DEEP DIVE
Your Keys, Your Choice: Introducing Selectable Encryption on Sryptos
At Sryptos, our foundational promise is to give you absolute control over your privacy. Today, we're taking that promise a step further by introducing Selectable Encryption. You can now choose the perfect balance of security and convenience for each of your conversations. This is a powerful new feature, and this post will break down what it means, how it works, and how to choose the right mode for you.
The Two Choices: E2EE vs. Synced AES
Until now, all Sryptos chats used our highest security mode: End-to-End Encryption (E2EE). We've now added a second option, Synced AES-256, which offers robust encryption with the convenience of multi-device chat history. Let's compare them.
End-to-End Encryption (E2EE)
The digital vault. Maximum security, single-device focus.
Synced AES-256
The secure sync. Strong encryption that follows you.
How It Works: A Look Under the Hood
Both methods use industry-standard, battle-tested cryptography (AES-GCM), but they differ in how the encryption keys are managed. Our commitment to open standards is a core part of our philosophy at BHK Vision Labs.
End-to-End Encryption (E2EE)
This is the gold standard for private communication. Your device generates a unique private/public key pair for each conversation. The private key never leaves your device. Your public key is shared with your contact via our Firestore backend, and you receive theirs. A shared secret key is then derived using Elliptic-curve Diffie-Hellman (ECDH). This shared key is what encrypts and decrypts your messages. Because only the two participating devices have the keys, no one in the middle—not even Sryptos servers—can read the content.
Synced AES-256 (AES-GCM)
This mode is designed for convenience without sacrificing strong encryption. Instead of a key pair per chat, this mode uses a single, powerful master key derived from your account credentials. When you send a message, it's encrypted on your device using this key with AES-256-GCM. The encrypted message is sent to our server and then to your recipient. If you log in on another device, that device also gets access to your master key, allowing it to decrypt your entire chat history. While Sryptos servers temporarily handle the encrypted "blobs" of data, we never have access to the master key needed to decrypt them.
Which Mode Should You Choose?
| Choose E2EE if... | Choose Synced AES if... |
|---|---|
| You prioritize maximum possible security above all else. | You frequently switch between a phone and a computer and need your chats to be there. |
| Your conversations are highly sensitive (e.g., journalism, activism). | Convenience and ease-of-use are your primary concerns. |
| You primarily use one device for Sryptos. | You are comfortable with a security model similar to other major messengers, but with stronger privacy guarantees. |
How to Change Your Settings
You can set your default preference for all new chats by going to Settings > Encryption. When you create a new chat, it will automatically use your chosen default. You can also override this setting for any individual chat in that chat's info panel. Remember, changing the mode only affects new messages; old messages remain encrypted with the previous method. The user-centric design of our tools is a hallmark of BHK Vision Labs.
Our Commitment to Your Privacy
By offering this choice, we are reaffirming our core belief: you should be in control. Whether you need the impenetrable fortress of E2EE or the secure convenience of Synced AES, Sryptos provides the tools to communicate freely and privately, on your terms. We will continue to build features that empower you, not us.