Slack channels hum with sensitive strategy sessions. Google Docs hold draft contracts and patient records. Discord servers coordinate everything from game nights to activist campaigns. Yet in nearly all these tools, the companies behind them can read the data. A new project from veterans of the Signal Foundation aims to change that.
From Messaging Pipes to Collaborative Spaces
The effort, called Encrypted Spaces, offers open-source libraries that let developers construct applications with full end-to-end encryption while preserving the rich, shared editing and group features users expect. Released in preview on June 11, the system shifts the model from simple encrypted pipes that relay messages to persistent “spaces” where servers store data but cannot inspect it.
Trevor Perrin, co-creator of the Signal Protocol, drove much of the thinking. Years ago his team upgraded Signal’s group chats with anonymous credentials and zero-knowledge proofs. “If we’re doing this encryption for the membership list in this very consistent, nice, provable way, why couldn’t we just kind of do this for everything?” Perrin asked, according to a report in WIRED. “Why can’t we have end-to-end encryption in all the apps we use?” added Greg Zaverucha of Microsoft Research.
The answer they settled on rests on change logs and zero-knowledge proofs. Every modification to a document or conversation gets recorded. The server rolls those changes into succinct cryptographic proofs. Clients verify the proofs, confirm the server applied updates correctly, and reconstruct the current state without downloading the entire history. But. The server never sees plaintext. It cannot peek at the content or alter it undetected.
Nora Trapp, a former technical lead at the Signal Foundation now at Harvard’s Applied Social Media Lab, described the goal plainly. “We want to provide the technological surface area for developers to build all these apps in a privacy-preserving way.” She told WIRED, “You can think of it as the Signal protocol for collaboration apps,” echoed Johns Hopkins cryptography professor Matt Green.
Trapp went further. “We have a general expectation of privacy in our real lives in the physical world. We should be afforded that same right in the digital world. I hope that this just becomes how all apps work: that we have end-to-end encryption on every app on our phone and that it’s a sort of de facto standard, and it just helps reinforce that privacy is normal.”
The project lists contributors including Michele Orrù of CNRS in Paris, who focuses on privacy-preserving systems that limit long-term storage of personal data. Microsoft Research’s cryptography group and Harvard’s Berkman Klein Center provided close collaboration. Mary Gray, an anthropologist and technologist at Microsoft Research, leads outreach to Bay Area community and social-service organizations to build prototypes. The team released code on GitHub at github.com/encrypted-spaces and maintains a site at encryptedspaces.org.
A prototype sync engine mimics the interface of Firebase or Supabase. Developers define data schemas in Rust or similar languages. Tables, lists, and text areas behave like local objects yet rest on encrypted, verifiable storage. Inserts, updates, and deletes carry cryptographic attribution. Membership changes, key rotations, and access controls all happen under zero-knowledge guarantees. New invitees can receive only post-joining data if the group chooses. Or they can get the full history.
This matters. Current collaboration platforms encrypt data at rest and in transit. They do not protect against the service provider itself. Law enforcement demands, insider threats, or breaches expose everything. Recent regulatory scrutiny of ephemeral messaging in tools like Slack and Google Chat during investigations shows how central servers retain control, per a FTC policy update from 2024.
Slack itself offers enterprise key management for some customers, allowing organizations to hold their own keys. Yet the company still processes data. True end-to-end encryption removes that possibility. Earlier experiments, such as a 2018 Slack overlay called Shhlack reported by Vice, remained niche. Existing privacy-focused alternatives like CryptPad or certain Proton tools cover limited use cases but lack the breadth of commercial platforms.
Encrypted Spaces seeks to close that gap. Its designers emphasize that neither users nor average developers need to touch the cryptography. The libraries handle proofs, key management, and verification. Applications built on top simply read and write structured data. The server acts as an untrusted coordinator that synchronizes state and answers queries only on encrypted fields the schema exposes.
Challenges remain. Performance for very large documents or high-frequency edits needs testing at scale. Voice, search, and advanced formatting still sit outside the current research prototype. Legal and regulatory questions loom too. Governments uneasy about encrypted communications have pushed for backdoors or sovereign alternatives, as seen in European moves toward Matrix-based government messengers reported by Lawfare in May 2026.
Yet the timing feels potent. Post-quantum upgrades to the Signal Protocol, including the Sparse Post Quantum Ratchet detailed in Signal’s own blog, show the community continues hardening core primitives. Enterprise demand for verifiable privacy grows as data breaches mount and AI training on cloud content raises new alarms.
Andy Greenberg of WIRED noted the project’s potential in his coverage. It could make end-to-end encryption the default for a new generation of collaboration apps the same way the Signal protocol secured messaging for billions. Trapp and her colleagues invite cryptographers and developers to review the code and experiment. They plan further prototypes with community partners.
So the work sits at an early but deliberate stage. A research preview. Not production software. Still, the architecture attacks a concrete problem: servers hold immense power over modern work, and users rarely notice until that power gets abused. By moving verification into the hands of participants, Encrypted Spaces tries to restore balance without sacrificing the collaboration that cloud tools made possible.
Whether developers adopt these libraries at scale will decide its impact. If they do, future Slack competitors or Google Docs alternatives could ship with encryption that even their makers cannot bypass. The team behind it believes that outcome should be normal. Not exceptional.
WebProNews is an iEntry Publication