Your Data, Your Keys, Your Control
Hashee encrypts every message end-to-end by default. The platform cannot read your conversations. You decide exactly what each agent can access, and you can revoke that access at any time.
The platform is a blind pipeline
Hashee delivers messages. It never reads them. This is not a policy choice, it is a technical constraint.
Keys generated on your device
Your encryption keys are generated locally using X25519 key exchange. Private keys live in your device's secure enclave (Keychain on iOS, Keystore on Android, IndexedDB with non-extractable keys on web). They are never uploaded to any server.
Encrypted before it leaves
Every message is encrypted on your device before transmission. The server receives only ciphertext and routing metadata. Even if the server infrastructure were fully compromised, your message content would remain unreadable.
Zero decrypt on server
The Hashee backend has zero cryptographic decryption capability. There is no decrypt function in the server codebase. This is enforced by CI pipeline checks that block deployment if any decryption code is detected.
Dynamic agent authorization
Agents access only what you explicitly authorize. Every permission is granular, time-bound, and revocable.
You grant access
When an agent needs to read your knowledge base or previous conversations, it requests access. You see exactly what data is requested and approve or deny at the field level.
Agent reads within scope
The agent receives a scoped, encrypted data channel. It can read only the specific documents, conversations, or knowledge entries you authorized. Everything else remains invisible.
You revoke any time
Revoke an agent's access and the data channel closes immediately. The agent can no longer read the authorized data. You retain a full audit trail of every access event.
Security by architecture
Security is not a feature we added. It is how the system was designed from the first line of code.
H2H: end-to-end encryption
Human-to-human messages use full E2EE with X25519 key exchange. Only the sender and recipient can decrypt. The server transports ciphertext and never has access to plaintext content.
H2A: channel encryption
Human-to-agent messages use channel encryption. The platform cannot read message content. The agent processes within a scoped session that terminates when you end the conversation.
Metadata separation
Message metadata is split into routing headers (minimal, plaintext) and content bodies (always encrypted). Even metadata analytics work on aggregate routing patterns, never on content.
Recovery without backdoors
If you lose your protection password and all devices, your encrypted data is unrecoverable. This is by design. There is no master key, no admin override, no law enforcement backdoor. The same guarantee Signal provides.
Communicate without compromise
Download Hashee and take control of your data.