Russia’s current messaging crackdown is the cleanest real-world stress check of decentralization in years, and it produced a clumsy end result.
Roskomnadzor started throttling Telegram on Feb. 10, citing “non-compliance.” Two days later, authorities totally blocked WhatsApp, eradicating its domains from Russia’s nationwide registry and forcing customers towards VPNs or MAX, a state-backed messenger that critics describe as surveillance infrastructure disguised as a chat app.
The Kremlin had already mandated the preinstallation of MAX on all units bought in Russia, efficient Sept. 1, 2025.
The transfer appeared tailored to vindicate decentralized messaging. Right here was textbook censorship enjoying out in actual time, consisting of DNS manipulation, registry disruption, and platform coercion towards companies with greater than 4 billion mixed customers.
But the “censorship-resistant” alternate options constructed over the previous decade remained marginal. Customers did not flood into Session, Standing, or XMTP-based inboxes.
They patched the issue with VPNs and complained on Twitter.
The decentralization thesis did not fail as a result of the expertise does not work. It failed as a result of the expertise addresses an issue most customers do not acknowledge, and introduces trade-offs they’re unwilling to simply accept.
Three-layer mismatch
What folks name “decentralized messaging” truly bundles three distinct properties that not often align in observe.
Content material privateness means end-to-end encryption by default. WhatsApp makes use of the Sign Protocol for all messages and calls. Telegram doesn’t, as E2EE applies solely to Secret Chats, that are device-bound and do not sync throughout platforms just like the service’s default cloud chats.
Most Telegram customers do not toggle Secret Chats on, which makes the service’s “personal” popularity deceptive beneath stress.
Community resilience refers to blockability. Centralized companies current predictable choke factors, comparable to DNS data, IP ranges, and CDN infrastructure.
Russia’s WhatsApp motion exploited precisely that. Peer-to-peer methods scale back reliance on a single endpoint, however they commerce off reliability, battery life, and the supply ensures that mainstream customers count on.
Platform resilience is the layer virtually nobody discusses. Even apps marketed as decentralized depend upon Apple and Google’s push notification methods (APNs and FCM) to ship messages immediately within the background.
These push rails create quiet centralization and metadata publicity, as Apple and Google may be legally compelled to share push notification metadata in some jurisdictions.
The coordination downside no protocol can clear up
Community results function as a mathematical lock-in.
WhatsApp studies greater than 3 billion month-to-month energetic customers. Telegram claims over 1 billion. Switching prices are coordination prices: the worth of a messaging app scales with the variety of your contacts who use it, and the transition penalty grows exponentially with community measurement.
Cellphone numbers make this each worse and higher on the identical time.
Sign nonetheless requires phone-number registration even after introducing usernames. The choice is not an oversight, as Sign’s personal documentation argues that cellphone numbers allow discoverability and assist resist spam.
Decentralized methods that get rid of cellphone numbers should substitute that complete scaffolding with one thing else. Most have not.
Crypto-native messaging protocols comparable to XMTP take a unique method, constructing id round pockets addresses.
This creates composability throughout apps and reduces platform lock-in. Nonetheless, it additionally inherits issues that destroy mainstream usability: key custody dangers, restoration failures, and id confusion when customers juggle a number of wallets.
Spam because the adoption ceiling and the cell OS entice
Open networks change into spam magnets except constrained by id methods, price limits, or financial prices. XMTP’s documentation explicitly states that permissionless networks will appeal to spam and that content-level moderation can’t happen on the protocol layer if messages are encrypted.
The burden shifts to consent lists managed by particular person shoppers and apps.
Each mechanism that may curb spam, comparable to id proofs, token staking, and popularity scores, dangers re-centralizing energy or undermining anonymity.
If you happen to require proof of personhood to ship a message, you have created a brand new registry and a brand new assault floor. If you happen to cost a payment, you have excluded low-income customers and created alternatives for rent-seeking.
Mainstream customers count on instantaneous supply. On iOS and Android, that expectation will depend on background push notifications routed by means of APNs and FCM.
Even apps that place themselves as decentralized, comparable to Briar, Standing, and Session, both compromise on “instantaneous” supply or settle for the centralization imposed by push methods.
Push infrastructure additionally exposes metadata: who messaged whom, when, and from the place. Authorities can compel Apple and Google to share that knowledge in lots of jurisdictions.
For prime-threat customers, it is a deadly flaw. For everybody else, it is invisible, till it is not.
| Possibility | Layer 1: E2EE by default? | Layer 2: Block / throttle resistance | Layer 2: Main choke factors | Layer 3: Push (APNs / FCM) for “instantaneous”? | Layer 3: App-store dependence | Adoption: Identification mannequin | Adoption: Restoration | Adoption: Spam / abuse posture | Adoption: Mainstream UX gaps |
|---|---|---|---|---|---|---|---|---|---|
| ✅ Sure | ❌ Low | DNS / IP / CDN; centralized servers | ✅ Sure | ✅ Excessive | Cellphone quantity | ✅ Easy | ⚠️ Centralized enforcement | ✅ Minimal (baseline feature-complete) | |
| Telegram (Default cloud chats) | ❌ No | ❌ Low | DNS / IP / CDN; centralized servers | ✅ Sure | ✅ Excessive | Cellphone quantity | ✅ Easy | ⚠️ Centralized enforcement | ✅ Minimal (feature-complete) |
| Telegram (Secret Chats) | ⚠️ Optionally available | ❌ Low | Identical as above (service nonetheless centralized) | ✅ Sure | ✅ Excessive | Cellphone quantity | ✅ Easy | ⚠️ Centralized enforcement | ❌ Multi-device sync (device-bound); UX friction |
| Sign | ✅ Sure | ❌ Low–Med | Centralized servers; area/IP | ✅ Sure | ✅ Excessive | Cellphone quantity (usernames assist, nonetheless phone-based) | ⚠️ Reasonable | ⚠️ Centralized + price limits | ⚠️ Community results / “second messenger” |
| Matrix (Factor) | ⚠️ Optionally available / will depend on setup | ⚠️ Medium | Dwelling servers; federation hyperlinks; public servers | ✅ Sure | ✅ Excessive | Username (server-based) | ⚠️ Reasonable | ⚠️ Server / group moderation | ⚠️ Admin/UX complexity; inconsistent defaults |
| Briar | ✅ Sure | ✅ Greater | Machine availability; Tor bridges; native connectivity | ❌ No (not “instantaneous” like mainstream) | ⚠️ Medium | QR/peer add; no cellphone quantity | ❌ Laborious | ⚠️ Restricted floor; smaller networks | ❌ Reliability / always-on; battery; onboarding |
| Session | ✅ Sure | ⚠️ Medium–Greater | Relay community / routing layer; endpoints | ⚠️ Partial | ✅ Excessive | Session ID (no cellphone) | ❌ Laborious | ⚠️ Shopper-side + community guidelines | ⚠️ Supply reliability; UX studying curve |
| Standing / Waku | ✅ Sure | ⚠️ Medium | Waku relays; bootnodes; app infra | ⚠️ Partial | ✅ Excessive | Pockets / keypair | ❌ Laborious | ⚠️ Shopper-side consent + filters | ⚠️ Beta maturity; spam/id friction |
| XMTP-based inboxes | ✅ Sure (message-level) | ⚠️ Medium | XMTP community nodes / relays; endpoints | ⚠️ Partial | ✅ Excessive | Pockets tackle | ❌ Laborious | ⚠️ Shopper-side consent; spam assumed | ⚠️ “Who am I messaging?”; key mgmt; historical past sync pitfalls |
Efficiency tax and have regression
Multi-device sync, giant group chats, media attachments, message search, and cloud backups are options customers barely discover till they break.
Pure peer-to-peer architectures make it troublesome or unattainable to implement these options with out introducing a relay or storage layer.
Telegram illustrates the trade-off straight. The service’s default cloud chats sync seamlessly throughout units, however they do not use end-to-end encryption. Secret Chats use E2EE, however they’re locked to a single gadget and can’t be synchronized.
That is the price of sustaining the privateness assure, not a compromise.
Matrix, the federated protocol behind Factor and different shoppers, affords self-hostable infrastructure and avoids single-operator management.
Nonetheless, federation shifts complexity to directors and nonetheless leaves blockable server targets.
Why the alternate options keep area of interest
Sign has one of the best privateness defaults within the business, however it stays a second messenger for many customers. The phone-number requirement reduces anonymity, and the smaller community means it is the place activists go, not the place everyone seems to be.
Briar was designed explicitly for crises, because it operates over Tor, Bluetooth, and Wi-Fi Direct to bypass shutdowns. That design is why it is area of interest. Onboarding is tougher, battery drain is bigger, and always-on supply does not match WhatsApp’s responsiveness.
Standing positions itself as a web3 super-app with decentralized messaging on the core, powered by the Waku peer-to-peer protocol. The challenge’s personal documentation flags it as beta and acknowledges the reliance on unproven infrastructure.
XMTP affords the strongest composability narrative, with wallet-based id and protocol-level consent options that work throughout totally different apps.
Nonetheless, the documentation reveals actual friction: spam is handled as inevitable, native database encryption can disrupt historical past sync if mishandled, and your entire mannequin assumes customers are snug managing cryptographic keys.
The trilemma that will not resolve, and what occurs subsequent
It’s potential to optimize for 2 of the next, however not often all three: excessive privateness (each metadata and content material), excessive usability (instantaneous supply, multi-device sync, huge teams, search), and excessive decentralization (no single operator, minimal choke factors).
Mainstream apps prioritize usability and scale. Privateness instruments choose privateness and decentralization.
Crypto-native initiatives search to offset usability losses with token incentives and protocol design, however they incur new complexity associated to spam, id, and regulatory publicity.
Russia’s WhatsApp block elevated the ache of censorship, however it did not cross the switching threshold. Customers will change when the ache of censorship exceeds their tolerance, and the choice affords near-zero onboarding friction, instantaneous supply, low spam, and adequate contacts already utilizing it. VPNs are simpler.
The forcing features will not be ideological. They will be institutional: necessary preinstalls comparable to MAX, public-sector adoption mandates, app retailer removals, and stricter VPN enforcement.
Freedom Home documented the fifteenth consecutive yr of declining world web freedom in 2025.
Shutdowns and throttling stay commonplace instruments of state management. Demand for censorship-resistant communication is rising. The provision facet nonetheless cannot ship the product that customers will truly undertake.
The stack that solves this can want push-notification independence with out battery drain, spam resistance with out id registries, and key administration that does not punish widespread errors.
Till then, decentralized messaging stays a hedge, not a substitute. It is the app folks set up when issues get dangerous, not the one they use on daily basis.
