Secure By Design

How MeshCore Keeps Messages Safe

MeshCore protects your communications through proven encryption, decentralized architecture, and transparent open-source code.

Security As Foundation, Not Feature

Off-grid MeshCore communications often involve sensitive content: your location during backcountry trips, your group's whereabouts, coordination with companions. MeshCore was engineered with security as a core architectural principle, not a marketing afterthought.

Messages travel via LoRa radio through a decentralized mesh. No central servers store your data. No company can hand over what it does not possess. Security still depends on the actual implementation details, so RegionMesh now describes those details more carefully.

RegionMesh helps communities across America establish secure, resilient off-grid communications. Independent, free, built on cryptographic foundations trusted worldwide.

Security Architecture

πŸ”

Current Private-Message Encryption

Private messages are encrypted in the current MeshCore implementation, which upstream code and docs describe as AES-128 block encryption with MAC validation.

πŸ”‘

Secure Key Exchange

MeshCore relies on shared keys and MAC validation in the current implementation. RegionMesh no longer presents it as a modern per-conversation protocol like Signal.

πŸ›‘οΈ

Serverless Architecture

No central servers exist to store, analyze, or surrender messages. Data travels directly between devices.

πŸ“‘

Encrypted Relay

Intermediate nodes forward encrypted packets. RegionMesh avoids overstating the current model beyond what upstream code and docs support.

πŸ”“

Open Source Verification

Every line of code is public. Security researchers audit for vulnerabilities. Transparency builds trust.

βš™οΈ

No Hidden Access

Public code means no secret backdoors. Community verification ensures no surveillance mechanisms exist.

Technical Security Mechanisms

Private-Traffic Protection

Private traffic is encrypted before transmission. RegionMesh now describes that protection in a narrower, more implementation-aware way than classic end-to-end messaging apps.

Distributed Trust

No single point controls security. Even if individual nodes are compromised, the overall system remains secure.

Forward Secrecy Approach

RegionMesh no longer claims forward secrecy here. The current implementation should be described more modestly: useful protection, but with different trade-offs than modern secure messengers.

Integrity Verification

Cryptographic checksums detect any tampering during transmission. Modified messages are identified and rejected.

Security Advantages

πŸ”

Bank-Grade Encryption

Private MeshCore traffic is better protected than open radio traffic, but RegionMesh now avoids broad AES-256 claims on top of the current implementation.

πŸ›οΈ

No Corporate Visibility

Unlike iMessage or WhatsApp, no company infrastructure handles your traffic. No terms of service changes can expose your data.

πŸ“±

Device-Based Keys

Encryption keys never leave your device. Security depends on your hardware, not external services.

πŸ”

Verifiable Claims

Open-source code means security experts worldwide can verify every claim. No trust required – verify instead.

🌐

Resistant To Blocking

Decentralized architecture prevents shutdown or filtering. No central point to target.

⚑

Offline Security

Encryption works without internet connection. Full protection even during complete infrastructure absence.

When Security Matters Most

  • βœ“

    Backcountry coordination: Share sensitive location and status information without interception concerns.

  • βœ“

    Family privacy: Keep personal conversations genuinely private, away from commercial platforms.

  • βœ“

    Organizational resilience: Maintain confidential internal communications when regular systems are unavailable.

  • βœ“

    Community organization: Coordinate neighborhood activities without surveillance concerns.

  • βœ“

    Sensitive circumstances: When discretion matters, MeshCore provides genuine confidentiality.

  • βœ“

    Peace of mind: Know your communications are protected by established cryptographic standards.

Security Questions

Is MeshCore Encryption Genuinely Secure?

The current implementation offers useful protection and is materially better than sending radio traffic in the clear. For technical specifics, see our detailed encryption guide, which now reflects the upstream code and documentation more closely.

Could Authorities Access My Messages?

Private messages are encrypted in the current MeshCore implementation. Public channel traffic remains visible to participants on that channel.

What About Metadata Exposure?

Metadata (who contacts whom, when, from where) is more visible than content. For maximum privacy, use pseudonymous identities and disable automatic location sharing.

Is Open-Source Actually More Secure?

Generally yes. Proprietary software requires trusting the company. Open-source enables independent verification by security experts. Transparency provides stronger assurance than promises.

What If My Device Is Stolen?

Device physical security is your responsibility. Protect with PIN or password. Without access to your unlocked device, stored messages remain encrypted.

How Does This Compare To Signal Or WhatsApp?

Signal and WhatsApp encrypt message content but require internet and transit company servers. MeshCore works without internet and has no company servers. Different trade-offs, but MeshCore devices offer greater infrastructure independence.

Communications You Can Trust

MeshCore still offers meaningful privacy advantages for off-grid communications: no central servers, no company in the middle, and encrypted private traffic. RegionMesh now describes the exact cryptography more carefully than before.