How MeshCore keeps messages safe
MeshCore protects your communications through proven encryption, decentralised architecture, and transparent open-source code.
Security as foundation, not feature
Emergency communications often involve sensitive content: your location during evacuation, your family's whereabouts, coordination with neighbours. MeshCore was engineered with security as a core architectural principle, not a marketing afterthought.
Messages travel via LoRa radio through a decentralised mesh. No central servers store your data. No company can hand over what it does not possess. Security emerges from the system design itself.
LocalMesh helps communities across Britain establish secure, resilient emergency communications. Independent, free, built on cryptographic foundations trusted worldwide.
Security architecture
Current private-message encryption
Private messages are encrypted in the current MeshCore implementation, which the upstream source and docs describe as AES-128 block encryption with MAC validation.
Secure key exchange
Encryption keys are established securely between devices. Each conversation uses unique keys held only by participants.
Serverless architecture
No central servers exist to store, analyse, or surrender messages. Data travels directly between devices.
Encrypted relay
Intermediate nodes relay private traffic without normally exposing the plain message content to the wider network.
Open source verification
Every line of code is public. Security researchers audit for vulnerabilities. Transparency builds trust.
No hidden access
Public code means no secret backdoors. Community verification ensures no surveillance mechanisms exist.
Technical security mechanisms
Private-traffic protection
Private traffic is encrypted before transmission. That offers meaningful protection on radio, even though LocalMesh does not describe the current MeshCore model as classic end-to-end encryption in the Signal sense.
Distributed trust
No single point controls security. Even if individual nodes are compromised, the overall system remains secure.
Shared-secret model
The current design is built around shared secrets and protocol encryption, not around a full modern forward-secrecy messaging model.
Integrity verification
Cryptographic checksums detect any tampering during transmission. Modified messages are identified and rejected.
Security advantages
Better than open radio
Private MeshCore traffic is meaningfully better protected than unencrypted radio traffic, even if the current implementation should be described more carefully than old AES-256 marketing language suggested.
No corporate visibility
Unlike WhatsApp or iMessage, no company infrastructure handles your traffic. No terms of service changes can expose your data.
Device-Based keys
Encryption keys never leave your device. Security depends on your hardware, not external services.
Verifiable claims
Open-source code means security experts worldwide can verify every claim. No trust required – verify instead.
Resistant to blocking
Decentralised architecture prevents shutdown or filtering. No central point to target.
Offline security
Encryption works without internet connection. Full protection even during complete infrastructure failure.
When security matters most
-
✓
Crisis coordination: Share sensitive location and status information without interception concerns.
-
✓
Family privacy: Keep personal conversations genuinely private, away from commercial platforms.
-
✓
Organisational resilience: Maintain confidential internal communications when regular systems fail.
-
✓
Community organisation: Coordinate neighbourhood response without surveillance concerns.
-
✓
Sensitive circumstances: When discretion matters, MeshCore provides genuine confidentiality.
-
✓
Peace of mind: Know your communications are protected by established cryptographic standards.
Security questions
Is MeshCore encryption genuinely useful?
Yes, it is useful and materially better than sending everything in the clear. But LocalMesh now describes it more carefully: the current implementation uses AES-128 block encryption with MAC validation, not the older AES-256 wording that appeared on some pages.
Could authorities access my messages?
Private message content is encrypted, so captured traffic is not simply readable by default. Public channel messages, however, are visible to participants on that channel.
What about metadata exposure?
Metadata (who contacts whom, when, from where) is more visible than content. For maximum privacy, use pseudonymous identities and disable automatic location sharing.
Is open-source actually more secure?
Generally yes. Proprietary software requires trusting the company. Open-source enables independent verification by security experts. Transparency provides stronger assurance than promises.
What if my device is stolen?
Device physical security is your responsibility. Protect with PIN or password. Without access to your unlocked device, stored messages remain encrypted.
How does this compare to Signal or WhatsApp?
Signal and WhatsApp encrypt message content but require internet and transit company servers. MeshCore works without internet and has no company servers. Different trade-offs, but MeshCore offers greater infrastructure independence.
Communications you can trust
MeshCore offers meaningful privacy advantages for emergency communications: no central servers, no company in the middle, and private traffic that is actually encrypted. That is worth having, even while being precise about what the current implementation does and does not claim.