Effective date: June 29, 2026 · Last updated: June 29, 2026
The short version: Asterias is designed so that we cannot read your messages. We collect the minimum data required to operate the relay and betting services, and we never sell your data to anyone.
Asterias ("we", "us", "our") is a post-quantum encrypted messaging application with an integrated Monero wallet and peer-to-peer betting service. The application is available on iOS and Android.
Asterias requires no account registration. We collect no name, email address, phone number, or government-issued identity of any kind.
All messages are end-to-end encrypted using post-quantum cryptography (PQXDH + Double Ratchet with Kyber768 and Dilithium3) before leaving your device. Our relay server forwards ciphertext only — it cannot read the content of your messages. Message content is never stored server-side beyond the transit buffer required for delivery.
Our WebSocket relay server logs the following for up to 30 days for abuse prevention and rate limiting:
When you use the peer-to-peer betting feature, our oracle servers record:
No financial information (bank details, card numbers) is collected. All funds are held in Monero multisig escrow addresses controlled jointly by the two bettors and the oracle — we cannot unilaterally access or move these funds.
Your Monero wallet seed, private keys, and transaction history are stored exclusively on your device in encrypted local storage. We never transmit or store your private keys. Wallet balance queries may connect to a public Monero node; we do not operate a logging Monero node.
Our website (asterias.app) does not use Google Analytics or any third-party analytics service. No tracking cookies are set. Server access logs (IP address, page requested, timestamp) are retained for 14 days for security monitoring.
We use the limited data described above solely to:
We do not use your data for advertising, profiling, or sale to third parties.
We do not sell, rent, or share your personal data with third parties except:
If you are located in the European Economic Area or United Kingdom, you have the following rights under the General Data Protection Regulation:
Because we do not collect identifying information such as your name or email, fulfilling access and erasure requests requires you to provide us with your IP address and approximate usage timestamps so we can locate your records.
Our legal basis for processing relay logs is legitimate interests (network security and abuse prevention). Our legal basis for oracle records is performance of a contract (operating the betting service you opted into).
Note: Asterias's betting features are not available to users in the United States. The messaging features are available to all users. California residents may request:
Message content is protected by post-quantum cryptographic algorithms that are believed to be secure against both classical and quantum adversaries. Server infrastructure is access-controlled and regularly updated. We use TLS for all data in transit between your device and our servers.
Asterias is not directed at children under 18. We do not knowingly collect any information from users under 18. If you believe a minor has used the service, please contact us and we will delete any associated records.
We may update this policy as the service evolves. We will post the updated policy on this page with a new effective date. Material changes will be announced on our GitHub repository.
For privacy requests or questions about this policy, open an issue on our GitHub repository or email us at privacy@asterias.app.