# Nøbody — Press FAQ

Twenty questions journalists commonly ask, with concise, accurate answers. English only (journalist's working language). For French translations of any specific answer, write to `press[at]nobodyapp.net`.

---

## 1. How does Nøbody differ from Signal?

Signal is a messenger: a one-to-one or small-group conversation tool. Nøbody is a social network — feeds, stories, public confessions, photo challenges, friend circles — built on the same cryptographic primitives Signal uses (X25519, AES-GCM) but shaped like Instagram or BeReal, not like SMS. Where Signal requires a phone number, Nøbody requires nothing: your identity is an Ed25519 keypair generated locally on first run.

## 2. Can Nøbody see my messages?

No, and not by choice — by architecture. The server only ever receives ciphertext. Private keys are generated on the device and never leave it. Even if the server were compromised, breached, or legally seized, the attacker would hold opaque blobs. This is verifiable: the backend code is around 10,000 lines of Python and is public at https://codeberg.org/Nobodyapp/Nobody.

## 3. What happens when the police ask for data?

We provide what we have, which is: routing metadata (sender/recipient public-key IDs), timestamps, and ciphertext. We do not have plaintext, IP logs, phone numbers, real names, or any way to link an account to a person. In practice this means a warrant for a user's messages returns unreadable data. A transparency report is published annually on the website.

## 4. How do you make money?

We don't, on purpose. There are no ads, no trackers, no analytics, no paid tier, no "premium" features. Hosting costs are under 50 EUR per month. The project runs on donations (Liberapay, GitHub Sponsors, Bitcoin, Monero) and the developer's own time. The business model is: the project exists because it should exist.

## 5. Why AGPL-3.0 and not MIT?

AGPL prevents a SaaS operator from taking the code, running a closed clone, and not contributing changes back. MIT would allow exactly that. A privacy-focused project especially needs to guarantee that any fork claiming to be Nøbody-compatible publishes its server code so users can verify the zero-knowledge claim. AGPL makes that enforceable.

## 6. Why do you support Tor?

Because not everyone can safely connect to the regular internet, and because IP addresses are the metadata we cannot strip at the crypto layer — they exist at the network layer. Routing through Tor removes that last identifier. The backend publishes an onion service address, and the Android app has a built-in Tor toggle (using the Orbot integration pattern where available).

## 7. What about iOS?

In development, no committed release date. Flutter gives us a single codebase, but App Store review policies and the absence of a sideloading path make the privacy guarantees harder to communicate honestly on iOS. We will release when we're satisfied the iOS build matches the Android build's privacy properties.

## 8. How do you prevent abuse if you see nothing?

Several layers, all privacy-compatible:

- **Per-account rate limits** server-side on posts, messages, reports, friend requests.
- **Client-side reporting:** users can report content; the reporter's device includes the decrypted offending content in the report payload.
- **Public-key-based reputation:** repeat offenders' identity keys can be blocklisted without ever knowing who they are.
- **Open moderation logs:** aggregate action counts are published in the transparency report.

Abuse handling is slower and coarser than on surveillance-based networks. We accept that trade-off.

## 9. Is it really anonymous if I need internet?

Network anonymity and cryptographic anonymity are different threat models. At the crypto layer, your account is a random 32-byte public key — no human information is attached. At the network layer, your ISP can see you're connected to api.nobodyapp.net. Tor support exists precisely to address that. For threat models that don't include nation-state adversaries, the app's baseline anonymity (no phone number, no email, no real name) is already dramatically stronger than any mainstream alternative.

## 10. What if I lose my phone?

You lose your account. Because we don't hold any credentials on the server, there is no password-reset flow — a password reset would by definition mean we had a way to create a new private key for your identity, which would destroy the zero-knowledge guarantee. In v1.6 we added an optional **encrypted backup** feature: your keys and data are encrypted locally with a passphrase you choose, and the ciphertext can be stored anywhere (cloud, USB, paper). Without that backup, a lost phone is a lost account.

## 11. Who is behind Nøbody?

A solo developer, Maksim Trikic, based in Paris. Independent, no investors, no corporate sponsor. The company is a French micro-entreprise registered for invoicing donations and handling the occasional legal notice. Full contact info is in `contact.md`.

## 12. When did it launch?

The first public version (v1.0) shipped in June 2025. End-to-end encryption was added in v2.0 in December 2025. The current release (v1.6.0, April 2026) is the FOSS-milestone version: relicensed to AGPL-3.0, UnifiedPush push-notification support, Tor routing, and own F-Droid repo.

## 13. Why the name "Nøbody"?

It captures the intended user experience: you are nobody to the server, to the network, and to anyone who cannot personally identify you from what you choose to share. The slashed-O is both a typographic nod to zero and a visual nod to a null set — nothing here.

## 14. What user metrics do you publish?

Aggregate, non-identifying counts: daily active connections, posts per day, messages per day, reports handled. Published in the transparency report. We do not track individuals; the numbers come from ephemeral server counters that roll over each day.

## 15. Is the code actually being audited?

The codebase is published and auditable. A formal third-party security audit is planned for late 2026; no firm has been commissioned yet. In the meantime, the cryptographic layer has 73 unit tests covering key agreement, encryption round-trips, padding correctness, and signature verification. Community review via Codeberg issues is welcome and has already caught several bugs.

## 16. Does Nøbody work in countries with internet restrictions?

Partially. Tor integration helps against ISP-level blocks that don't extend to Tor itself. In countries that block Tor entirely, we recommend pluggable transports (Snowflake, obfs4) in the external Orbot-style clients the app can pair with. We do not run obfuscation bridges ourselves, but we don't block users who arrive via them.

## 17. Can you be forced to add a backdoor?

The project is AGPL-3.0 and the source is public, so a backdoor in a shipped build would be detectable by anyone rebuilding from source and comparing hashes — exactly the kind of reproducible-build property F-Droid enforces. The project is based in France, which at present has no mandatory key-escrow law. If legal pressure ever required a secret backdoor, the developer's stated policy is to shut the project down publicly rather than ship a compromised version.

## 18. What about the "nothing to hide" argument?

We think it's a bad argument because it conflates what you want the government to see with what you want advertisers, ex-partners, employers, insurance companies, data brokers, and future leak databases to see. Privacy isn't about hiding wrongdoing; it's about setting the audience for each thing you say. Nøbody lets you set that audience to "just my circle" or "actually nobody" with cryptographic enforcement rather than a platform's promise.

## 19. How big is the team / community?

Development: one person (Maksim Trikic). Translation contributors: roughly a dozen volunteers across the eight supported languages, credited in-app. User community: active on Codeberg Issues, Matrix (`#nobody:matrix.org`), and via email. Monthly active user counts are deliberately not published — we don't track them at the user level.

## 20. What's next?

Short-term (next two releases): iOS beta, group video calls (E2E via mesh of pairwise channels), richer circles (co-owned circles, invite-link expiry). Medium-term: a formal cryptographic audit. Long-term: federation between independently hosted Nøbody servers via a zero-knowledge routing protocol, so no single operator becomes a central point. No blockchain, no token, no "Web3" marketing.