NoFuture

Security  A post-quantum encryption layer that runs between you and any mainstream chat platform. By the time your message enters WhatsApp, Telegram, or Signal, it is already unreadable ciphertext.

The problem it solves

Proposals like the EU's ChatControl regulation aim to mandate that messaging platforms scan all private communications before encryption — or install backdoors that law enforcement can access on demand. The political and legal fight against such measures is necessary. It is also insufficient on its own.

NoFuture takes a different approach: it makes the question irrelevant at the technical level. Encryption happens locally, in your browser, before the message touches any platform. What the platform receives, stores, and could theoretically be compelled to hand over is ciphertext. There is nothing behind the backdoor.

It works with the platforms you already use. No migration, no convincing your contacts to switch apps.

How it works

NoFuture sits outside the chat platform as a detached encryption layer. The workflow is straightforward:

  1. Both parties open NoFuture (hosted instance or self-hosted binary).
  2. One party generates a keypair and shares a Session ID through the chat platform of their choice — this is the only unencrypted exchange.
  3. Both parties synchronise sessions using the Session ID.
  4. From that point on, all messages are encrypted in NoFuture before being pasted into the chat. The platform carries ciphertext blobs it cannot read.

The platform never sees plaintext. Session keys are ephemeral and destroyed at session end. No account, no registration, no server-side state.

Post-quantum cryptography

NoFuture uses algorithms from the NIST post-quantum standardisation process, designed to remain secure against both classical and quantum computer attacks:

  • Kyber1024-90s — key encapsulation mechanism. Establishes a shared secret between two parties without transmitting the secret itself. Secure against Shor's algorithm and known quantum attacks.
  • XChaCha20-Poly1305 — symmetric authenticated encryption. Fast, constant-time, and immune to timing side-channels. The same cipher used in WireGuard and modern TLS deployments.
  • Dilithium5-AES — digital signatures. Proves message authenticity and detects tampering. Post-quantum secure.

The combination means that a future adversary with a quantum computer cannot retroactively decrypt intercepted sessions, even if they stored the ciphertext today.

Memory protection

Key material is handled via memguard, a Go library for secure in-process memory management:

  • Sensitive buffers are allocated in locked memory pages (mlock) — the OS cannot swap them to disk.
  • Key material is encrypted inside the process while not in active use.
  • On session end, buffers are wiped with a guaranteed zeroing pass before deallocation — no key fragments remain in heap memory.
  • Protection holds even against a local attacker with root access attempting a memory dump.

Additional protections

  • Virtual keyboard — optional randomised on-screen keyboard layout, defeats keyloggers recording physical keystroke sequences.
  • Ephemeral sessions — each session generates fresh key material. No session reuse, no long-term key exposure.
  • Zero server-side state — the server (or hosted instance) never stores messages, keys, or session data. Nothing to subpoena.
  • Single binary deployment — self-hosting requires no runtime dependencies. One Go binary, one command.

See it in action

The video below demonstrates a complete session: two users establish a secure NoFuture session and exchange encrypted messages through WhatsApp Web. The platform carries ciphertext throughout.

Try the hosted instance or deploy the binary on your own infrastructure. No account, no data collected.

Open NoFuture →    Source code on GitHub →