Encrypted Spaces: 6 steps to a private team chat

Signal alums built Encrypted Spaces so teams can run their own end-to-end encrypted Slack. Here's how it works—and where it still falls short.

TLDR Encrypted Spaces is a new toolkit from former Signal engineers for building end-to-end encrypted group collaboration apps—think a Slack or Discord you control, where the server never sees your messages. It's aimed at developers and privacy-first teams, not yet a one-tap consumer download. If you need encrypted group chat today, Signal groups still win on convenience; Encrypted Spaces wins when you need to own the whole stack.

A handful of people who helped build Signal just shipped something that isn't an app. It's a system for making apps—specifically, private collaboration tools where the people running the server can't read a word of what you send. Wired's coverage in June 2026 called it plumbing for the next generation of group software. That framing is the part most write-ups gloss over. By the end of this guide you'll know what Encrypted Spaces actually is, how its encryption model differs from Slack and Discord, who should adopt it now versus wait, and the concrete steps to evaluate it for your team.

What Encrypted Spaces actually is (and isn't)

Let me clear up the biggest misconception first. Encrypted Spaces is not "Signal for teams" you download from the App Store. It's a framework—a set of protocols and libraries—that developers use to build collaboration apps with end-to-end encryption baked in from the first line of code, not bolted on later.

The distinction matters. In a normal SaaS app, encryption protects data in transit (TLS) and maybe at rest on the server. But the server itself decrypts and reads your content to index it, search it, generate notifications, run AI summaries. End-to-end encryption (E2EE) flips that: only the participating devices hold the keys. The announcement covered by Backbox News describes Encrypted Spaces as purpose-built so that collaboration features—shared documents, channels, member lists, roles—stay encrypted even from whoever operates the backend.

Why build a framework instead of just another app? Because the hard part of E2EE group software isn't the chat. It's everything around it: managing who's in a group when membership shifts constantly, syncing state across devices, handling a lost phone. Signal solved a lot of this for messaging. Encrypted Spaces generalizes those solutions so other teams don't have to reinvent them—badly.

Diagram showing encrypted messages flowing between devices while a server stays blind

Info "End-to-end encrypted" and "encrypted" are not synonyms. Slack encrypts your data, but Slack (and anyone who subpoenas Slack) can read it. E2EE means the operator structurally cannot. That's the whole point of Encrypted Spaces.

The Signal pedigree—why it's worth attention

Plenty of "secure chat" projects launch and vanish. This one earns a second look because of who's behind it. The team includes people who worked on Signal's protocol and infrastructure—the same cryptographic foundation that WhatsApp, Google Messages, and Signal itself rely on for E2EE. The PrivacyGuides community discussion picked it apart within days of launch, which is a good sign. That forum is brutal on privacy theater.

How the encryption model compares to Slack and Discord

Here's where the practical difference lives. I've run team chat on Slack, Discord, and self-hosted Matrix over the past three years, and the trust model is the thing people underestimate until it bites them.

With Slack and Discord, you're trusting a company. Their security might be excellent—Slack's Enterprise Key Management is genuinely good—but the architecture means the provider holds keys to your content. A rogue employee, a government request, a breach: any of those exposes plaintext. With Encrypted Spaces, the architecture removes the provider from the trust equation entirely. Even a fully compromised server leaks ciphertext that nobody can read.

Dimension	Slack	Discord	Signal groups	Encrypted Spaces
Default E2EE for messages	No	No	Yes	Yes (by design)
Server can read content	Yes	Yes	No	No
Built for rich collaboration (docs, roles)	Yes	Partial	No	Yes
Self-host / own the stack	Enterprise only	No	No	Yes
Ready-to-use consumer app today	Yes	Yes	Yes	Not yet
Cost model	Per-seat SaaS	Freemium	Free	Build / host cost

Notice the trade-off. Encrypted Spaces and Signal both close the "server reads your stuff" gap, but Signal isn't built for the messy reality of work—threaded docs, granular roles, integrations. Slack and Discord nail collaboration and convenience but ask you to trust them with plaintext. Encrypted Spaces is the first serious attempt I've seen to get both rich collaboration and zero-trust encryption in one system.

Tip If your "encryption" requirement is really a compliance requirement (HIPAA, attorney-client), confirm whether your regulator accepts provider-held-key encryption. Many do. If they don't—or you simply don't want to trust a vendor—that's exactly the gap Encrypted Spaces targets.

The contrarian bit: most teams don't need this

I'll say the unpopular thing. Most teams reaching for "encrypted Slack" don't have a threat model that justifies it. If your adversary is a competitor or a script kiddie, Slack with SSO and 2FA is plenty. The teams that genuinely benefit from Encrypted Spaces are the ones where the provider itself is part of the threat model: journalists protecting sources, activists, legal and medical teams handling sensitive client data, security researchers. If that's not you, adopting a v1 framework over a mature SaaS may cost more than the privacy is worth. Be honest about which camp you're in before committing engineering time.

How Encrypted Spaces works under the hood

You don't need a cryptography degree, but understanding the moving parts helps you evaluate it. The system, as described in the TechBuzz launch report, handles three things that make group E2EE hard:

Group membership and key management. When someone joins or leaves a channel, encryption keys must rotate so a removed member can't read future messages—and ideally a new member can't read old ones. Doing this efficiently for large, changing groups is the core technical problem. This is where protocols like MLS (Messaging Layer Security) have advanced the field, and where a Signal-derived approach has real credibility.
Encrypted shared state. It's not just messages. Channel names, member lists, roles, and collaborative documents all stay encrypted client-side. The server stores blobs it can't interpret.
Multi-device sync. Your phone, laptop, and tablet each need keys, and they need to agree on what's been read, edited, or deleted—without a server that can see the content arbitrating. This is the unglamorous engineering that kills most DIY E2EE projects.

A developer reviewing cryptographic key exchange code on a laptop

Warning E2EE shifts responsibility onto you for key recovery. If a team member loses every device with no backup, their encrypted history may be unrecoverable—by design, because a key recoverable by the server would defeat the encryption. Plan your recovery and onboarding flow before rolling this out to non-technical staff. This is the single most common way encrypted deployments go wrong.

Where it runs today

As of the June 2026 reveal, Encrypted Spaces is a system for builders. The realistic near-term users are development teams embedding it into a product, and technically capable groups willing to stand up their own instance. A polished App Store / Google Play consumer client is not the launch story—several outlets, including the LinkedIn post from the team's Samantha Shireman, framed it as foundational infrastructure. Treat current coverage as "watch and pilot," not "migrate your company this quarter."

Setting it up: a realistic evaluation path

You can't npm install encrypted-spaces and have a finished Slack by lunch—and anyone promising that is selling something. Here's the honest path I'd follow to evaluate it, ordered from lowest to highest commitment.

Read the protocol docs and threat model first. Before any code, understand what the system claims to protect against and what it explicitly doesn't (metadata, traffic analysis, compromised endpoints). A privacy tool's threat model is its contract with you.
Stand up a sandbox instance. Deploy the reference implementation in an isolated environment. No real data. The goal is to feel the membership-change and multi-device flows, because that's where friction lives.
Test the painful path: device loss and member removal. Add three test users, remove one, and confirm they lose access to new messages. Then "lose" a device and run your recovery flow. If this is clumsy in your sandbox, it'll be a support nightmare in production.
Audit the metadata exposure. E2EE hides content, not necessarily who talks to whom and when. Check what the server logs. For many threat models, metadata is the real risk.
Pilot with one team for 30 days. Pick a technical team that tolerates rough edges. Track every "I couldn't access X" moment.
Decide: build, host, or wait. Based on the pilot, choose whether to embed it, self-host a deployment, or shelve it until the ecosystem matures.

Tip Run your sandbox notification check on real devices. On iOS, encrypted apps often show generic "New message" alerts because the system can't decrypt content for the lock screen. Verify behavior at Settings → Notifications → [app] → Show Previews → When Unlocked so your team isn't surprised when previews vanish. That's E2EE working correctly, not a bug.

Don't forget the boring security basics

Encryption in transit is worthless if the endpoints are soft. Every device in an Encrypted Spaces deployment is a key holder, which makes device security non-negotiable. A strong, unique passphrase per account and a hardware-backed second factor do more for most teams than any protocol upgrade. If your password hygiene is shaky, fix that first—our breakdown of password manager gaps on iPhone and Mac covers where the popular managers fall short, and the 1Password vs Bitwarden comparison on iPhone helps if you're choosing one for a team rollout. The strongest E2EE in the world doesn't help when someone reuses "Spring2026!" across five logins. For the underlying principles, NIST SP 800-63B remains the reference on what actually makes credentials resistant to attack.

Encrypted Spaces vs the privacy-tool field

If you're shopping for encrypted collaboration right now, Encrypted Spaces is one option among several—and not always the right one. Here's how the realistic alternatives stack up for a privacy-conscious team.

Tool	Best for	E2EE group chat	Rich collaboration	Maturity (June 2026)
Encrypted Spaces	Teams that must own the stack	Yes	Yes (by design)	New / v1
Signal (groups)	Quick, free, trusted messaging	Yes	No	Mature
Matrix / Element	Self-hosters wanting federation	Yes (opt-in)	Partial	Mature
Wire	Compliance-focused orgs	Yes	Partial	Mature
Slack + EKM	Enterprises trusting a vendor	No (provider-key)	Yes	Mature

Pros and cons of going with Encrypted Spaces today

Pros	Cons
Server structurally cannot read content	Not a finished app—requires engineering effort
Built for collaboration, not just messaging	Ecosystem and third-party audits still young
Signal-derived cryptographic credibility	Key recovery burden falls on your team
You own and control the deployment	Hosting and maintenance cost vs free SaaS

The honest summary: if you need encrypted group chat this week and "free and trusted" beats "fully owned," Signal groups are still the pragmatic pick. The EFF's Surveillance Self-Defense project is the resource I point teams to for matching a tool to an actual threat model, rather than chasing the buzziest option. Encrypted Spaces becomes the answer specifically when provider-trust is unacceptable and Signal's lack of work-style features is a dealbreaker.

This same "the tool you reach for first usually isn't the one you need" pattern shows up across software categories. We hit it when comparing Notion and Obsidian for personal knowledge management—the cloud-convenient default versus the local-control option—and the reasoning maps almost exactly onto cloud SaaS chat versus self-owned encrypted collaboration.

Quick checklist: what to do next

Concrete actions, in order:

Define your threat model in one sentence. "We must prevent [whom] from reading [what]." If the answer is "nobody specific," you probably don't need Encrypted Spaces yet—stick with hardened Slack or Signal.
Read the official protocol and threat-model docs before evaluating any code. Note what it does not protect (metadata, endpoint compromise).
Stand up an isolated sandbox with throwaway data—never production content during evaluation.
Stress-test member removal and device loss. These flows make or break real-world adoption.
Audit server-side metadata logging so you know exactly what's exposed even with content encrypted.
Lock down endpoints first: unique passphrases, hardware 2FA, full-disk encryption on every device that holds keys.
Run a 30-day pilot with one technical team and log every access-failure moment.
Re-decide quarterly. This is a v1 system in mid-2026; the calculus will shift as audits and tooling mature.

Info If you only do one thing from this list, do step 1. I've watched more encrypted-tool rollouts fail from "we never agreed what we were protecting" than from any cryptographic weakness.

Sources & further reading

Wired — Reported the Encrypted Spaces launch and framed it as infrastructure for building private collaboration apps, with context on the team's Signal background.
PrivacyGuides community forum — Independent, skeptical discussion of the system's claims and threat model from privacy practitioners.
EFF Surveillance Self-Defense — Practical framework for matching a communication tool to your actual threat model rather than its marketing.
NIST SP 800-63B — The authoritative guidance on authentication and credential strength that underpins endpoint security for any E2EE deployment.
TechBuzz / Backbox News — Launch-week technical coverage detailing how Encrypted Spaces handles group key management and encrypted shared state.