Kyber-1024 · Post-Quantum · Sovereign Roadmap

Secure Chat.
Private by design.

Secure Chat by AnA Devyra — post-quantum encrypted messaging built for people who don't want a profile. No phone number. No email. Just a node ID and conversations no one — not even us — can read. With Stories, voice transcribe + translate, encrypted groups, and smart replies — all sealed end-to-end on your device.

End-to-end encrypted Zero metadata Direct APK · no store On-device ML
Get Secure Chat for Android

Direct APK, hosted on GitHub Releases. Install in under a minute. Works on any device running Android 8.0 or later.

Version
2.40.27
Android
8.0+
Size
274 MB
Download APK
GitHub Releases · Updated 2026-06-02
Android may warn about installing from outside the Play Store — tap Install anyway and grant Allow from this source once. The APK is signed; you can verify the SHA in every release.
1024
Bit Kyber Key
0
Server Plaintext
190+
Shipped Features
B2B
Enterprise Ready

The feeling of a message no one else will ever read.

Open the app. Pick a contact. Type. Hit send. The bytes that leave your phone are sealed with post-quantum keys and a fresh ratchet — and on the other side, your friend gets a clear, untouched message. Nothing in between can read it.

Sealed before it leaves Server is blind On-device crypto only
Capabilities · 2.40.27

A real messenger — sealed all the way down.

Post-quantum crypto, on-device intelligence, and the everyday features people actually use — Stories, voice transcribe, smart replies, encrypted groups. Sealed before they leave your phone.

Cryptography
Kyber-1024 Post-Quantum
ML-KEM-1024 key exchange — NIST-standardized. AES-256-GCM payload. Built to outlive quantum.
Double Ratchet Forward Secrecy
Every message gets a fresh ephemeral key. Compromise one — exactly one — message. Nothing before, nothing after.
Verified Contacts ✓
On-device safety-number ratchet. Verify a contact once — the ✓ pill follows them through every chat, header, and contact list.
Identity
No Phone Number
Sign up with a node ID — a cryptographic identifier you control. Your number stays your number.
No Email Required
No inbox to compromise, no recovery loop to phish. Lose your device, lose the account — that's the point.
Decoy Mode
A second PIN reveals a separate, innocuous account. Plausible deniability, built in.
Ghost Mode
Hide your presence entirely — last-seen, online dot, typing indicator, read receipts. You see them; they don't see you.
Panic Mode
One trigger and the real account wipes — keys, messages, contacts, gone in seconds. Restore later from a backup, or don't.
Conversations
Stories ✨
24-hour Stories with 10 gradient backgrounds, emoji reactions, viewer stats, and per-contact privacy. Same E2E pipeline as DMs — the server is blind.
Voice Notes + Transcribe
Record, send, transcribe on-device with one tap. Translate to 17+ languages — including Hindi, Russian, Spanish, Arabic — all locally. Audio never leaves the encrypted envelope.
Smart Replies
Multilingual ML Kit suggestions appear over the composer for fresh messages and pop on tap for any older one. Inference 100% on-device — your text never leaves the phone.
Send Effects
Celebration overlays — confetti, hearts, fireworks — triggered by phrases or sent on-demand. Pure on-device animation; nothing extra goes through the server.
Vanish Mode
Disappearing messages with per-thread timers. They go — from both phones, and from the server too.
Encrypted Groups
Group chats with sender authentication, per-participant ratchets, in-group voice transcribe + translate, and send effects for everyone.
Special Days
Birthdays, anniversaries, festivals — track the dates that matter and get a private nudge in the morning. Wishes broadcast E2E, server never sees the occasion.
Burner / View-Once Photos
Send a photo that vanishes the moment they look at it. One view. No forward, no save, no screenshot — the receiver sees it once and it's gone forever.
Stealth Messages
Sender hides the content behind a tap-to-reveal blur. The bubble shows nothing — even on a glance at the lock screen.
Time-Lock Seal
Write today, deliver later. The bubble shows as sealed until the unlock time you pick — even the receiver can't peek before then.
Saved Messages
A private notes-to-self channel built right into your chat list. Drop links, photos, audio thoughts — encrypted, on-device, off the cloud.
Calls
Encrypted Voice Calls
WebRTC with DTLS-SRTP. End-to-end encrypted, with a TURN fallback for restrictive networks.
Encrypted Video Calls
Face-to-face that nobody intercepts. Same crypto stack as voice — no compromise for video.
Power user
Chat Folders
Custom folders organize chats — work, family, signal-only. Switch with a swipe; never lose a thread to the scroll.
Multi-select Messages
Long-press any message, tap more, bulk forward · copy · delete · star across a whole thread.
Passcode per Chat
Lock individual chats with their own PIN. Even someone with your phone unlocked can't open them.
Photo OCR
Extract text from any received image — on-device. Copy a phone number, an address, a code without re-typing.
Forward Count Pill
See how many times a message has been forwarded. Decide for yourself how much weight to give it.
Global Regex Search
Power-user toggle: search across every chat with regular expressions. Local, indexed, instant.
Scheduled Messages
Write today, deliver at 6 AM tomorrow — or every Monday at 9. One-time, daily, or weekly recurrence. The phone holds it locally until it fires.
Quiet Hours
Set a daily start + end and notifications stay silent in between. Auto-resume the next morning. Per-contact muting layers on top.
Infrastructure
Business · Enterprise hosting
Need a private deployment for your team? We run secure dedicated instances with custom domains, policy controls, and ongoing operational support. Reach out at team@anadevyra.com.
Zero Metadata
No access logs. Ephemeral system logs. Comprehensive auto-cleanup across every server surface — nothing useful sticks around.
Stealth Tunnel
Cover traffic and adaptive privacy patterns that blur the shape of your conversations.
Architecture

How it works.

Three layers between you and a watcher. Each one ends in failure for the watcher.

01
Keys live on your device
Your phone generates an ML-KEM-1024 keypair the first time you launch the app. The private key never leaves the device. Servers only ever see ciphertext.
02
Sealed in transit
Every message is wrapped in a fresh Double Ratchet key, then AES-256-GCM. Compromise one key and you compromise exactly one message — nothing before, nothing after.
03
Decrypted on the other phone
Only the recipient's device holds the matching private key. We can't decrypt. We don't keep metadata logs. There's nothing to subpoena, leak, or sell.
Roadmap

A global multi-region network.

Mumbai today. Switzerland soon as the primary. A network of regional subservers after that — close to every user, honest about the dates.

Now · June 2026
Mumbai — first region live
Production region on GCP Mumbai with a custom api.anadevyra.com domain. Low latency across India and Asia; reachable globally. Hardened and monitored.
  • Ephemeral system logs · no access retention
  • Let's Encrypt TLS, independent DNS
  • Comprehensive auto-cleanup across every server surface
Next · Q3 2026
Switzerland — new primary
Bring up a Switzerland region as the new primary, with cross-region replication of vault, pending queue, and identity. Auto-failover at the discovery layer.
  • No APK push needed — every installed app auto-migrates
  • Mumbai stays online as a regional subserver
  • Strong Swiss privacy framework alignment
Then · Q4 2026 +
Global subserver network
Add regional subservers close to users, anchored on the Swiss primary. Open deploy — community members can run their own subserver anywhere in the world.
  • Bring-your-own-server stays one command — fork the deploy
  • Discovery layer routes apps to the nearest healthy region
  • Resilience by topology, not by any single provider
Privacy posture

Honest about what the server sees.

No "trust us" copy. Here's exactly what the server can and can't see — and what survives a subpoena.

Server can see

  • Encrypted bytes for delivery — never plaintext
  • A short queue of pending recipient IDs — never content
  • Ephemeral system logs that aren't retained

Server can't see

  • Your messages — sealed before they leave your phone
  • Your contacts — no contact list lives server-side
  • Your name, phone, email — we never asked

What a data request would find

  • Nothing useful — encrypted bytes are unrecoverable without the recipient's private key
  • No identity bound to any account
  • No retained access logs to correlate against
vs. the rest

Why it's different.

Same encryption strength as the best — and less identity exposure than any of them.

Secure Chat Signal WhatsApp Telegram
No phone number required
No email required
End-to-end encryption (default)opt-in only
Post-quantum (Kyber-1024)PQXDH partial
Dedicated enterprise deployments
Open APK · no store gatekeeper
Volatile, shredded server logs
Decoy mode (plausible deniability)
Vanish mode (per-thread timers)
On-device voice transcribe + translatecloud only
Stories with E2E reactions + viewer statsbasic
Sovereign multi-region roadmap
Installation

Six steps. Under a minute.

Direct APK install. No Play Store gatekeeper, no analytics SDK injected on the side.

01
Tap Download

Grab the latest APK from the download button above.

02
Open the file

From your downloads, tap the APK to start installation.

03
Allow unknown sources

If prompted, tap Allow so Android lets the installer run.

04
Install

Tap Install. Takes a few seconds.

05
Open AnA Devyra

Pick a node name and a strong password. That's your identity.

06
Share your Node ID

Send it to a contact. They add you. You start talking — encrypted, end-to-end, from word one.

Questions

Frequently asked.

The privacy questions worth asking — answered plainly.

Why no phone number or email?
A phone number or email is the easiest way to bind a real-world identity to a chat history. We skip it entirely. Your account is a cryptographic node ID you control — and rotate if you ever need to.
Is this really post-quantum secure?
Yes. We use ML-KEM-1024 (Kyber-1024) — the NIST-standardized post-quantum KEM — for key exchange. Combined with a Double Ratchet and AES-256-GCM, conversations stay private even against a future cryptographically-relevant quantum computer.
Where are my messages stored?
On your phone. The server briefly relays ciphertext for online delivery and queues encrypted bytes for offline recipients — never plaintext, never indexed. Server logs are volatile and shredded.
Why isn't it on the Play Store?
Stores add gatekeepers, identity binding to a Google account, and analytics injection requirements. A direct APK keeps the install pure — source you trust, signature you can verify, no profile attached.
What happens if I lose my phone?
Your account effectively dies with it — which is the point. No recovery loop means no recovery vector for an attacker. Use the in-app session export to back up encrypted state to storage you control.
Can I run my own server?
Yes. The server is open and ships with a one-line deploy. Point your app at your own URL and you control the relay end-to-end. Friends and family can join your server, not ours.
Does it work between countries?
Yes. The default server lives in Mumbai with TURN relays for restrictive networks. Messages cross borders just like web traffic — and they stay encrypted the whole way.
Is it free?
Encrypted chat, voice, video, and groups: free forever. A premium tier is coming with optional LAN P2P, mesh routing, and multi-device sync — features that offload work from servers rather than add cost.
What's new in v1.1?
A lot. Stories with 10 gradient backgrounds, reactions, viewer stats and 24h auto-vanish. Voice notes + on-device transcribe + translate to 17+ languages — works inside groups too. Smart Replies via on-device ML Kit, multilingual, on tap. Send effects for celebration moments. Verified contact pills. Chat folders, multi-select, passcode-per-chat, photo OCR, and a sovereign domain — that's why you're on anadevyra.com reading this.
Where is the APK actually hosted?
GitHub Releases. Free, fast, immutable per release tag, with a published SHA you can verify. The site's download button just resolves to github.com/anadevyra/anadevyra.github.io/releases. We don't use Google Drive anymore — it added warnings and friction for nothing.
How does on-device transcribe work?
Your phone uses Google ML Kit speech recognition with the model running locally. Voice notes stay inside their AES-256-GCM envelope until transcribe is invoked; the transcript is produced on-device and never sent anywhere. Translation uses ML Kit's offline language packs the same way. The server never sees audio or text — just sealed bytes for delivery.
What's the Switzerland plan?
Q3 2026: bring up a Switzerland region as the new primary with cross-region replication. Auto-failover at the discovery layer means every installed app migrates without an APK push. Q4 2026 and beyond: extend with regional subservers close to users worldwide, anchored on the Swiss primary, with strong privacy framework alignment. The deploy is open — community members can run their own subserver anywhere.
What will be in premium?
The plan: optional LAN P2P routing (chats hop device-to-device on the same WiFi without touching a server), mesh routing across nearby installs, and multi-device sync over an end-to-end encrypted channel. Features that offload work, not gatekeepers in front of basics.
Why is the website on anadevyra.com now?
Sovereign DNS. anadevyra.com is owned outright with a 12-month term we renew ourselves — no platform can take it from us. The chat backend lives at api.anadevyra.com on the same domain, so brand and infrastructure stay aligned across the roadmap.

Built with privacy as the foundation. No company reads your messages. No phone number. No email. Just encrypted communication that only you control.

AnA Devyra Team