Private means private — not "private until subpoena," not "private until policy update."
Three steps. Every message. Every time.
Before a message leaves your device, it's encrypted using keys that only your verified devices hold. The plaintext never exists anywhere else — not in memory on the server, not in transit, not in any database we control.
The server receives and forwards an encrypted blob. It has no ability to decrypt it. Even with full database access, server logs, or a network intercept, the content is unreadable without the recipient's private keys.
Only devices that have been verified as part of the conversation can decrypt the message. New devices must go through key verification before they gain access — preventing silent eavesdropping by unknown sessions.
What the terminology actually means.
Matrix E2EE is built on Megolm — a ratchet-based encryption scheme derived from the Signal protocol. Each room session has its own rotating session key. Messages within a session share a key; new sessions generate new keys. Compromise of one session key doesn't expose past or future messages.
Your recovery key is a long random string that unlocks your encrypted message history on new devices. We never see it, never store it, and cannot recover it if lost. It's generated once at setup. If you lose it and lose access to all your logged-in devices, your encrypted history is gone permanently — not recoverable by anyone.
Cross-signing lets you verify all your own devices with a single action. Once your devices are cross-signed, contacts who trust you see a single verified identity rather than a list of individual devices. It's how Matrix scales verification across multiple devices without requiring manual verification of each one.
When you verify a contact or a new device, both sides are shown a matching set of emoji derived from a shared secret. If they match, the cryptographic handshake succeeded and no man-in-the-middle is present. If they don't match, abort — something is wrong. This takes 30 seconds and meaningfully raises your security baseline.
Every device you log in from creates a new session with its own key pair. These sessions are independent — revoking one doesn't affect the others. You can view and manage all active sessions from your account settings. Any session you don't recognize should be logged out immediately.
E2EE protects message content. It does not hide metadata: who you talk to, when, room membership, or message timing. Public rooms are not E2EE by default — encryption is a property of private rooms and DMs. If someone in a room has a compromised device, they can read messages sent after the compromise.
Transparency about the server's actual visibility.
If you lose your recovery key and lose access to all your logged-in devices simultaneously, your encrypted message history cannot be restored by anyone — including us. There is no account recovery email, no support bypass, no admin override. Back it up before you need it: a password manager, printed paper, or offline storage. Not a cloud note. Not an unencrypted file.
Practical steps to actually use your encryption correctly.
After first login, Cinny or Element will prompt you to set up encryption. Do it. Save the recovery key to a password manager (Bitwarden, 1Password, KeePass) or print it and store it physically. This is the single most important step.
When you log in on a second device — phone, another browser, desktop app — you'll see an "unverified session" warning. Use your existing verified device to confirm the new one via emoji verification. This links it into your cross-signing chain and gives contacts confidence that your identity is intact.
For people you have sensitive conversations with, do a manual verification. In a DM, open their profile and start a verification. Both sides complete the emoji check. After that, you'll see a shield icon confirming the session is verified — meaning no one is silently sitting in the middle.
In settings, under Security & Privacy → Sessions, you can see every active device session. Any session you don't recognize — log it out. Old sessions from browsers you no longer use, devices you've lost, or apps you've uninstalled should be cleaned up.
Public rooms are not end-to-end encrypted by default. Anything said in a public room is visible to the server and to any member — including federated users from other homeservers. If you need private conversation, use a private room or DM with E2EE enabled.
Check the FAQ or reach out directly in the Badlands room.
