NexVerse is engineered under one primary assumption: the network is hostile. We do not trust ISPs, we do not trust edge nodes, and most importantly, we do not trust ourselves.
Every message is encrypted on your local device using Advanced Encryption Standard (AES) with a 256-bit key in Galois/Counter Mode (GCM). This provides robust confidentiality and authenticity. An attacker intercepting the data sees only cryptographically secure static noise.
Session keys are continuously rotated. The compromise of one session key does not compromise past messages or future communications. The Double Ratchet algorithm guarantees perfect forward secrecy, ensuring long-term damage mitigation.
NexVerse edge relays function strictly as routing pipelines. They hold encrypted blobs waiting for delivery. They cannot decrypt the payload. Once the recipient downloads the message, the blob is wiped from memory globally within milliseconds.