The Power of Peer-to-Peer (P2P)

Understand how your messages and calls travel directly between devices, bypassing central servers.

Most messaging apps today use a client-server model. When you send a message, it travels from your device to a company's
server, and then from that server to your contact's device. This central server acts as a middleman for every piece of
communication.

Project Mercury is different. It primarily uses a peer-to-peer (P2P) architecture.

What is a P2P Connection?

A P2P connection is a direct communication link between two devices on the internet. Once established, data flows
directly from your device to your contact's device, without passing through a central server.

Think of it like having a private, encrypted tunnel connecting you directly to your friend.

How is a P2P Connection Established?

Since devices on the internet don't know each other's addresses (IP addresses), they need a little help to find each
other initially. This is where the signaling server comes in.

  1. Login: When you start Mercury, it connects to the signaling server and says, "I am User A, and I'm online."
  2. Initiation: When you want to message User B, your app sends a message through the signaling server: "User A
    wants to connect to User B."
  3. Negotiation (ICE): The signaling server relays messages back and forth between your devices. These messages
    contain network information (like possible IP addresses and ports), but not your actual conversation. This process,
    called Interactive Connectivity Establishment (ICE), allows your devices to figure out the best way to connect
    directly.
  4. Direct Connection: Once your devices have found each other, they establish a secure, end-to-end encrypted DTLS
    tunnel.
  5. Communication: All subsequent messages and calls flow through this direct P2P tunnel. The signaling server is no
    longer involved.

Why is P2P Better for Privacy?

  1. No Middleman: By removing the central server from the conversation path, we eliminate the single biggest point of
    failure and surveillance. There is no central hub where all messages are collected.

  2. Reduced Metadata: A server-based model inherently collects metadata: who you talked to, when, for how long, from
    what location, etc. In a P2P model, this metadata is only known to the two participants in the conversation. The
    signaling server only knows that you attempted to connect to someone, but it doesn't know if you were successful or
    how long you communicated for.

  3. Increased Resilience: P2P systems are inherently more resilient. If our signaling server goes down, existing
    conversations are not affected. While new connections can't be established until it's back online, the system doesn't
    have a single point of failure for all communication.

In cases where a direct P2P connection is impossible (due to very restrictive firewalls), communication may be relayed
through a TURN server. However, even in this case, the data remains end-to-end encrypted, and the relay server cannot
decipher the content of your conversation.