[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fxog-wM-Kcv9MZsR6fMtBmer0azob00mZZuQ53maMUR0":3},{"article":4,"iocs":56},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":33,"category":34,"article_tags":38},"bf9493f5-3e20-499d-b00d-0f8d53d83220","Signal Alums Reveal ‘Encrypted Spaces,’ a System for Making Private Collaboration Apps","signal-alums-reveal-encrypted-spaces-a-system-for-making-private-collaboration-a-24b120","The new open-source project could serve as the basis for a future of apps with features as complex as Slack, Discord, or Google Docs—but with added protection against surveillance.","Former Signal developers and cryptographers have released Encrypted Spaces, an open-source project designed to enable complex, end-to-end encrypted collaboration applications. This new system aims to provide a foundation for building tools similar to Slack or Google Docs, but with enhanced privacy protections against server-side surveillance and eavesdropping, leveraging advancements like zero-knowledge proofs.","Signal alums launch Encrypted Spaces, an open-source project for private collaboration apps.","CommentLoaderSave StorySave this storyCommentLoaderSave StorySave this storyEnd-to-end encryption, in which data is encoded so that only users on either “end” of a conversation can decrypt their communications—and not the server that relays that information or any other interloper—has become the standard for modern privacy on the internet. But its very name suggests a kind of simple pipe with two openings. The metaphor, and often the encryption technology that has enabled that model, doesn't fit neatly onto the world of Slack, Discord, Google Docs, and the other multiuser, complex, collaborative software where people now live and work.So one group of cryptographers has built what they describe as the foundation for a new generation of end-to-end encrypted apps, with a new metaphor: Instead of a mere pipe, they want to create “spaces” where users can hold group conversations, host information on a server, collectively make changes to it, invite in new collaborators or kick them out, all while maintaining the same strong encryption protections that prevent the server or network eavesdroppers from accessing their data.That cryptographer team, including contributors from Harvard, Microsoft Research, and former developers of the end-to-end encrypted messenger Signal, today release a “preview” of Encrypted Spaces, an early version of a set of open-source code libraries, which is part of an architecture they've designed to allow anyone to easily build a rigorously end-to-end encrypted app that nonetheless enables all of the complex collaboration features that users demand from software today.The group says it saw an opportunity in the migration from single-user apps and one-to-one messengers to multiuser collaboration tools. The transition comes at the same time as the advent of new cryptographic tricks—namely, “zero-knowledge proofs”—that enable computers to manipulate and verify the integrity of encrypted data without seeing its contents. “These pieces kind of fall into place to leave us with a moment of technological shift where we can inject encryption and privacy,” says Nora Trapp, an engineer at Harvard’s Applied Social Media Lab who has also worked as a technical lead for Signal. “We want to provide the technological surface area for developers to build all these apps in a privacy-preserving way.\"Among the cryptographers working on the project is Trevor Perrin, the cocreator of the Signal protocol, the open-source encrypted messaging system used not only in the hundred-million-plus phones with Signal installed but also in the billions of devices that use WhatsApp and Facebook Messenger.Courtesy of Andrew GreenbergEncrypted Spaces is, in some sense, the next generation of the Signal protocol, but for more complex and fully featured tools that go beyond messaging and calls, says Matt Green, a cryptography-focused professor of computer science at Johns Hopkins. “They've built a system that's kind of an extension of what end-to-end encryption can be, where you have an actual architecture for doing end-to-end encrypted collaboration,” says Green, who reviewed a white paper outlining the Encrypted Spaces project and a prototype application. “You can think of it as the Signal protocol for collaboration apps.”Unlike Signal, however, the code that the Encrypted Spaces group has released is, for now, not a single, ready-for-use application. Instead, it's a code repository that the group is inviting cryptography researchers and developers to review, with the goal of eventually allowing coders to build their own encrypted collaborative apps—but without needing any cryptography knowledge. “We want to make it so there's no reason a developer wouldn't want to make their application end-to-end encrypted, because it becomes so easy,” Trapp says.Change Logs and Zero-Knowledge Roll-UpsEncrypted Spaces aims to deal with a crucial limitation of end-to-end encrypted apps: Because the server can't decrypt users' data, any manipulation of that information has to take place on the users' devices. That works well enough when the app is a pipe connecting two users' phones, each of which holds a key to decrypt their conversation. But when the app is a collaborative platform with dozens or hundreds of users working together, that model of end-to-end encryption creates a severe constraint: The app can't simply store users' information on a server and manipulate it in that centralized location as it would for an unencrypted platform like Slack or Google Docs.Encrypted Spaces offers a new model: An app built with it manages data from a centralized server and let users collectively make changes to that information while still keeping it encrypted. More specifically, Encrypted Spaces keeps a change log—a record of every change to encrypted data that the users make over time—that can be shared with the app on every user's phone or computer, so that the app can implement those changes locally and keep everyone's version of the information synched and up to date.The server uses zero-knowledge proofs, a relatively new cryptographic technique, to prove to every user's device that no changes are missing and no rogue changes have been made, but without the server ever accessing the unencrypted data or the changes to it. (Hence “zero knowledge.”) In fact, Encrypted Spaces can use a kind of “roll-up” property of zero-knowledge proofs to ensure that every user has the latest version of their group's data without actually applying every change in the whole change log. “The server can roll up the changes into a succinct proof that this current state reflects the entire history,” says Perrin. “It can convince you it's applied the change log correctly without actually having to send it.”The server also uses zero-knowledge proofs to oversee how people's devices manage the cryptographic keys that allow only authorized users to decrypt and alter the data, allows new users to be invited in, and can provably revoke their access if someone leaves the group. The space's users can also choose to share the full history of the app or to limit a new invitee to new messages or data added after they entered.The Encrypted Spaces team showed WIRED a demo of a prototype application it calls Spaces, which it also released Thursday. (They recommend the software not be used in its current state but instead treated as a research prototype.) In the demo, the Spaces prototype appeared to be a fully functioning, end-to-end encrypted Slack- or Discord-type app with added group notes, calendar, and file-storage functions, but still lacked certain features like voice calling and search.Plenty of collaboration tools already offer some sort of end-to-end encryption, to be fair, such as Proton's suite of cloud-based apps including file storage and document editing or similar suites from CryptPad or Nextcloud. Software including Matrix and Nextcloud also offer Slack- or Discord-like end-to-end encrypted group messaging platforms.Encrypted Spaces, however, provides an open-source, credible foundation for a more rigorous and standardized approach to building those apps or whatever comes next, says Johns Hopkins’ Green—as well as an enormous head start for anyone who wants to securely code an encrypted tool. “I like the idea that we're going to have a standard library for this that a lot of people can review,” says Green. “And if you use this library, you inherit all the security for free.”From Signal to SpacesThe effort behind Encrypted Spaces originated, at least in part, within the team that develops Signal. In 2019 and 2020, Signal's developers, including Trapp and Perrin, were working on upgrading Signal's group-chat feature to better preserve the privacy of group members, so that Signal's servers could manage who was included in a group but without keeping any unencrypted record of that member list. They ended up partnering with cryptographers at Microsoft Research to build a new “anonymous credentials” system that used z","https:\u002F\u002Fwww.wired.com\u002Fstory\u002Fsignal-alums-release-encrypted-spaces-a-new-system-for-building-private-collaboration-apps\u002F","https:\u002F\u002Fmedia.wired.com\u002Fphotos\u002F6a29f6fdf21b8119853af2d9\u002Fmaster\u002Fpass\u002Fsecurity_signal_GettyImages-2261142500.jpg","2026-06-11T12:00:00+00:00","2026-06-11T14:00:08.146576+00:00",7,[18,21,23,26,28,31],{"name":19,"type":20},"Signal","product",{"name":22,"type":20},"Encrypted Spaces",{"name":24,"type":25},"end-to-end encryption","technology",{"name":27,"type":25},"zero-knowledge proofs",{"name":29,"type":30},"Microsoft","vendor",{"name":32,"type":20},"Slack","02371804-cf6d-4449-98de-f1a2d4d9b266",{"id":33,"icon":35,"name":36,"slug":37},null,"Tools","tools",[39,41,46,51],{"category":40},{"id":33,"icon":35,"name":36,"slug":37},{"category":42},{"id":43,"icon":35,"name":44,"slug":45},"0493c7e9-989a-4692-b4e6-136f5ec09675","Cryptography","cryptography",{"category":47},{"id":48,"icon":35,"name":49,"slug":50},"614132b8-5837-4952-b8b5-c6c9a32a1d85","Privacy","privacy",{"category":52},{"id":53,"icon":35,"name":54,"slug":55},"ade75414-7914-4e23-a450-48b64546ee70","Open Source","open-source",[]]