Christian Nennemann
92fefda41d
- New elevator pitch: "MLS + PQ-KEM over multi-hop mesh" - Competitive differentiation table vs Meshtastic/Reticulum/Briar - Acknowledge MLS overhead and KeyPackage distribution gaps - Taglines: "Reticulum's mesh + Signal's crypto + post-quantum ready"
6.1 KiB
QuicProChat — positioning
Short copy for site, README excerpts, and investor/partner conversations. Code and technical docs stay English; this file is German with English variants where useful.
Elevator pitch (one line, DE)
QuicProChat ist das einzige Mesh-Protokoll mit MLS-Gruppenencryption und Post-Quantum-Hybrid-KEMs: multi-hop routing über LoRa, WiFi oder QUIC — für Teams, die Reticulum-artige Netzwerk-Resilienz mit Signal-artiger Krypto wollen.
About (~80 words, DE)
QuicProChat kombiniert zwei Welten: die transport-agnostische Mesh-Architektur von Reticulum (Announce-basiertes Routing, Multi-Hop, LoRa/Serial/TCP) mit der Krypto-Stärke moderner Messenger (MLS RFC 9420, Post-Quantum Hybrid-KEMs). Anders als Meshtastic (nur shared-key AES) oder Briar (nur 1-hop) liefert QuicProChat Forward Secrecy UND Post-Compromise Security für Gruppen über Multi-Hop-Mesh. Relay-Nodes sehen nur opake Ciphertext. Für Off-Grid-Teams, Krisenszenarien und Organisationen mit hohen Sicherheitsanforderungen.
Elevator pitch (one line, EN)
QuicProChat is the only mesh protocol with MLS group encryption and post-quantum hybrid KEMs: multi-hop routing over LoRa, WiFi, or QUIC—for teams that want Reticulum-style network resilience with Signal-level cryptography.
About (~80 words, EN)
QuicProChat bridges two worlds: Reticulum's transport-agnostic mesh architecture (announce-based routing, multi-hop, LoRa/Serial/TCP) with the cryptographic strength of modern messengers (MLS RFC 9420, post-quantum hybrid KEMs). Unlike Meshtastic (shared-key AES only) or Briar (one-hop only), QuicProChat delivers forward secrecy AND post-compromise security for groups over multi-hop mesh. Relay nodes see only opaque ciphertext. For off-grid teams, crisis scenarios, and organizations with high security requirements.
Positioning pillars (internal)
- Best-in-class mesh crypto: MLS groups (RFC 9420), post-quantum hybrid KEM (X25519 + ML-KEM-768), forward secrecy + post-compromise security — what Meshtastic and Reticulum lack.
- Transport-agnostic mesh: Reticulum-inspired announce/routing over any medium (QUIC, TCP, LoRa, Serial). Multi-hop with store-and-forward. Not locked to a single transport like Briar (BT/WiFi only).
- Self-hostable, audit-ready: Single Rust binary, MIT licensed, IETF-standard crypto. No phone number, no cloud dependency. Designed for third-party security audit.
Competitive differentiation
| System | Group E2E | Forward Secrecy | Post-Compromise | Post-Quantum | Multi-Hop Mesh | LoRa |
|---|---|---|---|---|---|---|
| Meshtastic | ✗ (shared key) | ✗ | ✗ | ✗ | ✓ | ✓ |
| Reticulum | ✗ (link-only) | link-only | ✗ | ✗ | ✓ | ✓ |
| Briar | ⚠️ Sender Keys | ⚠️ partial | ✗ groups | ✗ | ✗ (1-hop) | ✗ |
| Berty | ? (unaudited) | ? | ? | ✗ | ✗ | ✗ |
| QuicProChat | ✓ MLS | ✓ per-epoch | ✓ MLS Update | ✓ hybrid KEM | ✓ | ✓ |
Anti-positioning (manage expectations)
- Not mature: Meshtastic has 100K+ nodes, Reticulum has 8 years of production. QuicProChat is early-stage research.
- Not a drop-in Matrix replacement: No federation ecosystem, no bridges, no feature parity.
- MLS overhead is real: KeyPackages are ~500-800 bytes. On SF12 LoRa (51-byte MTU), group setup requires fragmentation and burns duty cycle budget. We're designing "MLS-Lite" for constrained links. See
docs/plans/mesh-protocol-gaps.md. - KeyPackage distribution unsolved: MLS needs pre-positioned KeyPackages. Over pure mesh (no server), this is an open problem we're working on.
- Scope v1: niche — security- and ops-conscious teams, crisis scenarios, off-grid deployments.
Tagline options
- "Reticulum's mesh + Signal's crypto + post-quantum ready"
- "MLS over LoRa — because shared keys aren't good enough"
- "The mesh protocol that assumes your relay nodes are hostile"
Key differentiators for pitch deck
vs. Meshtastic
- Their weakness: AES-256-CTR with shared channel key. No forward secrecy. CVE-2025-52464 (low-entropy keys), CVE-2025-53627 (DM downgrade attacks). If channel key leaks, all past and future messages are exposed.
- Our strength: MLS per-epoch keys. Every group operation derives fresh keys. Past keys are deleted. Post-compromise security: any member can heal the group by issuing an Update.
vs. Reticulum
- Their weakness: Link-level crypto only. Each relay hop decrypts and re-encrypts. No end-to-end group encryption. Python-only (no embedded targets).
- Our strength: End-to-end MLS encryption. Relay nodes forward opaque ciphertext. Rust implementation, cross-compile to ARM/MIPS/no_std. IETF-standard crypto (MLS RFC 9420).
vs. Briar
- Their weakness: One-hop only (BT/WiFi range limits). 4x battery drain from constant scanning. Mandatory contact pairing before any communication.
- Our strength: Multi-hop mesh routing (km-scale via LoRa). Configurable announce intervals for battery management. Optional contact pairing (can discover via announce).
vs. Signal/Matrix
- Their weakness: Requires Internet connectivity. Centralized infrastructure (Signal) or complex federation (Matrix). Not designed for mesh/off-grid.
- Our strength: Works fully offline over LoRa/Serial/mesh. Self-hostable single binary. No phone number required.
The "harvest now, decrypt later" pitch
All competitors are vulnerable to quantum computers collecting encrypted traffic today:
2026: Adversary records all mesh traffic
2035: Quantum computer operational
Meshtastic: AES-256-CTR (symmetric) → quantum-safe ✓ (but no forward secrecy anyway)
Reticulum: X25519 (ECDH) → quantum-broken ✗
Briar: X25519 (Double Ratchet) → quantum-broken ✗
QuicProChat: X25519 + ML-KEM-768 → quantum-safe ✓ (hybrid belt-and-suspenders)
QuicProChat's hybrid KEM: both classical AND post-quantum KEMs must be broken. If either survives, the content is protected.
Last updated: 2026-03-30