How My Team from Risevest Academy and I Built an End-to-End Encrypted Messaging App in 3 Weeks

We were each asked to come up with an Idea of a project we would like to build. I have always wondered what the tech behind messaging platforms is like, so for me it was easy. Build a secure messaging platform. After a bit of research, I thought I understood what that meant. After the past three weeks, having built something I'm really proud of, I can tell you that I had no idea what I was getting into. Not in a bad way, but in a way that meant I was bound to learn.

This is the story of how a team of four backend developers built a real-time, end-to-end encrypted messaging platform with WebSocket messaging, media sharing, push notifications, and a functioning encryption layer.

Where We Started

The idea was initially simple; build something like WhatsApp, but with privacy as the foundation. Messages had to be encrypted on the sender's device and decrypted only on the recipient's. So not even our servers could reach the messages.

That last requirement changed everything about how my vision for the system looked. Building a simple CRUD app is relatively easy, REST APIs, maybe a real-time feature here and there. E2EE is a different ball game entirely. It forces you to think about different boundaries, what does the server know? What should it know? And what is off limit?