Mesh-network chat apps like BitChat and Bridgefy enable communication without internet infrastructure, but lack robust authentication, leaving users vulnerable to impersonation and man-in-the-middle attacks. Crosspass, meanwhile, offers secure note delivery with PIN-based retrieval. By combining these tools, we could enable secure, authenticated communication across both mesh and internet paths.

Benefit for Crosspass: Proximity Filtering

Crosspass is built around a simple idea: a sender encrypts a short note, uploads it to a server, and gets back a lookup ID and a PIN. The recipient uses both to retrieve the note. To ensure real security—especially when the PIN is delivered over insecure channels like SMS or email—a proximity-based filter could be introduced using Bluetooth mesh networking (like BitChat):

• Alice would use Crosspass to create a secure note containing her cryptographic identity (e.g., a public key).
• Crosspass would set:
  • A lookup ID (to help the Crosspass server direct the request to Alice’s device),
  • A PIN (required to decrypt and release the note),
  • An expiry time (e.g., 5 minutes).
• Alice would send the lookup ID, PIN, and her Bluetooth identifier (to locate her phone on the mesh) to Bob via regular internet—like email or SMS. These credentials could still be intercepted by an email operator or telecom provider.
• Bob’s phone would connect to the local Bluetooth mesh network (BitChat) and try to retrieve the note using the lookup ID and PIN. The request would be forwarded via mesh, not the internet or telecom.
• Alice’s phone would validate:
  • The correct PIN and lookup ID,
  • That the request is coming via Bluetooth mesh, not from the internet,
  • That the request was received within the expiry window.
• If all conditions pass, Alice’s phone would authorize the release of the note through the mesh, and Bob would receive it.

This proximity filtering would mean that even if an attacker intercepted the PIN, he would have to be physically near the sender (on the same mesh) and act before the note expires. This would make interception nearly useless and could give Crosspass stronger security guarantees than telecom or internet alone.

Benefit for BitChat: Authentication

Bluetooth mesh networks like BitChat have no native way to verify who you’re talking to—unless users are face-to-face. Crosspass could fill that gap. By delivering cryptographic keys over a proximity-filtered retrieval, it would allow users to authenticate each other remotely, using the mesh itself to prove physical context. This could turn an otherwise anonymous mesh into a trusted peer network.

Although mesh-network chat apps like BitChat enable peer-to-peer key exchange, as shown in the following diagram from the BitChat whitepaper, there is no authentication of the public keys. This means any device can claim any identity, leaving the protocol open to impersonation and man-in-the-middle attacks.

sequenceDiagram
    participant Alice
    participant Bob
    Alice->>Bob: Announce (includes public key)
    Note over Bob: Stores Alice's public key
    Bob->>Alice: Key Exchange Request (Bob's public key)
    Note over Alice: Derives shared secret using X25519
    Alice->>Bob: Key Exchange Response (Encrypted with shared secret)
    Note over Bob: Derives shared secret, verifies response
    Alice->>Bob: Encrypted Message (AES-256-GCM)
    Bob->>Alice: Encrypted Response (AES-256-GCM)
    Note over Alice,Bob: Forward Secrecy Achieved

Bridging Bluetooth Mesh Networks Across Vast Distances

Once two users authenticate via Crosspass and BitChat, they could establish an end-to-end encrypted channel that would work beyond Bluetooth range. This channel could securely send messages over the internet, allowing trusted devices to bridge disconnected mesh networks. Alice and Bob would become relay points between meshes—all without compromising privacy or trust.

WiFi Support and Local Network Security

BitChat is also planning to add support for WiFi, which—like Bluetooth—provides a local network guarantee. When devices communicate over a local WiFi network (LAN), the same proximity-based security arguments apply: only devices physically present on the same network segment can participate in the exchange. For Crosspass, this means that secure note retrieval and authentication could be extended to WiFi LANs, not just Bluetooth mesh. The key is to verify that packets do not originate from the internet, but from another device on the local network. This would allow the same proximity and context-based security guarantees to apply, whether users are connected via Bluetooth or WiFi.

Together, Crosspass and BitChat could form a flexible, secure communication fabric—one that would work whether users are nearby, offline, or across the globe.