Signal Veterans Build Open-Source Encrypted Spaces for Collaborative Apps

At a glance:

• Harvard and Signal co-creator develop open-source Encrypted Spaces to add E2EE to Slack, Google Docs, and Discord.
• Uses zero-knowledge proofs to prevent servers from accessing unencrypted data.
• Demo app Spaces released alongside research preview code on GitHub.

What is Encrypted Spaces and How Does It Work?

Encrypted Spaces is an open-source infrastructure project designed to simplify end-to-end encryption (E2EE) integration into collaborative applications like Slack, Google Docs, and Discord. Led by Signal protocol co-creator Nora Trapp (Harvard Applied Social Media Lab) and Microsoft researchers, the platform aims to address risks of centralized cloud services—such as data exposure, loss of control, and self-censorship—by providing a cryptographic foundation for developers. The system leverages zero-knowledge proofs, a technology also used in Zcash cryptocurrency, to enable secure server-client interactions. This allows servers to verify document updates without accessing raw data, ensuring privacy-preserving collaboration.

The project’s demo app, Spaces, demonstrates real-time collaborative editing with E2EE. Unlike standalone encrypted apps (e.g., Proton Mail or CryptPad), Encrypted Spaces focuses on reusable developer tools rather than end-user products. Matt Green, Johns Hopkins cryptography professor, emphasizes its value as a "standard library" for security: "If you use this library, you inherit all the security for free." The code, currently in a "Research Preview" phase, is available on GitHub, with plans to expand its modularity for third-party adoption.

Why Governments May Resist the Technology

Encrypted Spaces’ architecture could reignite global debates over encryption policy, particularly in jurisdictions like the UK and US. Signal President Meredith Whittaker recently threatened to exit the UK over proposed phone screening laws, framing them as a precursor to mass surveillance. Similarly, the US government’s export controls on AI models like Anthropic’s Fable 5—treating encryption as a controlled technology—mirror historical "Crypto Wars" conflicts from the 1990s. These policies aim to limit foreign access to strong encryption but face criticism for stifling innovation.

The project’s lead developers anticipate regulatory pushback, noting that E2EE’s democratization challenges state surveillance capabilities. As Trapp stated: "We’re not just building for journalists or activists—this is about redefining trust in digital collaboration." However, governments may argue that such tools hinder law enforcement investigations, echoing past tensions between tech firms and policymakers.

How Encrypted Spaces Differs From Existing Solutions

While encrypted alternatives like Proton Workspace, Fileverse, and CryptPad already exist, Encrypted Spaces distinguishes itself through its focus on developer infrastructure. The project provides modular components (e.g., encryption libraries, verifiable update protocols) that can be integrated into any collaborative app, rather than offering a closed ecosystem. This approach contrasts with Web3-based solutions like Fileverse, which rely on blockchain for decentralization but lack the same level of cryptographic verification.

Additionally, Encrypted Spaces emphasizes verifiable cryptographic operations. For example, its zero-knowledge proofs allow servers to confirm document versioning without decrypting content—a feature absent in many existing E2EE tools. The team also highlights its compatibility with existing platforms: developers can retrofit apps like Discord or Google Workspace with minimal code changes, reducing adoption barriers.

Challenges and Limitations

Despite its promise, Encrypted Spaces faces technical and regulatory hurdles. Implementing zero-knowledge proofs at scale requires significant computational resources, potentially impacting performance in latency-sensitive applications. The team acknowledges that real-time collaboration features (e.g., live document editing) may require further optimization to balance security and usability.

Regulatory uncertainty also looms large. While the UK’s proposed phone screening laws have drawn criticism, similar proposals in the EU and US could force Encrypted Spaces to adopt backdoors or geofencing. The project’s reliance on open-source transparency may also draw scrutiny from state actors seeking to identify vulnerabilities.

Implications for the Future of Secure Collaboration

Encrypted Spaces could catalyze a shift toward privacy-first design in mainstream software development. By lowering the barrier to E2EE integration, the project may pressure companies like Microsoft and Google to adopt similar standards, reducing reliance on centralized cloud services. Trapp noted: "This isn’t just about encryption—it’s about reclaiming user agency in digital spaces."

The project’s success could also influence AI-driven collaboration tools. As Maple CTO Anthony Ronning described it: "Verifiable, encrypted, untrusted storage" aligns with growing demands for transparency in AI systems. However, widespread adoption will depend on balancing security with user experience and navigating evolving global regulations.

What’s Next for the Project

The Encrypted Spaces team plans to expand its feature set, including support for cross-platform synchronization and third-party app integrations. A public beta is expected within 12 months, with initial focus on messaging apps before expanding to productivity suites. The project has also partnered with academic institutions to study its impact on digital trust.

While challenges remain, the release of Spaces and its open-source code marks a significant step toward mainstream E2EE. As Green concluded: "The goal isn’t just to build better apps—it’s to build a new paradigm for how we think about privacy in collaboration."