Matrix Vs XMPP Vs Keybase

Hi, i was selecting a new app to chat on (I started hate wire) and I stuck between these 3 apps because I feel all fit my needs and I want just use one of them so if you were me, what chat app (or protocol, name it as you want) you will use ?

PS: I want it to respect privacy ofc (so which one is more privacy-respecting) and want it to be suitable for teamwork, looks moderns and support calls (like modern chat apps) — Also is keybase encrypt chat by default? If i just created an account and made my friend join me, our conversation encrypted, or I need to add a PGP key or enable setting in our chat?

For instant messaging, we (as InfoSec Handbook) recommend Signal in the first instance. Regarding your suggestions:

  • XMPP: Offers an open protocol, however, the usability depends on the client you use and the server you choose. Then, OMEMO (for modern E2EE) is still not finished and some people assume that it won’t ever become a standard due to the upcoming MLS. Finally, there is the issue that the admin can see and modify nearly everything as written in this article So we recommend to use XMPP only if you run your own trusted server.
  • Matrix: This is quite similar to XMPP with the difference that the network is still centralized to a certain degree although it offers decentralization. (See breach). Interestingly, people who love Matrix seem to hate XMPP and vice versa.
  • Keybase: This is a centralized service that widely adopted E2EE. Due to the centralized nature, there are official clients that ensure the same user experience for everybody. However, some people don’t like that it is hosted on Amazon AWS, and that the server part is obviously proprietary. Then, Keybase offers much more than only instant messaging (Git, proofs, XLM wallet), so it could be overkill if you only need an instant messenger.

If you think of privacy as “comes with most encryption”, then it is obviously Keybase. If you think of it as “doesn’t collect metadata”, then you clearly need to run your own XMPP or Matrix server since nobody can check this without accessing the server.

Yes. A technical description is available here. This page also mentions limitations like no forward secrecy if you don’t use “exploding messages”.

This is a really old myth about Keybase. Years ago, Keybase was an OpenPGP wrapper that tried to make using OpenPGP easier. Back then, people needed to add OpenPGP keys. Nowadays, you can use Keybase without any OpenPGP key. Keybase generates an NaCl key pair on your client and uses these NaCl keys for encryption/decryption. You don’t need any OpenPGP keys.



Keybase doesn’t have calls. And mobile app is slow.

Try all of them and then decide.

1 Like

2 posts were merged into an existing topic: Discussion: Signal

i did and i loved keybase and i found a way to calls actually (use

Jitsi can be integrated into Keybase?

I know there are privacy concerns but since all my friends and family have Whatsapp, I’m forced to use Whatsapp. I have Signal installed on my phone but only four of my contacts also have Signal. As such, I don’t use Signal. I’m kind of curious how others are making these privacy decisions in a vacuum without considering what their peers are willing to use.

nope, i use their website…?!

Easy, if all my peers decide to use WhatsApp, or Facebook Messenger, or Facebook, they simply can’t contact me there.

My friends and family have my number, email, and other messenger service information and can use them instead.


Well, i was like you in past, my friends not want move to other services just they use FB and what’sapp and they force me into things so i said f*ck it i’m moving and people who’s really care about me they will move too so yeah just move and friends whos love you they will move with you (maybe you say it dummy thing but it works with me, and i lost a lot of friends by this :joy: but i not call 'em friends tho)

Well, it took me long enough to get my family and friends to use Whatsapp so we could have group messaging. I applaud your commitment and wish you the best of luck in your transition.

1 Like