Pre-built binaries are published automatically via GitHub Actions on every version tag. Download the latest from the Releases page:
| Platform | Artifact |
|---|---|
| Windows | ech0_*_x64-setup.exe (NSIS installer) |
| macOS | ech0_*.dmg |
| Linux | ech0_*_amd64.deb / .AppImage |
| Android | app-universal-release-unsigned.apk |
- Node.js 20+
- Rust via rustup - must use
rustup, not a standalone installer
Dependency note:
emissary-util(the embedded I2P reseeder) requires a local patch for compatibility with Rust 1.77+. The patch lives invendor/emissary-util/and is wired up via[patch.crates-io]insrc-tauri/Cargo.toml- no extra steps needed, Cargo picks it up automatically.
Additional requirements:
- Visual Studio Build Tools 2022 with Desktop development with C++
- WebView2 (included in Windows 11; install manually on Windows 10)
.\scripts\build-windows.ps1Output: src-tauri\target\release\bundle\nsis\ and \msi\
Additional requirements:
- Xcode Command Line Tools:
xcode-select --install
chmod +x scripts/build.sh && ./scripts/build.shOutput: src-tauri/target/release/bundle/dmg/
Additional requirements:
sudo apt-get install -y \
libwebkit2gtk-4.1-dev libssl-dev libgtk-3-dev \
libayatana-appindicator3-dev librsvg2-devchmod +x scripts/build.sh && ./scripts/build.shOutput: src-tauri/target/release/bundle/deb/ and /appimage/
The Android build toolchain requires Linux. On Windows, use WSL2 (included with Windows 11; install via Microsoft Store on Windows 10).
# First time: WSL2 + Ubuntu 24.04 setup (run once)
wsl --install -d Ubuntu-24.04
# Then, every build:
.\scripts\build-android.ps1
.\scripts\build-android.ps1 -Debug # debug APKThe PowerShell script automatically converts line endings and delegates to WSL. The bash script inside WSL installs all dependencies on first run (Node 20, JDK 17, Android SDK, NDK 27.2.12479018, Rust Android targets).
chmod +x scripts/build-android.sh
bash scripts/build-android.sh # release APK
bash scripts/build-android.sh --debug # debug APKThe script installs all Android prerequisites automatically. Only sudo password required for apt packages.
Output: src-tauri/gen/android/app/build/outputs/apk/universal/release/app-universal-release-unsigned.apk
npm install
npm run tauri dev # Vite + Tauri hot reloadech0 is designed to minimize data exposure through cryptographic and ephemeral messaging techniques. However, no software can provide absolute security against all forms of attack. Sophisticated adversaries with extensive resources, such as state-level actors, may have capabilities to compromise even well-designed systems. The app does not guarantee 100% protection against advanced attacks or unknown vulnerabilities.
ech0 is intended for legitimate privacy and security purposes. It should not be used for illegal activities. The developers do not endorse or encourage any malicious use of this software.
GPL-3.0. See LICENSE.