Zhi - A Truely End-to-End Encrypted Instant Messaging App
纸,一个真正的端到端加密的聊天应用

iOS
Android
Mac
Windows
Web
What are the differences between Zhi and messaging apps like WhatsApp, Signal, and Telegram?

Please read Are WhatsApp, Signal, Telegram really end-to-end encrypted? for more details.

Zhi 与 WhatsApp,Signal, Telegram 有什么区别?

请阅读WhatsApp, Signal, Telegram 真的是端到端加密的吗?来了解详情。

How do I verify the end-to-end encryption of Zhi?

All of Zhi's upstream API can be easily audited. Zhi Upstream API Documentation

我如何验证 Zhi 的端到端加密?

Zhi 所有上传数据都是可以很容易审计的。Zhi Upstream API Documentation

What about metadata?

Zhi uses random UUID to replace metadata; for details, please read: Zhi Upstream API Documentation

关于 Meta 数据呢?

纸使用随机性的 UUID 来替代元数据,具体请查看:Zhi Upstream API Documentation

What about Push Notification?

As we know, as an instant messaging app, we need to implement push notifications. On the Apple platform: We must choose Apple APN (Apple Push Notification service). On the Android platform: We almost have no choice but to use Google FCM (Firebase Cloud Messaging). On the Web platform: Currently, we are only developing and doing compatibility testing on Chrome. To implement push notifications, we must use Google GCM (Google Cloud Messaging). Accessing: chrome://gcm-internals/. Because Zhi server cannot decrypt messages, when there is a new message, we can only push a bland "New Message" string to the push service, which then sends it to the user's device. Therefore, neither Apple nor Google can decrypt your messages. For details, please read: Zhi Upstream API Documentation

关于消息推送呢?

我们知道,作为即时通讯应用,我们需要实现推送通知。在苹果平台上:我们必须选择苹果APN(Apple Push Notification service)。在安卓平台上:我们几乎别无选择,只能使用谷歌FCM(Firebase Cloud Messaging)。在 Web 平台上:目前,我们仅对 Chrome 进行兼容性测试。为了实现推送通知,我们必须使用谷歌GCM(Google Cloud Messaging)。访问:chrome://gcm-internals/。因为纸服务器无法解密消息,当有新消息时,我们只能推送一个简单的 "New Message" 字符串到推送服务,然后由其发送到用户的设备。因此,无论是苹果还是谷歌都无法解密你的消息。具体请查看:Zhi Upstream API Documentation

Are images, videos, and files etc also end-to-end encrypted?

Just like messages, also encrypted with your Chat Key before transmission. For details, please read: Zhi Upstream API Documentation

图片,视频,文件等也是端到端加密的吗?

像消息一样,在传输前也用你的 Chat Key 进行了加密。具体请查看:Zhi Upstream API Documentation

Is Zhi Meeting also end-to-end encrypted?

We use standard WebRTC technology to implement Meeting. We know that WebRTC is end-to-end encrypted, STUN and TURN will not break WebRTC's end-to-end encryption. And we enforce the use of TURN, so when you have a Meeting with other members, the other members are not able to know your IP. Because the key negotiation for WebRTC is achieved through signaling interaction. Therefore, it's essential to ensure the security of the signaling being transmitted. Don't worry, all your signaling, just like the messages above, is also encrypted with your Chat Key before transmission. For details, please read: Zhi Upstream API Documentation

纸的视频会议也是端到端加密的吗?

我们使用标准的 WebRTC 技术来实现 Meeting。我们知道 WebRTC 是端到端加密的,STUN 和 TURN 也不会破坏 WebRTC 的端到端加密。我们强制使用 TURN,所以当你和其他成员进行 Meeting 时,其他成员无法知道你的 IP。因为 WebRTC 的密钥协商是通过信令交互完成的。因此,确保传输信令安全至关重要。不用担心,所有的信令,就像上面的消息一样,在传输前也用你的 Chat Key 进行了加密。具体请查看:Zhi Upstream API Documentation

Will Zhi Meeting expose my IP to other members?

We use standard WebRTC technology to implement Meeting. We know that WebRTC is end-to-end encrypted, STUN and TURN will not break WebRTC's end-to-end encryption. And we enforce the use of TURN, so when you have a Meeting with other members, the other members are not able to know your IP. Because the key negotiation for WebRTC is achieved through signaling interaction. Therefore, it's essential to ensure the security of the signaling being transmitted. Don't worry, all your signaling, just like the messages above, is also encrypted with your Chat Key before transmission. For details, please read: Zhi Upstream API Documentation

Zhi Meeting 会向其他成员暴露我的 IP 吗?

我们使用标准的 WebRTC 技术来实现 Meeting。我们知道 WebRTC 是端到端加密的,STUN 和 TURN 也不会破坏 WebRTC 的端到端加密。我们强制使用 TURN,所以当你和其他成员进行 Meeting 时,其他成员无法知道你的 IP。因为 WebRTC 的密钥协商是通过信令交互完成的。因此,确保传输信令安全至关重要。不用担心,所有的信令,就像上面的消息一样,在传输前也用你的 Chat Key 进行了加密。具体请查看:Zhi Upstream API Documentation

Using Apple's IAP, will my information be exposed?

No. We only pass a transaction ID upstream. For details, please read: Zhi Upstream API Documentation

用苹果的 IAP 会暴露我的信息吗?

不会。我们仅能向上游传递一个交易 ID。具体请查看:Zhi Upstream API Documentation

Can I register an account anonymously?

Certainly. To prevent malicious use of resources, Zhi accepts email registrations by default. Of course, we also support the creation of anonymous accounts. Click here to create an anonymous account with BTC.

我可以匿名注册账号吗?

当然可以。为了防止恶意占用资源,默认 纸 接受邮箱注册。当然我们也支持创建匿名账号,点此使用 BTC 创建一个匿名账号。

How are messages stored locally and on the server?

Messages are stored on the local device. When forwarding the encrypted messages of a Chat, for free users the server will by default save them for 7 days to facilitate the users retrieving messages from the server when they come online from being offline or at other times. Note: The server's cleanup mechanism runs a scheduled cleanup task. If it is detected during the run that there are no Zhi Plus users in the Chat, the encrypted messages from more than 7 days prior within the Chat will be cleared, in order to release the server resources occupied. At the same time, if all members exit the Chat, the encrypted messages related to the Chat will also be cleared periodically.

消息在本地和服务端怎么存储?

消息会存储到本地设备。服务器在转发 Chat 的加密后的消息时,针对免费用户默认会保存 7 天,以方便用户从离线到上线时或其他时候再次从服务端拉取消息。服务端无限期保存 Zhi Plus 用户所在 Chat 的加密后的消息。注意:服务端的清理机制是定时运行清理任务,如果运行时发现 Chat 内没有 Zhi Plus 用户,则会清理 Chat 的 7 天之前的加密后的消息,以释放占用的服务器资源。同时如果所有成员都退出了 Chat,那么 Chat 相关的加密后的消息也会被周期性清除。

Can others know if they and I are in two Chats at the same time?

Chats are isolated from one another, meaning that even if Huluwa and Snake are both in Chat A and also in Chat B, they cannot know that they are in both chats at the same time.

其他人能够知道他和我同时在两个 Chat 里吗?

Chat 之间互相隔离,即使葫芦娃与蛇精同时在 Chat A 里,也同时在 Chat B 里,葫芦娃和蛇精也无法知道对方与自己同时在两个 Chat 里。

Why is the software package so large?

Because we have embedded font files that are about 100+MB in size.

为什么软件包那么大?

因为我们嵌入约 100+M 大小的字体文件。

Make sure your system time is correct.

The system time deviation should not exceed 30 seconds.

确保你的系统时间正确。

系统时间误差不能超过 30 秒。

Why can't I receive the verification code by email?

Many people often have their email address typed wrong, remember to check carefully. Also don't forget to check the spam mailbox. If you still cannot receive the verification code after 5 minutes, it may be that your network cannot access our API server. You can try another network. If you are using Microsoft's mailbox, users around the world generally report that they will lose emails without any notification. Alternatively, because you once marked our emails as spam, we have added your email address to our suppression list.

为什么邮箱收不到验证码

很多人会输错邮件地址,记得仔细检查下,同时不要忘记检查垃圾箱。如果五分钟仍然收不到验证码,可能是你的网络无法访问我们的 API 服务器,可以尝试换个网络,比如用 Wi-Fi 或 4G。如果你正在用微软的邮箱,全球用户普遍反馈会无任何通知丢邮件。或者因为你曾经将我们的邮件标记为垃圾邮件,所以我们把你的邮箱地址加入到了我们的黑名单里。

Can I receive notifications on macOS clients like I can on iOS clients?

Yes. When asked for push permission for the first time, you can click Allow in the upper right corner. Of course, you can also enable it later in System Settings - Notifications - Application Notifications - Zhi - Allow notifications.

macOS 客户端上可以像 iOS 客户端一样接收通知吗?

可以。初次询问推送权限时,在右上角可以点击允许。当然也可以后续在 System Settings - Notifications - Application Notifications - Zhi - Allow notifications 开启。

Can I delete my account?

Yes. If you already have a subscription, don't forget to unsubscribe first. Delete Account

我可以删除我的账号吗?

可以。如果你有订阅,不要忘记取消。删除账号

Contact

cloud@txthinking.com.

联系

cloud@txthinking.com