01 — NoidChat / No Phone Number

An Encrypted Messenger. No Phone Number. No Email. No Identity.

Nearly every mainstream private messenger starts the same way: hand over your phone number. NoidChat never asks. Pick a username and you're in. Everything after is end-to-end encrypted, post-quantum ML-KEM on messages and calls by default.

02 — The Problem

A Phone Number Is Not A Neutral Login

It is the most heavily regulated identifier you own. Key a messaging account to it and three things follow, none in your favor.

P · 01

Registered

A SIM is a registered identity. In much of the world, buying a SIM means showing ID, and carriers answer to governments. An account anchored to your number is anchored to you.

P · 02

Swapped

SIM-swap attacks work at the carrier, not on you. Talk a support rep into porting a number, and the attacker receives the victim's verification SMS. Any app that treats a number as proof of identity inherits every weakness of the phone network.

P · 03

Scanned

Contact discovery leaks your social graph. Phone-number apps scan your address book to "find your friends". That scan maps who knows whom before a single message is sent. Encryption never protects this; the graph was never message content.

None of this is a bug. It is a design decision: the number makes onboarding frictionless, the contact graph makes growth automatic, and the cost is your anonymity, paid at signup.

03 — Registration

How Signup Actually Works

Open chat.noid.gg. Choose a username. Set a password. That is registration, in full. Browser first, Android APK if you want it. No SIM required at any step.

  • N · 01 Phone number No phone field. Not at signup, not later, not "for security".
  • N · 02 Email address No email field. No inbox tied to the account.
  • N · 03 SMS verification No code, no carrier, no phone network in the loop.
  • N · 04 Identity documents No ID check at any step. Your display name is all anyone sees.
  • N · 05 Your address book Never requested, never scanned. The graph stays with you.

Your username is the only handle on the account. The consequence is underrated: NoidChat cannot hand over, leak, or lose a number it never collected. The full model is covered in the NoidChat security deep-dive.

04 — The Tradeoff

No Number Means No Contact Discovery

The honest part: NoidChat holds no numbers, so it cannot scan your address book and tell you which friends are already here. That scan is the leak we refuse to build, so connecting works differently.

C · 01

Usernames

Exchange usernames. Share your handle like any other contact detail. Nobody can look you up by a number you never gave.

C · 02

Rotating QR

Scan a rotating QR code. One scan in person adds a friend. Codes rotate every 60 seconds and are HMAC-signed, so an old screenshot cannot be forged or replayed.

Slower than automatic discovery, and that is the point. Nobody can enumerate a database of numbers to find you, and no server ever learns who is in your phone book.

05 — Beyond Signup

What Backs Up The No-Identity Model

Registering without an identity only matters if the rest of the app holds the same line. It does.

S · 01

Post-Quantum

Post-quantum encryption by default. Direct messages, files, and voice notes are encrypted with ML-KEM-768 wrapped around AES-256-GCM, no toggle required. One tap upgrades a conversation to ML-KEM-1024, NIST Category 5. Calls run a post-quantum handshake, then encrypt every frame with AES-256-GCM.

S · 02

Biometric Lock

Biometric lock. Lock the app with fingerprint or face recognition using real WebAuthn cryptographic verification, not a cosmetic screen overlay.

S · 03

Hyper Protect

Hyper Protect. Set a deactivation PIN. If it is ever entered, all your data is permanently destroyed and the account ceases to exist.

New to ML-KEM? Read the post-quantum encryption explainer.

06 — Compare

What Registration Requires

NOIDCHAT Username only No phone, no email, no SMS verification. You connect by username or rotating QR code.
SIGNAL Phone number Usernames can hide your number from other users, but a working number is still required to register.
TELEGRAM Phone number Required to register. You can hide it from strangers, but the account remains keyed to it.
WHATSAPP Phone number Your number is your identity on the network and is how contacts find you.
EMAIL-BASED Email address Lighter than a phone, but the account still ties to an inbox that usually ties to you.

Registration requirements as of July 2026.

07 — FAQ

Straight Answers

Q · 01Do I need a phone number or email to use NoidChat?

No. Registration is a username and a password. There is no phone field, no email field, and no SMS verification anywhere in NoidChat signup at chat.noid.gg — distinct from the optional noid.gg website account.

Q · 02How do people find me without contact discovery?

They don't, unless you want them to. Share your username, or add each other in person with a rotating QR code that changes every 60 seconds and can't be replayed.

Q · 03If NoidChat holds no phone numbers, what could it reveal about me?

No phone number or email — those were never collected. What the server does see: your username, who you exchange messages with (it has to route the ciphertext), message timing, and the IP you connect from. Message, file, and voice-note content is end-to-end encrypted with post-quantum ML-KEM before it leaves your device and is unreadable to us.

Q · 04Is NoidChat fully open source?

No. Selected components of NoidChat's encryption layer are public for transparency; the rest is proprietary. Signal, by contrast, is fully open source.

Q · 05Is there an iOS app?

The web app runs on iOS via Safari today. A native iOS build is in development.