WHITEPAPER

Arc Protocol v2.0 — Powered by libsignal

wp.title

wp.subtitle

wp.version · Atlas Associates Inc. · Public

wp.downloadPdf

Abstract

wp.abstract

wp.abstractSecurity

wp.s1.title

wp.principle1

wp.principle1Desc

wp.principle2

wp.principle2Desc

wp.principle3

wp.principle3Desc

wp.principle4

wp.principle4Desc

wp.s2.title

wp.th.component	wp.th.algorithm	wp.th.standard	wp.th.keySize
Key Exchange (Classical)	X25519 ECDH	RFC 7748	256-bit
Key Exchange (Post-Quantum)	ML-KEM-1024 (via libsignal)	FIPS 203	Level 3
Message Encryption	AES-256-GCM	NIST SP 800-38D	256-bit
Message Authentication	XEdDSA (libsignal)	Signal XEdDSA spec	256-bit
Key Derivation	HKDF-SHA256	RFC 5869	256-bit output
Chain Key Derivation	HMAC-SHA256	RFC 2104	256-bit
Protocol Base	Signal Protocol	Open specification	—

wp.s2.note

wp.s3.title

wp.s3.desc

Alice → Bob:
1. Fetch Bob's PreKey Bundle (Identity + Signed PreKey + One-Time PreKey + PQ PreKey)
2. 4× X25519 DH computations
3. ML-KEM-1024.Encaps(Bob's PQ Public Key) → (pq_ciphertext, pq_shared_secret)
4. Root Key = HKDF-SHA256(DH1‖DH2‖DH3‖DH4‖pq_shared_secret)
5. Send: Alice's keys + PQ ciphertext (1,088 bytes) + encrypted message

wp.s3.security

wp.th.parameter	wp.th.value
Public Key	1,184 bytes
Secret Key	2,400 bytes
Ciphertext	1,088 bytes
Shared Secret	32 bytes
NIST Security Level	Level 3 (AES-192 equivalent)
NIST Standard	FIPS 203 (August 2024)

wp.s4.title

wp.s4.desc

DH Ratchet (direction change):
  New Root Key = HKDF-SHA256(current_root_key, X25519_DH_output)

Symmetric Ratchet (per-message):
  Message Key  = HMAC-SHA256(chain_key, 0x01)
  Next Chain   = HMAC-SHA256(chain_key, 0x02)

wp.s4.keys

wp.s5.title

wp.s5.desc

Ciphertext = AES-256-GCM.Encrypt(
  key:   message_key (32 bytes),
  nonce: random (12 bytes, never reused),
  aad:   ratchet_public_key ‖ prev_chain_length ‖ message_number,
  plaintext: message content
)

Per-message overhead: nonce (12B) + auth tag (16B) = 28 bytes

wp.s6.title

wp.differentiator

wp.aegisDesc

wp.th.property	wp.th.description
wp.senderAuth	wp.senderAuthDesc
wp.tamperDetect	wp.tamperDetectDesc
wp.nonRepudiation	wp.nonRepudiationDesc

XEdDSA Signing (via libsignal):
  payload   = senderId ‖ "|" ‖ timestamp ‖ "|" ‖ content
  signature = XEdDSA.Sign(payload, X25519_private_key)
  → 64 bytes attached to message
  (Converts X25519 key to Ed25519 internally — no separate Ed25519 key needed)

Verification:
  XEdDSA.Verify(payload, signature, sender_X25519_public_key)
  → verified | failed | noSignature

wp.s7.title

wp.s7.desc

Sender:
1. Generate ephemeral X25519 keypair
2. DH = X25519(ephemeral_private, recipient_identity_public)
3. AES_Key = HKDF-SHA256(DH, info="Arc Sealed Sender v1")
4. Envelope = AES-256-GCM(senderId + "\0" + payload, AES_Key)

→ Sealed Message = ephemeral_pub(32B) ‖ nonce(12B) ‖ ciphertext ‖ mac(16B)

wp.s7.availability

wp.s8.title

wp.s8.desc

Encryption (libsignal group_encrypt):
  Chain Key → Message Key → AES-256-GCM  (libsignal internal)
  HMAC signature                          (libsignal internal)
  → Output: SenderKeyMessage bytes

Decryption (libsignal group_decrypt):
  Signature verify → Replay detect → Decrypt (libsignal internal)

All crypto operations delegated to libsignal — no custom primitives.

wp.s9.title

wp.th.key	wp.th.algorithm	wp.th.lifetime	wp.th.storage
Identity Key	X25519	Account lifetime	Platform Secure Storage
Signing Key	XEdDSA (libsignal)	90-day rotation	Platform Secure Storage
Signed PreKey	X25519	Weekly rotation	Platform Secure Storage
One-Time PreKey	X25519	Single use	Platform Secure Storage
PQ PreKey	ML-KEM-1024	Single use	Platform Secure Storage (via libsignal)

wp.s9.desc

Elixir PreKey Server

PreKey bundles (Signed PreKey, One-Time PreKeys, PQ PreKeys) are managed by an Elixir-based PreKey server that handles bundle distribution, one-time key depletion tracking, and automatic replenishment signaling to clients.

wp.s10.title

wp.s10.desc

wp.s11.title

wp.s11.desc

wp.s12.title

wp.th.adversary	wp.th.capability	wp.th.mitigation
Passive Observer	Intercepts all traffic	E2EE: all content encrypted
Active MITM	Modifies traffic	AES-GCM auth + XEdDSA signatures
Server Compromise	Full Firestore access	No plaintext stored; keys client-only
Quantum Computer	Breaks X25519	Hybrid PQXDH with ML-KEM-1024
Key Compromise	Obtains session key	Double Ratchet forward secrecy
Replay Attack	Resends messages	Iteration tracking + unique nonces

wp.threatCantProtect

• wp.threatDevice
• wp.threatScreenshot
• wp.threatMetadata
• wp.threatSocial

wp.s13.title

wp.th.standard	wp.th.status
NIST FIPS 203 (ML-KEM)	Implemented via libsignal-client
RFC 7748 (X25519)	Implemented
XEdDSA (Signal spec)	Implemented via libsignal-client
RFC 5869 (HKDF)	Implemented
NIST SP 800-38D (AES-GCM)	Implemented

wp.s14.title

wp.th.feature	Signal	WhatsApp	Arc
Protocol Base	Signal Protocol	Signal Protocol (licensed)	Signal Protocol (libsignal)
Post-Quantum Key Exchange	PQXDH (ML-KEM-1024, 2023)	PQXDH (via Signal Protocol)	PQXDH (ML-KEM-1024, via libsignal)
Post-Quantum Ratchet	SPQR Triple Ratchet (Oct 2025)	Not confirmed	Planned
Per-Message Signatures	DH authentication only	DH authentication only	XEdDSA (libsignal) ✦
Sealed Sender	Cert + delivery token	Not implemented	Ephemeral ECDH envelope ✦
Offline E2EE	Not supported	Not supported	BLE Mesh (Bridgefy SDK) ✦
Multi-Device	Primary + Linked	Primary + Linked	Independent keys + Key Sync ✦
Key Separation	XEdDSA conversion	XEdDSA conversion	XEdDSA (same as Signal) — unified key pair ✦
Open Source	Fully open source	Partial	Whitepaper published

wp.transparencyNote wp.transparencyDesc

wp.s15.title

wp.s15.intro

XEdDSA (libsignal)

wp.s15.aegis

Client-Side Sealed Sender

wp.s15.sealed

BLE Mesh (Bridgefy SDK Transport Encryption)

wp.s15.mesh

wp.welcome

Download PDF

Enter your details to download the Arc Protocol Whitepaper.

wp.version · Atlas Associates Inc.