bluebells / sealed-state
PRIVATE BETA · INVITED ACCESS
(BETA) INVITED ACCESS BUILD a8f3·e2c1

PROVE you were invited.

Bluebells is in closed beta. If someone gave you an access key, paste it below. The key is verified server-side and never stored on this device in cleartext.

ACCESS KEY
Your key is checked over TLS against the relay's allowlist. Each tester gets a unique, revocable code.
UNIQUE PER TESTER Each beta key is unique. Revoking one key doesn't affect anyone else.
SERVER-VERIFIED Your key is checked by the relay over TLS. We don't ship a hash list to your browser.
EXPIRES The access token expires after 7 days. You'll re-enter the key after that.
bluebells · 2026 · PRIVATE BETA · NO ACCOUNTS · NO TRACKING ● RELAY OK
BLUEBELLS / SEALED-STATE PROTOCOL / 01 ● SCROLL · POST-QUANTUM · 2026
MIT LICENSE / OPEN PROTOCOL / VERIFIABLE BUILD ● LAT --:--:--
BLUEBELLS
● LIVE · BUILD a8f3·e2c1 · RELAY OK
PREMISE HOW STACK SPEC OPEN A ROOM →
PREMISE → HOW → STACK → SPEC →
OPEN A ROOM → READ THE PROTOCOL ↗
(NEW) ENCRYPTED MESSENGER · 2026 OPEN PROTOCOL · v1.0

CONVERSATIONS no one CAN KEEP.

● BLUEBELLS · SEALED-STATE · POST-QUANTUM · ML-KEM-768 · XCHACHA20 · BLAKE3 · a8f3·e2c1·d4b5·9f07·e2c1·d4b5·a8f3·e2c1·d4b5·9f07·e2c1·

Bluebells is a messenger where every conversation is a sealed capsule: encrypted on your device, carried inside the URL itself, indexed only by keys you hold. No servers store your words. No accounts attach to your identity. Built openly. Verifiable.

OPEN A ROOM → READ THE PROTOCOL ↗
● THIS URL · IS THE CONVERSATION
v01 · BLAKE3 · XChaCha20-Poly1305 · X25519+ML-KEM-768
https://bluebells.com/r/#01.a8f3e2c1d4b59f07e2c1d4b5.07.bGFzdF9tZXNzYWdlPS4uLgXChaCha20Nm9OcG9seTEzMDV0YWcML-KEM-7680aGlzaXNlbmNyeXB0ZWQgBLAKE3cGF5bG9hZHJpbWVtYmVyaW5n
VERSION BYTE ROOM ID FLAGS SEALED PAYLOAD
The URL holds the ciphertext. Your device holds the key. Nothing else exists. FIG. 01 · CAPSULE ENCODING
01 THE PREMISE WHY THIS EXISTS

EVERY
MESSENGER
HAS A middle.
WE DON'T.

THE OLD MODEL

Every messenger before this required a company in the middle. The company held your conversation. The company could be subpoenaed, breached, or coerced into adding a backdoor. The promise of privacy lived inside someone else's machine.

THE NEW MODEL

Bluebells has no middle. The capsule lives in the URL. The keys live on your devices. We hold nothing. If something goes wrong on our end, the worst we could lose is a domain. Your conversations would still exist on your devices, encrypted, unchanged.

THE GUARANTEE

Open protocol. Reproducible build. Audited code. Published SHA-256 hashes. Mirrors on IPFS and Tor. You can run the relay yourself. You can verify the JavaScript matches the source. If you trust the math, you don't need to trust us.

02 HOW IT WORKS FOUR STEPS · NO SIGNUP
01
GENERATE

OPEN A FRESH ROOM

Click once. Your browser generates a hybrid keypair (X25519 + ML‑KEM‑768) and a fresh room ID. No account, no email, no install. The room exists the moment you make it.

02
INVITE

SHARE A ONE-USE SEED

Send a single-use seed through any channel you trust. It works once. It expires in 15 minutes. If somebody intercepts it, the legitimate consumer can't join, and you'll know to rotate.

03
TALK

MESSAGES SEAL ON YOUR DEVICE

Every message is XChaCha20‑Poly1305 encrypted under a room key only your devices hold. The URL carries the ciphertext. We can't read it. Network observers can't read it. Nobody can.

04
SEAL

CLOSE THE TAB. ROOM SLEEPS.

When you leave, the conversation rests in the URL and your local library. Reopen the link to wake it. Roll the room key anytime. Or burn it forever and the conversation becomes literally unreadable.

03 THE DIFFERENCE EVERY OTHER MESSENGER · vs · BLUEBELLS

THE OLD WAY

EVERY OTHER
MESSENGER.
YOU
→
APP
→
SERVER
→
APP
→
THEM
  • ✕A company holds your conversation in plaintext or recoverable form.
  • ✕Metadata leaks: who, when, how often, from where.
  • ✕Subpoena, breach, or coercion exposes the archive.
  • ✕You need an account, a number, or both.

THE NEW WAY

BLUEBELLS.
YOU
→
URL
→
THEM
→
SERVER
  • ●The conversation is sealed ciphertext inside the URL.
  • ●The keys never leave your devices.
  • ●Our relay sees opaque bytes for sixty seconds, then forgets.
  • ●No account, no number, no install. Just a URL.
04 IN ACTION WHAT IT LOOKS LIKE IN YOUR BROWSER
● ROOM · LIVE · 3 MEMBERS https://bluebells.com/r/#01.a8f3e2c1d4b59f07e2c1d4b5.07.bGFzdF9tZXNz... SEALED · v01
Bob · 14:02 · 9f07·e2c1
Did the seed work for you?
d4b5·a8f3 · 14:02 · You
Yeah, in the room now. Fingerprint matches what you sent over signal.
Carol · 14:03 · e2c1·d4b5
Sending the brief. Drop it in chat.
d4b5·a8f3 · 14:03 · You
📎 brief.pdf · 2.4MB · ● LIVE
Bob · 14:04 · 9f07·e2c1
Got it. Burn this room after?
MEMBERS · 3 ACTIVE
YOUd4b5·a8f3
BOB9f07·e2c1
CAROLe2c1·d4b5
ROOM KEY · EPOCH 07
ROTATES IN 21:47:03
SHARDS 02
ATTACHMENTS ● 1 LIVE
MODE FORWARD-SECURE
ACTIONS
INVITE
ROTATE KEY
BURN ROOM
05 THE NUMBERS THAT MATTER EVERYTHING IS A FACT
0
Servers storing data
The relay holds opaque bytes for 60 seconds. Nothing else.
0
Accounts required
No email, no phone, no password. Nothing exists to leak.
256bit
Symmetric keys
XChaCha20-Poly1305 across every byte of content.
192bit
Extended nonces
Zero reuse risk at any traffic volume.
768
ML-KEM module
Post-quantum KEM hybridized with X25519.
15min
Invite seed lifetime
Single-use. Auto-expires. No exceptions.
24hr
Default key rotation
Configurable from 1 hour up to 7 days.
∞
History capacity
Recursive content-addressed shard tree.
06 THE ANTI-FEATURES THINGS WE DELIBERATELY CAN'T DO
01 WE CAN READ YOUR MESSAGES. End-to-end · device-only keys
02 WE CAN IDENTIFY YOU. No accounts · no identifiers
WE CAN SEE WHO YOU TALK TO. 03 Rotating rendezvous IDs
04 WE CAN RETAIN YOUR DATA. 60-second TTL · no logs
05 WE CAN BE SUBPOENAED FOR IT. Nothing exists to hand over
06 WE CAN ADD A BACKDOOR. Open spec · reproducible build
07 THE STACK CRYPTOGRAPHIC PRIMITIVES

Bluebells is built on an open protocol. Every primitive below has been chosen for one reason: to remain unbreakable both today and after quantum computers arrive.

SYMMETRIC AEAD
XCHACHA20
POLY1305

256-bit keys, 192-bit nonces. The extended nonce eliminates reuse risk at any volume of traffic. RFC 8439.

CONSTANT-TIME · AUDITED
HASH · CONTENT ADDRESS
BLAKE3
256

Every operation, shard, and attachment is content-addressed. Identical payloads collapse to identical hashes. Deduplication for free.

> 500 MB/s · PARALLEL
KEY EXCHANGE
X25519
+ ML‑KEM‑768

Hybrid construction. Both classical and post-quantum secrets must hold. Defends against harvest-now-decrypt-later.

FIPS 203
SIGNATURES
Ed25519
+ ML‑DSA‑65

Every operation, every authority action, signed twice. Verification requires both. SLH-DSA layered for long-term integrity.

FIPS 204 · HYBRID
KEY DERIVATION
HKDF
· BLAKE3

Per-shard and per-attachment keys derived on demand from the room key plus the content hash. Nothing stored that doesn't need to be.

RFC 5869
PASSPHRASE
ARGON2id

256 MB memory, 4 iterations. Local device key wrapped under your passphrase. Deliberately expensive to brute-force.

RFC 9106 · MEMORY-HARD
08 THE OBVIOUS QUESTIONS FAQ · FROM SKEPTICS

Doesn't the URL leak everything?

The URL holds only ciphertext, a version byte, and an opaque room ID. Decryption requires the room key, which never leaves your devices. A URL screenshot reveals nothing. A URL in browser history reveals nothing.

What if I close my browser?

Your local library, encrypted under your device root key, keeps the conversation. Reopen the URL, or open the room from your library. Pair another device by QR code and the conversation follows you there.

What can your relay actually see?

Opaque bytes addressed to rotating rendezvous IDs, for up to 60 seconds, with no auth and no logs. You can run your own. You can run several at once. The protocol is designed assuming you don't trust ours.

09 OPEN A ROOM NO SIGNUP · NO DOWNLOAD · ONE CLICK

DISAPPEAR into MATH.

● OPEN · SEAL · ENCRYPT · SEND · BURN · BLUEBELLS · POST-QUANTUM · ZERO-TRACE · no servers · no accounts · no trace · no servers · no accounts · no trace ·

One click and your browser mints a fresh hybrid keypair, derives a room ID, and prints a URL. Send it to anyone, on any channel, and the conversation begins. Nobody else, including us, has any way to read it. Ever.

OPEN A ROOM → VERIFY THE BUILD ↗
BLUEBELLS

Built openly. Verifiable. Released under MIT. Mirrored on IPFS and Tor. Reproducible builds; published SHA-256 hashes. If the math is right, you don't need to trust us.

● SEALED-STATE · v1.0 · 2026

PROTOCOL

Specification Threat Model Test Vectors Changelog

BUILD

Source · GitHub Verify Hash Audit Reports Mirrors

NETWORK

Run a Relay Tor Hidden Service Security · GPG Bug Bounty
BLUEBELLS · 2026 · MIT · NO COOKIES · NO TRACKERS · NO TELEMETRY BUILD a8f3·e2c1·d4b5 · ● RELAY OK LAT --:--:-- UTC