Skip to content

[Feature] Per-Conversation Custom Certificates (User-Managed E2EE Keys) #1768

New issue
New issue
Open
Open
[Feature] Per-Conversation Custom Certificates (User-Managed E2EE Keys)#1768
Labels
enhancementNew feature or request
@chichicaste

Description

@chichicaste
chichicaste
opened on Jan 12, 2026

Is there an existing request for feature?

  • I have searched the existing issues

What feature would you like?

Allow users to attach a custom certificate/key pair (public + private) to a specific 1:1 conversation. User A generates keys using a trusted external tool, uploads/registers that key pair for chatting with User B, and the system notifies User B to accept or reject the request. Once accepted, the conversation is protected with end-to-end encryption using those user-managed keys.

Anything else?

  • Let users either store the keys in a secure local vault (OS keychain/keystore) or provide them on demand per session.
  • Chat history must remain encrypted and unreadable unless the required keys are present (hard lock on decrypt/read).
  • Support remote secret providers (e.g., Bitwarden) to securely retrieve keys without copying them into the app.
  • Include lifecycle controls: key rotation/revocation, re-approval on key changes, and an audit trail for accept/reject events.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions