dm3 — decentralized messaging for web3

Christoph Jentzsch
Published in
4 min readAug 16, 2022


Current stage

Email is the first widespread use case of the Internet — digital communication using a standardized protocol. A treasure web1 gave us. Despite its age, for most people, email is still the primary digital communication tool. Currently, more than 300 billion emails are sent daily (source).

Despite protocols such as PGP, encryption of emails never found widespread adoption. Most emails do not even include a signature proving their origin.

Even though Email is an open protocol and therefore decentralized by design, most email users use a provider, such as Gmail, which fully controls and owns their email address. This means the provider can read all emails, send emails on behalf of the user, restrict access or simply delete the account completely. The user does not own their most important communication and login tool on the Internet!

Web2 gave us communication tools based on centralized platforms such as Telegram, Twitter, WhatsApp, Discord, Signal, and many others. All of those platforms are walled gardens without interoperability or cross-platform communication.

With the rise of web3, self-sovereign identity management and non-custodial key management have gained a lot of attention again. There are millions of people controlling their own keys through wallets such as MetaMask and others. The introduction of the Ethereum Name Service (ENS) has given us simple names, such as alice.eth, which we truly own. But not only that: It is a public record secured by private keys which can contain more than a simple domain name. It can also host public keys used for encrypted communication. Only the actual owner of the ENS domain can change the registered public encryption and signing keys, and there is an immutable record secured by global consensus around all changes and its most current status. This is the basis for secure encrypted communication in web3, tied to the web3 username: Your ENS domain.

What is dm3?

dm3 allows you to easily write a signed and encrypted message to another ENS domain owner, such as alice.eth, without having any single point of failure. Alice owns her name: alice.eth. Nobody can take it from her as long as she keeps the associated private key secure. When dm3 is first used, public signing and encryption keys are generated based on the key in her Ethereum wallet (MetaMask, WalletConnect, …). These keys are either stored directly as ENS text records or as an ENS text record of the direct link secured by the hash of the keys. The associated private keys can be regenerated at any time using the key in the Ethereum wallet.

In addition to those public keys, Alice provides an URL to the delivery service. The delivery service is responsible for forwarding and notifying the recipient when messages arrive. This service can run on her server or be provided by a third party. This service cannot read or modify the messages since they are signed and encrypted. Only the proper recipient can read them. The delivery service can be changed at any time.

The location where the messages are stored can also be freely chosen. It can be locally in the browser (not recommended, since the browser storage can get deleted from time to time), a local file, IPFS (web3 storage), or the user’s own personal cloud. Even if the user opts for a centralized cloud provider such as GDrive, Google has no power to read or manipulate messages or gain any control over the user’s account/ENS Domain.

In summary, the core of dm3 are the published text records on ENS that provide the public encryption and signing keys. On top of this, the user can choose self-hosted or third-party hosted service providers that act as delivery services and/or storage providers. also offers those services, but the user is in no way bound to use any of them.

Guiding principles

The principles in the design of dm3 are:

  • Decentralization as in: works without us, and the user is free to choose and change a service provider or host all the services themselves
  • Non-custodial — your keys, your messages
  • Key revocation/rotation securely done as ENS text records, verified by global consensus on Ethereum
  • “can’t be evil” — we cannot read, delete, censor anything you do within dm3
  • fully open source (BSD 2 license)


We believe that dm3 is a better and more secure communication protocol. It should be THE way to communicate within web3. It is built for interoperability, and we look forward to collaborating with all teams that have thought and built in this direction, allowing for the use of published encryption and signing keys and interoperable delivery services. We are excited for the future of communication in web3!

For more information on the technical specs of dm3, check out this article written by the Project Lead, Heiko. And don’t forget to follow us on Twitter for all the latest updates.

Christoph Jentzsch