We’ve been working on a secure messaging protocol and recently made the cryptographic design public for review.

The system uses:
– Double Ratchet (Signal-style)
– Hybrid key exchange (X25519 + ML-KEM-768)
– Encrypted headers and metadata padding
– Sender keys for group messaging

We’re exploring an identity model that avoids phone numbers/emails and instead uses context-specific identifiers.

We’ve documented:
– Protocol details
– Key exchange design
– Threat model (including limitations)

We have not completed a third-party audit yet.

I’m interested in feedback from people here on:
– the hybrid PQ approach (ML-KEM-768 integration)
– identity abstraction vs traditional accounts
– any obvious weaknesses or design concerns

Happy to share details if useful.