Free during beta · Open source

Signal-level
encryption
for any app.

One API key. One hook. Encrypt messages, files, forms, and any sensitive data — your server never sees the plaintext. No crypto expertise required.

No credit card·Apache 2.0 SDK·Self-hostable
Key exchange: X25519
Encryption: XSalsa20
Auth: Poly1305
KDF: BLAKE2b
yourapp.com/chat — e2e active
live encryption
plaintext
IN
Hello Bob!
OUT
Hello Bob!
server sees ciphertext only
Encrypted Chat
live
A
Alice
e2e encrypted
Hey, can you send the contract?
Sure, encrypting now 🔒
Got it. Only we can read this.
server sees → Xk9mR2+vN8qPzLwYeJ4h...
1-to-1 & group messaging
libsodiumX25519 ECDHXSalsa20-Poly1305Double RatchetForward secrecyZero-knowledge relayApache 2.0 SDKlibsodiumX25519 ECDHXSalsa20-Poly1305Double RatchetForward secrecyZero-knowledge relayApache 2.0 SDK
< 5 minto first encrypted message
0plaintext on your server
Apache 2.0open source SDK
The problem

Adding encryption is hard.
Getting it right is harder.

Most teams skip encryption or implement it wrong — leaving data exposed on the server. Encra makes the secure path the easy path.

Roll your own crypto

Months of work, catastrophically easy to get wrong

Plaintext in database

One breach = all user data exposed

Encrypt-then-store

Server holds the keys = server reads everything

Encra

Zero-knowledge by default, 5-minute integration

Integration

Up and running in four steps

From API key to encrypted messages in minutes — not months.

  1. 01

    Get your API key

    Sign up free — no credit card. Create a key from the dashboard in under 30 seconds.

  2. 02

    Install

    One package for React apps. Node.js can use @encra/core directly.

    bash
    npm install @encra/react
  3. 03

    Drop in a hook

    Same pattern for chat, files, and forms — swap the hook name only.

    tsx
    const { sendMessage } = useE2EChat({
      apiKey: process.env.NEXT_PUBLIC_ENCRA_KEY,
      userId: currentUser.id,
    })
  4. 04

    Ship

    Your users get Signal-level encryption. They never know it's there.

~5 minutes from install to first encrypted message.

Open quickstart
Capabilities

The same primitives as Signal

Not marketing fluff. Auditable algorithms, open source, no compromises.

Double Ratchet

Every payload uses a unique one-time key. Compromise today cannot decrypt yesterday.

Zero-knowledge server

Private keys never leave the device. The server stores public keys and ciphertext only.

Forward secrecy

Keys are deleted after use. Past messages stay safe even if today's key leaks.

Drop-in hooks

useE2EChat(), useE2EFile(), useE2EForm() — one pattern for every use case.

Self-hostable

Run the key server on your infra. Full control, no dependency on Encra cloud.

Universal SDK

React, Node.js, and React Native — same @encra/core everywhere you ship.

Zero trust

Your server sees
Xk9mR2+vN8qPzLw...
not your data.

Private keys are generated on device and never transmitted. The server stores public keys and encrypted blobs — mathematically guaranteed, not policy.

How it works
Your device

sensitiveData

plaintext — never leaves device

→ encrypt()

Double Ratchet

unique key per payload

Server

Xk9mR2+vN8qPzLw...

opaque blob — server is blind

→ decrypt()

Double Ratchet

only recipient can decrypt

Recipient

sensitiveData

plaintext restored

Roadmap

Not just chat. Encrypt anything.

One SDK, one key server, one API pattern. Start with chat, expand as you grow.

Messaging

useE2EChat()

1-to-1 messages

live
useE2EGroup()

Group messages

soon
useE2EPresence()

Typing / online status

soon
useE2EDisappearing()

Message TTL

soon
useE2ENotification()

Push notifications

soon
useE2ESearch()

Local encrypted search

soon

Data & Storage

useE2EFile()

File & media upload

live
useE2EForm()

Form submissions

live
useE2EField()

Single field encrypt

soon

Identity

useEncra()

Base instance

soon
useE2EVerify()

Identity verification

soon
useE2EBackup()

Multi-device support

soon

Enterprise

useE2EAudit()

Compliance logging

soon
useE2ESession()

Session management

soon

Open source and auditable

SDK, crypto primitives, and React hooks are Apache 2.0. Read the source, verify the implementation, contribute.

Free during beta

Privacy by default.
Ship it today.

Add Signal-level encryption to any data in your app. No crypto PhD required.

Encra AI

Ask me anything · docs, code, troubleshooting

Hi, I'm Encra AI

I can explain concepts, generate starter code, troubleshoot errors, and guide your setup.

May make mistakes · verify critical crypto details