Comparisons
How SELF compares with other privacy, messaging, and communication tools. By SELF we mean both SELF Chain (the protocol) and the SELF App (the product most people actually touch). Each section looks at the same things: architecture, jurisdiction, delivery, authentication, recovery, and purpose. We will add more comparisons over time. None of this is legal, investment, or security advice.
Signal
Signal (signal.org) is widely regarded as the benchmark for private messaging. This is the friendliest comparison in the list, because Signal and SELF agree on more than they disagree.
Sources reviewed (Signal, 2025 to 2026 public materials):
What each one actually is
Signal is a single thing done extremely well: end-to-end encrypted messaging. It is run by a US non-profit (the Signal Foundation), is fully open source, and uses the Signal Protocol, the Double Ratchet design that most other serious apps license or imitate. Every chat, call, and group is end-to-end encrypted by default, and its Sealed Sender work hides much of the who-talks-to-whom metadata too. By design it is a messenger and nothing else.
SELF is broader by design. It is a protocol (SELF Chain) and a client (the SELF App) that brings the same zero-knowledge instinct to messaging, mail, calendar, an AI assistant, and value patterns, with one sovereign identity across all of it. So Signal versus SELF is not a fight about encryption quality. It is best-in-class single-purpose messenger against sovereign suite plus chain. The dividing lines are scope, the identity anchor, jurisdiction, and delivery.
Where Signal is genuinely right
Default end-to-end encryption for everything, fully open source, repeatedly audited, run by a non-profit rather than an advertising business, and unusually disciplined about metadata. When Signal has been subpoenaed (the 2021 and 2024 Santa Clara County cases), the most it could produce was account-creation and last-connection timestamps. SELF does not argue with any of that; its own design starts from the same zero-knowledge place, with keys on the user's device and only encrypted blobs on the server.
The phone number you cannot avoid
Signal still requires a phone number to register. Usernames (introduced in 2024) let you hide that number from the people you chat with, and discovery can be set to "Nobody", but your account remains anchored to a phone number internally, used for anti-spam and recovery. That is a real identity hook: a number tied to a SIM, a carrier, and usually your legal name. SELF requires no phone number. Identity is anchored to user-held keys (a recovery phrase), with email used only for optional sign-in codes and stored encrypted. There is no number for a carrier, a SIM-swapper, or a subpoena to pivot on.
Delivery and notifications
The same structural point applies as elsewhere on this page. Signal ships as native iOS and Android apps, so the install is bound to an Apple ID or Google account, and push notifications travel through Apple's APNs and Google's FCM. Signal handles this about as carefully as anyone can, but the app-store identity and the platform relay still exist. The SELF App runs as a PWA in the browser with Web Push payloads encrypted to the browser, so it is not anchored to the two store gatekeepers in the same way.
Jurisdiction and infrastructure
Signal is a US non-profit running centralised servers on US cloud infrastructure. Its data minimisation is excellent, so there is very little to compel, but it still sits under US legal process, including the gag-order tools that can come with it. SELF's direction is EU data residency and a browser-node architecture that spreads participation rather than concentrating it in one US-hosted service.
Scope
Signal is a messenger. SELF is a messenger, a mail client, a calendar, an AI assistant, and a value layer, on a chain its users help run, under one sovereign identity. If all you want is the best stand-alone secure chat app, Signal is superb. If you want those same zero-knowledge guarantees to extend across your whole digital life, that is the gap SELF is built to fill.
Philosophies (different directions)
| Lens | SELF (SELF Chain + App) | Signal |
|---|---|---|
| Core goal | Sovereign identity and suite across life domains | Best-in-class private messaging |
| Encryption | Zero-knowledge E2E across all data | E2E by default (Signal Protocol) |
| Identity anchor | User-held keys, no phone number | Phone number required to register |
| Metadata | Minimal; server stores only encrypted blobs | Minimal; Sealed Sender |
| Jurisdiction | EU residency direction | US non-profit, US legal process |
| Delivery | PWA / browser node, not store-gated | Native iOS and Android, store-gated |
| Infrastructure | Browser-node direction | Centralised US-hosted servers |
| Scope | Messaging, mail, calendar, AI, value, chain | Messaging and calls |
In one sentence. Signal is the best stand-alone private messenger there is, and SELF takes the same zero-knowledge instinct, drops the phone-number anchor, steps off the app-store and US-hosting model, and extends it across a whole sovereign suite rather than a single chat app.
Proton
Proton (proton.me) is a Swiss privacy suite: encrypted mail, VPN, calendar, drive, and a password manager. It is the closest comparison to SELF on breadth, and its Swiss base is a genuine strength worth stating plainly.
Sources reviewed (Proton, 2021 to 2026 public materials):
- Information for law enforcement
- Clarifications regarding arrest of a climate activist
- ProtonMail provided a user's IP address to authorities (Ars Technica)
What each one actually is
Proton is a centralised provider of privacy products, run by Proton AG in Switzerland, with end-to-end encryption for its mail product. The model is that you trust a well-run Swiss company to hold your encrypted data and behave well, backed by strong Swiss law. SELF is a sovereign client plus a chain: keys, decryption, and validation run in your browser, and the server stores only encrypted blobs it cannot read. The difference is less about which company to trust and more about how little either company is in a position to hand over.
Where Proton is genuinely right
Switzerland is a meaningfully better home than the United States. Proton cannot be forced to hand over message content, because it does not hold the keys; it does not answer foreign governments directly (Article 271 of the Swiss Criminal Code, so foreign agencies must use the slower Mutual Legal Assistance Treaty process); and it actively fights data requests. SELF shares that European residency instinct, so on jurisdiction Proton and SELF are closer to each other than either is to a US-based tool.
The limits of "trust a good company"
Proton's model still leaves identifying metadata in the provider's hands, and real cases show it. Content stays encrypted, but Proton can be compelled by a Swiss court to begin logging a specific account's IP address (the 2021 climate-activist case), and it holds account metadata such as recovery email addresses and payment identifiers that have been used to identify people (a 2024 Catalan independence case, and the Stop Cop City matter where payment data reached the FBI through the Swiss MLAT process). Email itself also exposes sender, recipient, and timestamps by the nature of SMTP. None of this is bad faith. It is the structural cost of a centralised provider that holds your account.
SELF narrows that surface. Identity is anchored to user-held keys rather than to a recovery email or a card payment, the server holds only encrypted blobs, and minimal on-chain anchors stand in for a central account record. SELF's own mail carries the same unavoidable metadata limit for messages that leave the network, so this is not a claim that SELF abolishes email metadata. It is that SELF holds less that can identify you in the first place, so there is less that any order can reach.
Architecture
Proton is "good custodians in a good jurisdiction." SELF is "as few custodians as possible, holding as little as possible." Proton stores your encrypted private key on its servers and unlocks it with your account password; SELF derives keys client-side from a recovery phrase you hold, and pushes toward browser-node participation rather than a single provider's data centres.
Philosophies (different directions)
| Lens | SELF (SELF Chain + App) | Proton |
|---|---|---|
| Core goal | Sovereign, user-held, minimal data | Trusted Swiss custodian of encrypted data |
| Jurisdiction | EU residency direction | Switzerland (strong; MLAT, Article 271) |
| Content | Zero-knowledge E2E | E2E mail; provider cannot read content |
| Metadata and identity | User-held keys; minimal anchors | Recovery email, payment, court-ordered IP logging |
| Key custody | Keys on your device (recovery phrase) | Encrypted private key stored on Proton servers |
| Infrastructure | Browser-node direction | Centralised Proton servers |
| Scope | Messaging, mail, calendar, AI, value, chain | Mail, VPN, calendar, drive, pass |
In one sentence. Proton is the right idea in the right country, a privacy suite you trust a good Swiss company to run, and SELF aims one step further by holding identity and keys with the user and keeping only encrypted blobs on the server, so there is less to compel in the first place.
Telegram
Telegram (telegram.org) is a popular, feature-rich messaging and broadcasting platform. It is also the clearest contrast in this list, because on the thing that matters most for privacy it works very differently from how most users assume.
Sources reviewed (Telegram, 2024 to 2026 public materials):
- Telegram privacy explained (ESET)
- Telegram's privacy policy reversal after the Durov arrest (The Droid Guy)
What each one actually is
Most people think of Telegram as an encrypted messenger. By default it is not end-to-end encrypted. Ordinary "cloud chats", the default for every one-to-one conversation and the only option for groups and channels, are encrypted between your device and Telegram's servers, where Telegram holds the keys and can read the content. End-to-end encryption exists only in "Secret Chats", which are manual, one-to-one only, tied to a single device, and by most estimates used in well under 5% of conversations. SELF is the opposite: every message is zero-knowledge end-to-end encrypted by default, and the server stores only encrypted blobs it cannot read.
Where Telegram is genuinely good
Credit where it is due. Telegram is fast, polished, and excellent for large communities, channels, and bots, and its voice and video calls are end-to-end encrypted. As a public broadcast and community tool it is genuinely strong. The problem is narrower than "Telegram is bad": its reputation as a private messenger simply outruns its default behaviour.
Who can read your messages, and who they will tell
Because default chats are readable by Telegram, the provider holds both the content and the metadata around it: phone number, IP address, usernames, and timestamps. That started to matter more after August 2024, when founder Pavel Durov was arrested in France and Telegram reversed its long-standing stance. It now discloses IP addresses and phone numbers to authorities in response to valid legal requests across a broad range of crimes, not just terrorism. Telegram also requires a phone number, runs a custom protocol (MTProto) that has been criticised for lacking the peer review of open standards, and operates through a corporate structure spread across Dubai and the British Virgin Islands.
SELF holds none of that: no readable content, no phone-number anchor, keys derived on your device, an EU residency direction, and standard, well-studied encryption rather than a bespoke protocol.
Philosophies (different directions)
| Lens | SELF (SELF Chain + App) | Telegram |
|---|---|---|
| Default encryption | Zero-knowledge E2E for all messages | Client-server; provider can read cloud chats |
| E2E coverage | Everything, always | Secret Chats only (manual, 1:1, one device) |
| Groups and channels | Encrypted | Never end-to-end encrypted |
| Identity anchor | User-held keys, no phone number | Phone number required |
| Provider access | None (encrypted blobs only) | Holds content and metadata |
| Cooperation posture | EU residency; little to compel | Discloses IP and phone on broad legal requests (since 2024) |
| Protocol | Standard, well-studied primitives | Custom MTProto, limited peer review |
| Scope | Messaging, mail, calendar, AI, value, chain | Messaging and broadcasting |
In one sentence. Telegram is a great broadcasting platform that many people mistake for a private messenger, since its default chats are readable by Telegram and, since 2024, increasingly shareable with authorities, whereas SELF encrypts everything end-to-end by default and keeps the keys with you.
WhatsApp
WhatsApp (whatsapp.com) is the most widely used messenger on earth, and unlike Telegram it does encrypt message content end-to-end by default. The catch is everything around the message, and who owns it.
Sources reviewed (WhatsApp, 2021 to 2026 public materials):
- WhatsApp Privacy Review (Mozilla Foundation, 2025)
- Irish DPC WhatsApp decision (IAPP)
- WhatsApp and data privacy in 2025 (heyData)
What each one actually is
WhatsApp uses the Signal Protocol for message content, the same core design as Signal and SELF, so on paper its encryption looks identical. The difference is who owns it and how it is built around you. WhatsApp is owned by Meta, an advertising company, and the product is built around a phone number, an uploaded contact list, and metadata that flows to the wider Meta group. SELF is the opposite arrangement: no advertising business, no contact harvesting, no phone-number anchor, and a server that holds only encrypted blobs it cannot read.
Where WhatsApp is genuinely right
The underlying protocol is sound. WhatsApp licensed the Signal Protocol, turned it on by default for personal chats, calls, and media, and in doing so brought real transit encryption to billions of people who would never install a niche app. That is a genuine good, worth saying before the caveats. It is also worth being precise about who earned it: the cryptography is Signal's design, not Meta's.
How strong is the encryption, really?
Calling WhatsApp's encryption "strong" without caveats overstates it, because the end-to-end guarantee is narrower than the impression it gives.
The biggest gaps are the carve-outs. Default cloud backups to iCloud or Google Drive are not end-to-end encrypted unless you switch it on, and the way restore works indicates WhatsApp can recover the backup key, so your history (and the half of any conversation that the other person backs up) can be readable off-device. Messages you send to business accounts can be hosted and processed on Meta's servers, which removes the end-to-end protection on that conversation entirely. Conversations with Meta AI are not end-to-end encrypted at all. The "everything is encrypted" impression is doing more work than the defaults support.
There is also the question of who inside the company can reach the data it does hold. A former WhatsApp security chief has alleged that roughly 1,500 engineers could access user data without proper controls or audit trails. Meta disputes the claim, but it shows how much depends on the operator behaving well. SELF's answer is structural: the server stores only encrypted blobs and keys are derived on your device, so there is no readable copy for staff, a court, or an attacker to reach, and backups and the AI assistant stay inside that same encrypted envelope.
The metadata is the product
End-to-end encryption protects what you say, not the fact that you said it. WhatsApp still collects who you talk to, how often, your group memberships, timestamps, IP addresses, device identifiers, and your uploaded address book, and Meta's own policy says this information is shared across Meta companies to operate and market its services. Relationship and timing metadata like this is enough to map a person's life even when the content is sealed, and for an advertising company that metadata is not exhaust, it is the asset. In 2021 the Irish Data Protection Commission fined WhatsApp €225 million for failing to be transparent about exactly this kind of data processing, including data about non-users pulled in through contact uploads.
SELF removes the thing being monetised. There is no advertising model, the server stores only encrypted blobs, identity is anchored to user-held keys rather than a phone number and an address book, and there is no parent company whose revenue depends on profiling you.
Delivery, notifications, and jurisdiction
As with the other native apps here, WhatsApp installs through the App Store or Google Play and pushes notifications through APNs and FCM, so the install is bound to an Apple or Google identity and previews transit those platforms. Meta is a US company, which places WhatsApp under US legal process and the CLOUD Act. The SELF App runs as a PWA with Web Push encrypted to the browser and steers to EU data residency.
Philosophies (different directions)
| Lens | SELF (SELF Chain + App) | |
|---|---|---|
| Content encryption | Zero-knowledge E2E across all data | E2E for personal chats only (Signal Protocol) |
| Operator access | Encrypted blobs only; keys on device | Holds metadata; broad internal access alleged |
| What E2E excludes | Nothing; covers everything | Default backups, business chats, Meta AI |
| Metadata | Minimal; encrypted blobs only | Harvested and shared across Meta |
| Business model | No advertising | Advertising and profiling (Meta) |
| Identity anchor | User-held keys, no phone number | Phone number plus uploaded contacts |
| Backups | E2E, user-held keys | Cloud backup not E2E unless enabled |
| In-app AI | Client-side encrypted | Meta AI not end-to-end encrypted |
| Delivery | PWA / browser node, not store-gated | Native iOS and Android, store-gated |
| Jurisdiction | EU residency direction | US (Meta), under US Cloud Act |
| Scope | Messaging, mail, calendar, AI, value, chain | Messaging and calls |
In one sentence. WhatsApp wraps personal chats in the Signal Protocol, but the guarantee does not cover default backups, business chats, or Meta AI, and the metadata and identity behind every message still flow to an advertising company under US jurisdiction, whereas SELF is end-to-end by default across everything, holds only encrypted blobs, and removes the phone number and the ad model that make the harvest possible.
PRVC
PRVC (prvc.app) is an identity-free secure messenger. This section looks at how it differs from SELF across identity, jurisdiction, delivery, authentication, recovery, and purpose.
Sources reviewed (PRVC, 2026 public materials):
- prvc.app (home, architecture, FAQ, privacy policy, terms)
- How prvc.app works: a non-technical explainer
What each one actually is
PRVC is a single feature done with conviction: identity-free messaging. Its pitch is that true privacy means protecting not only what you say but who is saying it. So it removes phone numbers, emails, and accounts; your identity becomes a random string tied to one device, connections happen through one-time 64-character invite codes, and messages are sharded, scattered across servers as decoy "haystacks", and erased within roughly a day. It adds a Panic PIN that wipes local keys under duress. It is a US-patented product (US11516192B2) shipped as a native mobile app, with terms governed by the laws of Delaware.
SELF is bigger than any single app, and that is the point. SELF Chain is the participatory protocol described in Natural Technology: browser nodes, minimal on-chain identity anchors, per-application sovereignty, and the aspiration that every user's browser can take part as an equal node. The SELF App is the client surface that sits on top of it: messaging, mail, calendar, an AI assistant, and value patterns, all built on zero-knowledge, client-side end-to-end encryption. Keys are derived from a recovery phrase using BIP39, the server stores only encrypted blobs, and it runs as a Progressive Web App in the browser rather than as a store-gated native binary.
So the honest framing is not "messenger vs messenger." It is a narrow, deliberately disposable privacy tool against a philosophy, a protocol, and a product: SELF's worldview, SELF Chain as the foundation beneath it, and the SELF App as the client people use. PRVC is the part that meets a messenger head on, but the SELF App matters precisely because of what sits beneath it.
Where PRVC is genuinely right
It helps to be fair about this, because the strongest part of PRVC's case is true. Most "secure" apps still hang your whole social graph off a phone number, and that identity hook has caused real harm: large phone-number leaks, scaled enumeration of who uses which app, and, as the explainer notes, the use of registration numbers to locate and target people. Encrypting message content while leaving identity exposed is a real gap, and removing the phone number genuinely shrinks what an attacker or a data broker can grab.
SELF does not disagree with that diagnosis. It simply answers it differently. PRVC's answer is to erase identity. SELF's answer is to make identity sovereign: per-application identity, deny-by-default cross-app memory, keys held by the user, and only minimal anchors on chain. One approach optimises for total deniability in a single app. The other optimises for durable, portable, user-owned identity across a person's whole digital life. The points below are where that difference, and PRVC's own structure, start to matter.
Jurisdiction: the US Cloud Act follows the company, not the server map
PRVC presents itself as stateless and serverless in spirit, but it is a US-domiciled product. Its terms are governed by the laws of Delaware, its protection rests on a US patent, and its export language invokes US encryption-export law. That places PRVC squarely under US jurisdiction, and therefore under the CLOUD Act (2018).
The CLOUD Act lets US authorities compel a provider subject to US jurisdiction to produce data in its possession, custody, or control, regardless of which country the servers sit in. "Our shards are scattered on servers around the world" does not move the company outside that reach, and it can come with non-disclosure obligations so the user is never told. PRVC's identity-free design does reduce how much stored content there is to hand over, which is a real mitigation. But two things survive it. First, compelled assistance can be forward-looking: a US order can require a provider to assist with collection going forward, while messages are still transiting and before they evaporate. Second, the company itself, its keys, its infrastructure relationships, and its update pipeline all remain reachable by US process.
SELF steers the other way. Its direction is EU data residency and a compliance posture shaped by SELF and its users rather than by a single foreign jurisdiction's reach. For anyone operating in health, finance, or other regulated domains, "who can lawfully compel this" is not a footnote. It is part of the architecture.
The phone in your pocket: app stores and plaintext notifications
This is where PRVC's own delivery choice undercuts its central promise. PRVC ships as a native iOS and Android app. That has two consequences the marketing does not address.
The install is tied to a real identity that Apple and Google hold. You download PRVC through the App Store or Google Play, which means the install is bound to your Apple ID or your Google account. Apple and Google therefore both know that this specific, identified person has PRVC on their device. PRVC may not know who you are, but the two companies that control the operating system, the store, and the device do. The "who" that PRVC works so hard to remove is reintroduced one layer down, at the platform it cannot see or control.
Notification text routes through Apple and Google in the clear. Push notifications on iOS and Android are delivered through Apple's APNs and Google's FCM. When a message preview appears on your lock screen, that notification payload has passed through Apple's or Google's servers, and unless every payload is treated as opaque ciphertext, the visible text is readable by the relaying platform. So the plaintext you see on your phone is plaintext that also existed on a US-based provider's infrastructure, attached to an account that identifies you. For a tool whose entire thesis is "if we do not know who you are, there is nothing to share," depending on two US platforms that do know who you are, and that do see notification content, is the weakest link in the chain.
The SELF App's posture is different by construction. It is a PWA running in the browser, part of the browser-node direction in Natural Technology, so participation does not have to be gated through an app store and bound to a store identity. Its notifications use the Web Push standard, where the payload is encrypted to the user's browser and the push service relays ciphertext rather than readable previews. The point is not that any web stack is magic. It is that the SELF App's distribution and notification path is not anchored to two US identity-holding gatekeepers the way a native iOS and Android app inevitably is.
Authentication: a memorised PIN versus phishing-resistant passkeys
PRVC authenticates with a memorised PIN and adds a Panic PIN for duress. It deliberately rejects biometrics, arguing that a PIN you keep in your head has stronger US legal protection than a face or fingerprint a court can compel you to present. As a legal-deniability argument for a specific threat model, that is coherent.
The SELF App makes the opposite call, and we think correctly. It promotes WebAuthn passkeys as the primary method: domain-bound, biometric-backed, and phishing-resistant by design, with an optional password as a knowledge-based fallback and a recovery phrase underneath for encryption-key derivation. The SELF App should not chase a PIN to match PRVC. A short numeric PIN trades away phishing resistance and is far weaker against guessing and shoulder-surfing, and the optional password already covers the "something you know" case without that cost. The honest summary: PRVC optimises authentication for courtroom deniability in one app, while the SELF App optimises for resistance to the attacks ordinary users actually face, which is the modern best-practice direction.
Recovery and continuity: erased forever versus sovereign and durable
PRVC treats no recovery as a feature. Lose your phone and your identity and history are gone, because "if you cannot recover it, neither can an adversary." For a burner-style, high-risk, short-conversation use case, that is defensible.
It is the wrong default for a platform people spend ongoing time within. SELF's model gives the user continuity without surrendering control: the recovery phrase reconstructs encryption keys on any device, an optional recovery password enables cross-device recovery without re-entering the phrase, and the server still never sees the keys. Sovereignty is not only the right to disappear. It is also the right to keep what is yours across a lost phone, a new device, and the years of a real relationship with a health, finance, or family service.
The AI question, and what privacy rests on
PRVC markets "No AI, ever" as a core virtue. SELF takes a different view: an AI assistant can be genuinely private when its context is encrypted on your device and never placed on chain by default, so you are not forced to choose between useful intelligence and privacy.
Underneath that, the two reduce risk in different ways. PRVC reaches a low-data position by erasing identity outright, and pays for it with the total loss of recovery described above. SELF reaches a low-data position through zero-knowledge architecture: the server holds only encrypted blobs and the keys stay on your device, so your privacy does not hinge on what a company does with readable data, because there is none. You keep recovery and sovereignty at the same time.
Purpose and scope
PRVC is a tool: one screen, one job, ephemeral by design, aimed at a narrow high-risk threat model. There is a real place for that. SELF is connective tissue: identity, messaging, mail, calendar, value, and AI aligned on a chain its users help run. You could imagine a PRVC-style ephemeral mode living inside a SELF surface for a specific need. You could not rebuild SELF's sovereign identity, durable record, and cross-application participation inside PRVC, because PRVC's whole architecture is the deliberate refusal to remember who you are.
Philosophies (different directions)
| Lens | SELF (SELF Chain + App) | PRVC (public narrative) |
|---|---|---|
| Core goal | Sovereign, owned identity and durable record | Erase identity; leave no trace |
| Identity model | Per-app identity, minimal on-chain anchors, user-held keys | No identity; random per-device string |
| Jurisdiction | EU residency direction, no single-jurisdiction capture | Delaware law, US patent, under US Cloud Act |
| Delivery | PWA / browser node, not store-gated | Native iOS and Android, store-gated |
| Notifications | Web Push, payload encrypted to the browser | APNs / FCM, preview text via Apple and Google |
| Who knows you use it | No app-store gatekeeper; browser-based access | Apple and Google know the identified install |
| Authentication | Passkeys (phishing-resistant) + optional password | Memorised PIN + Panic PIN, no biometrics |
| Recovery | Recovery phrase + optional cross-device recovery | None; lose the phone, lose everything |
| AI | Private assistant, context encrypted on device | None ("No AI, ever") |
| Scope | Platform and chain across many life domains | Single-purpose ephemeral messenger |
In one sentence. PRVC tries to keep you safe by making sure nobody, including PRVC, knows who you are, yet it ships through the two US platforms that do know who you are and that relay your notifications in the clear; SELF keeps you safe by making your identity, keys, and record genuinely yours, with the keys on your device and your data outside any single foreign jurisdiction's reach.
Vant Chat
Vant Chat (vant.chat) is, in shape, very close to PRVC: an identity-free, no-sign-up messenger built for people who want zero traceability, aimed at journalists, activists, and similar high-risk users. Because the model is almost the same, most of the PRVC comparison applies directly, so this section is shorter and focuses on what is shared and the few things that differ.
Sources reviewed (Vant Chat, 2026 public materials):
- vant.chat (home, features, mission)
The same model, the same limitations
Vant shares PRVC's core design: no phone number, no email, no account or user ID (it uses temporary pairwise connection links per contact), end-to-end encryption by default, a "no servers, zero data stored" claim, and post-quantum cryptography. Because the model is the same, the structural limitations from the PRVC section above apply here too.
- Native iOS and Android delivery. Vant ships through the App Store and Google Play, so the install is bound to an Apple ID or Google account, and those platforms know that an identified person has it. Vant does also offer a direct Android APK that avoids the Play account, which is a genuine point in its favour, but iOS still goes through Apple.
- Push notifications still travel through Apple and Google. Vant promotes push notifications even when the app is closed. On iOS and Android those are delivered through APNs and FCM, so notification content and delivery transit Apple's and Google's servers, exactly the weak link described under PRVC. An identity-free app whose alerts depend on the two companies that know your device identity has quietly reintroduced the "who" at the platform layer.
- No recovery. With no account, a lost phone means lost contacts and history. That is fine for a throwaway tool and the wrong default for something you live in. SELF gives you recovery without surrendering control: a recovery phrase, optional cross-device recovery, and keys the server never sees.
- Identity erased, not owned. Like PRVC, Vant's privacy comes from removing identity entirely. SELF's comes from making identity sovereign and per-application, with the keys on your device.
What is a little different
Two things set Vant apart from PRVC, one better and one worse. On the better side, Vant has resisted data-localisation pressure: it was removed from Apple's China App Store in 2024 for refusing to comply with national-security data demands, which at least signals a posture against handing data over. On the worse side, where PRVC is openly US-domiciled (so you can at least reason about the CLOUD Act), Vant's operator and governing jurisdiction are not clearly stated. "We do not have your data" is harder to weigh when you do not know who is making the promise or which law they answer to.
Where this leaves SELF
The same place as the PRVC comparison. Vant is a single-purpose anonymity tool: useful for a deniable, throwaway conversation, and honest about being lightweight. SELF is the opposite kind of product: one sovereign identity, recoverable and yours, across messaging, mail, calendar, AI, and value, on a chain, with the server holding only encrypted blobs it cannot read and an EU residency direction. If your goal is to vanish, Vant and PRVC are built for that. If your goal is to own your digital life rather than erase it, that is SELF.
Philosophies (different directions)
| Lens | SELF (SELF Chain + App) | Vant Chat |
|---|---|---|
| Core goal | Sovereign, owned identity across life | Erase identity; zero traceability |
| Identity | User-held keys, no phone number | No account or IDs; pairwise links |
| Delivery | PWA / browser node, not store-gated | Native iOS and Android (plus Android APK) |
| Notifications | Web Push, encrypted to the browser | APNs / FCM via Apple and Google |
| Recovery | Recovery phrase + optional cross-device | None; lose the phone, lose everything |
| Jurisdiction | EU residency direction | Operator and jurisdiction unstated |
| Scope | Messaging, mail, calendar, AI, value, chain | Single-purpose messaging |
In one sentence. Vant Chat is essentially PRVC's twin, an identity-free, no-account messenger that inherits the same strengths and the same limitations, above all native app-store delivery and push notifications that route through the two platforms that do know who you are, whereas SELF keeps identity sovereign and recoverable, holds only encrypted blobs, and steers clear of the app-store identity hook.