Anonymous email with post-quantum encrypted messaging — looking for feedback

General Discussion
1

Hi everyone,

I’m part of the team behind Onion Mail, an anonymous email service accessible natively as a .onion service. I wanted to share a recent development and genuinely hear the community’s opinion on it.

We recently integrated post-quantum encrypted messaging into the platform through a tool we built internally called PQC Server, which is also reachable as a .onion service. Before we go further with development, we’d like to get feedback from people who actually understand and care about these topics.

How it works

The idea is simple: from inside the Onion Mail inbox, a widget opens a popup. You type the recipient’s PQC Server username, the message is encrypted client-side with post-quantum algorithms, and a short URL is generated. You send that URL to the recipient — for example via email — and they decrypt it with their private key. No plaintext ever reaches the server.

PQC Server also supports:

  • Post-quantum key pair generation and management

  • Encrypting and decrypting arbitrary text or files

  • Encrypted personal file storage

Why we built this

The “harvest now, decrypt later” threat is a real concern for people using anonymous communication tools. Traffic is being collected today with the intention of decrypting it once quantum computers are viable. We wanted to give Onion Mail users a way to protect communications not just from current threats but from future ones as well.

We are using algorithms based on NIST-standardized standards (ML-KEM, ML-DSA). That said, we are not cryptographers by trade, and we would genuinely appreciate scrutiny from people with more expertise in this area.

Open source

PQC Server is developed internally and we plan to release it as open source. We want the implementation to be auditable. If anyone is interested in reviewing the code before the public release, feel free to reach out.

Links

  • Onion Mail: pflujznptk5lmuf6xwadfqy6nffykdvahfbljh7liljailjbxrgvhfid.onion

  • PQC Server (clearnet): pqcserver.com

  • PQC Server (onion): utk4jxph6ekxrtnk73qfciu3md2b44iefxxbghaeo3tx6627r45t5vqd.onion

Questions for the community

  • Does the short URL approach for sharing encrypted messages make sense from a threat model perspective, or does it introduce risks we haven’t considered?

  • Are there better approaches for key discovery in a privacy-preserving context?

  • Any recommendations on libraries or implementations for ML-KEM / ML-DSA that the community considers well-audited?

Thanks in advance for any feedback.