Jack Dorsey’s Bitchat: Decentralized Promise, Centralized Security Concerns

Jack Dorsey, co-founder of Twitter and head of Block, recently unveiled his latest endeavor—Bitchat, a messaging application envisioned as a fully decentralized communication tool, independent of traditional internet infrastructure. Instead of relying on conventional networks, the app employs Bluetooth and end-to-end encryption, placing a strong emphasis on privacy and resistance to surveillance.

According to Dorsey, Bitchat is designed to be a reliable alternative to mainstream messengers, particularly in scenarios where online access is restricted or subject to top-down control. In the published announcement, the architecture, cryptographic foundations, and proposed security mechanisms are outlined. The central message underscores that the system is not built upon centralized servers and “prioritizes security.”

However, shortly after the release, a clarification appeared in the project’s GitHub description: the code had not yet undergone an independent security audit. A few days later, the developers added a warning: “This software has not been externally reviewed and may contain vulnerabilities. Do not use it in production environments.” Later, the note was amended further to read: “Work in progress.”

Criticism followed swiftly. Researcher Alex Radocea, for instance, uncovered a serious vulnerability in the identity verification system. The app stores a digital pair—a unique key and device identifier—that serves to confirm a previously trusted contact. These contacts appear as “favorites” in the interface and are marked with a star icon. However, it was discovered that an attacker could intercept this pair and impersonate another chat participant. As a result, the recipient would believe they are conversing with a verified user, while in fact, the communication is being intercepted by an impostor.

Radocea attempted to responsibly disclose the flaw by opening an issue on GitHub. Dorsey initially closed the ticket without explanation, but reopened it two days later, stating that security concerns could be reported directly through the platform.

Some developers questioned the app’s claim of supporting forward secrecy—a cryptographic feature that ensures past messages remain secure even if a key is compromised. They argued that Bitchat’s current implementation may not uphold this principle, as session keys might not be refreshed appropriately, weakening the conversation’s resilience against breaches.

Others pointed to a potential buffer overflow vulnerability—an error that can allow memory corruption and unauthorized control over device execution.

As Radocea put it, “Security is a great marketing pitch, but we should at least verify whether the keys function as promised.” He also criticized Dorsey’s approach: if it’s acknowledged that the app hasn’t undergone an audit, then the discovery of initial vulnerabilities effectively constitutes the beginning of one—and the results, in his view, are “deeply concerning.”

Dorsey himself has yet to comment—neither via social media nor in response to press inquiries.

The application remains publicly available as an open-source project. Whether it will be reengineered and subjected to a comprehensive audit remains to be seen.