End-to-end encrypted
point-to-point messaging.
Messages are encrypted on your device with X25519 + AES-256-GCM and Signal-style forward-secret ratcheting. Our relay never sees plaintext. Add contacts by Platytalk handle or scan a QR. Mandatory MFA via Microsoft Authenticator. Disappearing messages. Group chats. Delete anywhere — really anywhere.
Mission profile
Zero-knowledge relay
The relay only routes opaque ciphertext. Keys never leave your device.
Multi-device sync
Read on desktop or browser. Messages sync — and disappear — everywhere.
Disappearing
Set a TTL per conversation. Messages self-destruct on every device once it expires.
Group chats
End-to-end encrypted group sessions with sender-key ratcheting per recipient.
Add by handle / QR
Find contacts by their Platytalk handle, or scan a one-shot QR / invite link.
Delete everywhere
Tombstone a message and it vanishes from every linked device — yours and theirs.
Cryptography
- Identity · long-term X25519 + ECDSA-P256 signing key per device
- Session · X3DH-lite handshake → 32-byte conversation root key
- Per-message · HKDF-SHA256 derived AES-256-GCM key, fresh nonce, AAD-bound counter
- Forward secrecy · ephemeral DH ratchet on every outgoing message
- Verification · 60-digit safety numbers — compare in person or over a trusted channel
- Identity binding · Microsoft account (Entra ID / personal MSA) with Microsoft Authenticator MFA
Why Microsoft sign-in?
Platytalk doesn't want to manage your password, can't SIM-swap your phone, and never sees your MFA codes. By delegating identity to Microsoft you get enterprise-grade account protection (Authenticator, passkeys, conditional access if your org uses Entra ID) for free — and Platytalk only ever receives a signed assertion that you are who you say.
Download
Platytalk is included in PlatypusTools — Security tab — or use the web client at platytalk.platysoft.com.