Security Disclaimer

1. General Disclaimer

All services, software, hardware, and information provided by SimpleGo (operated by IT and More Systems) are provided on an "as is" and "as available" basis, without warranties of any kind, either express or implied, to the fullest extent permitted by applicable law.

While we strive to provide the highest quality secure communications infrastructure, we do not warrant that our services will be uninterrupted, error-free, completely secure, or free from vulnerabilities. The information on our website (simplego.dev) is provided for general informational purposes and may contain technical inaccuracies or typographical errors.

2. Security Representations and Limitations

We make specific security claims about our technology based on verifiable engineering facts. This section clarifies what we do and do not claim.

2.1 What we do claim

Our SMP relay servers implement the SimpleX Messaging Protocol, which provides end-to-end encryption using established cryptographic primitives (X25519, XSalsa20, Poly1305, Double Ratchet with X3DH). The SimpleX Protocol's SMP component has undergone a cryptographic design review by Trail of Bits (July 2024). Our server software is open source and available for independent review. We do not possess encryption keys for user messages and cannot decrypt message content.

2.2 What we do not claim

We do not claim that our systems are invulnerable to all attacks. We do not claim that no undiscovered vulnerabilities exist in the SimpleX Protocol, its implementations, or the cryptographic libraries we depend on. We do not claim that our infrastructure has undergone a full production security audit (the Trail of Bits review covered protocol design, not our specific server deployment). We do not claim that metadata is perfectly protected in all threat scenarios. We do not claim protection against state-level adversaries with unlimited resources and physical access to infrastructure.

3. No Absolute Security Guarantee

Security depends on a chain of components, many of which are outside our control. These include: the security of your endpoint device (phone, computer, or SimpleGo hardware), the security of the operating system and software running on your device, the physical security of your device, the strength and secrecy of any passwords or PINs you use, the trustworthiness and security practices of people you communicate with, the security of the network infrastructure between you and our servers, and the absence of undiscovered vulnerabilities in cryptographic algorithms and their implementations.

A compromise of any single element in this chain can undermine the security provided by all other elements. We can only be responsible for the components we directly control: our server infrastructure, our software, and our hardware designs.

4. Cryptographic Software Disclaimer

Our software implements cryptographic algorithms and protocols that are currently considered secure by the international cryptographic research community. However, cryptography is a rapidly evolving field, and the following risks should be understood.

Algorithms considered secure today may be broken in the future through advances in mathematics, computing, or cryptanalysis. The emergence of large-scale quantum computers could threaten current asymmetric cryptographic schemes (RSA, ECDH, ECDSA). The SimpleX Protocol has begun integrating post-quantum cryptography (hybrid CRYSTALS-Kyber + classical), but this transition is ongoing and post-quantum algorithms are newer and less battle-tested than classical ones.

Implementation flaws can undermine theoretically secure algorithms. Side-channel attacks, timing attacks, and other implementation-level vulnerabilities represent ongoing research areas. We mitigate these risks by using established, audited cryptographic libraries (libsodium/NaCl, mbedTLS) rather than implementing cryptographic primitives ourselves, but no mitigation is complete.

5. Hardware Prototype Status

5.1 Development hardware (Model 1 "Maker")

The Model 1 "Maker" is based on commercially available development boards (LilyGo T-Deck Plus) running custom firmware. It is intended for enthusiasts, developers, and early adopters who understand the inherent limitations of prototype hardware. It has not undergone formal security certification. The development board's hardware design is not under our control. Physical security features (tamper detection, secure elements) are limited to what the development board provides, which is minimal.

5.2 Future production hardware (Models 2 and 3)

Models 2 ("Shield") and 3 ("Vault") are planned production devices with custom PCB designs and enhanced security features. Any security claims about these devices apply only to final production versions. Pre-production prototypes, engineering samples, and beta units may not include all security features described in marketing materials. Specific security certifications (CC, FIPS, etc.) will be documented upon completion and should not be assumed in advance.

5.3 Hardware modification

The hardware designs are released under the CERN Open Hardware Licence v2 (Weakly Reciprocal). Users who modify hardware designs do so at their own risk. We cannot warrant the security or functionality of modified hardware. Users who build SimpleGo devices from our open-source designs bear full responsibility for component quality, assembly quality, and resulting security properties.

6. Third-Party Dependencies

6.1 SimpleX Protocol

SimpleGo implements the SimpleX Messaging Protocol developed by SimpleX Chat Ltd. SimpleGo is an independent project and is not affiliated with, endorsed by, or officially supported by SimpleX Chat Ltd. The SimpleX name and protocol are used for interoperability purposes. Changes to the SimpleX Protocol by its maintainers may affect SimpleGo's functionality or compatibility.

6.2 Cryptographic libraries

We rely on third-party cryptographic libraries (including but not limited to libsodium, mbedTLS, and NaCl). Vulnerabilities discovered in these libraries may affect our security. We monitor security advisories and update dependencies promptly, but there may be a window of exposure between disclosure and patch deployment.

6.3 Hardware components

Our devices use semiconductor components from multiple vendors. Hardware vulnerabilities (such as the Eucleak attack on Infineon SLE78 secure elements, or Spectre/Meltdown class attacks on processors) are possible in any hardware component. Our multi-vendor secure element strategy for Model 3 is specifically designed to mitigate single-vendor supply chain risk, but cannot eliminate hardware-level vulnerabilities entirely.

6.4 Network infrastructure

Communication between users and our servers traverses public internet infrastructure, Tor network relays, and hosting provider networks. We do not control and cannot guarantee the security or availability of these networks.

7. Regulatory and Export Compliance

SimpleGo hardware and software contain cryptographic functionality. Users are solely responsible for ensuring that their use, import, export, or re-export of SimpleGo products complies with all applicable laws and regulations in their jurisdiction.

Within the European Union, dual-use export controls under Regulation (EU) 2021/821 may apply to cryptographic technology. Mass-market cryptographic products generally qualify for the License Exception ENC or are exempt under Category 5, Part 2, Note 3 of the Wassenaar Arrangement. However, we do not provide legal advice on export classification, and users should consult qualified legal counsel if they intend to export SimpleGo products outside the EU.

Some countries restrict or prohibit the use of strong encryption. It is your responsibility to determine whether the use of SimpleGo products is lawful in your jurisdiction.

8. Not Legal, Medical, or Professional Advice

Nothing on our website, in our documentation, or in communication with our team constitutes legal advice, medical advice, or professional security consulting. Our descriptions of legal frameworks (GDPR, German criminal procedure, export controls) are provided for transparency and general information only and should not be relied upon as authoritative legal guidance.

If you require legal advice regarding encryption use, data protection compliance, or the legal implications of using secure communications in your jurisdiction, you should consult a qualified attorney. If your personal safety depends on secure communications, you should also consult with a qualified security professional who can assess your specific threat model.

9. Threat Model Limitations

9.1 Protected against (by design)

The system is designed to protect against passive network surveillance and traffic analysis, server compromise (messages remain encrypted even if our server is seized), metadata correlation between message queues, user identification by the relay server operator, and message content interception during transit.

9.2 Partially protected against

The system offers partial protection against active network adversaries (mitigated by TLS, but certificate pinning may be incomplete), traffic timing analysis (mitigated by padding but not fully eliminated), and server-side denial of service (mitigated by rate limiting but not bulletproof).

9.3 Not protected against

The system does not protect against compromise of the endpoint device (if an attacker has access to your device, encryption is irrelevant), physical coercion or legal compulsion to reveal passwords, a compromised communication partner sharing your messages, advanced persistent threats with sustained physical access to hardware, undiscovered zero-day vulnerabilities in the cryptographic stack, or user error (sharing invitation links on insecure channels, not verifying contact identity, etc.).

10. Open Source Software

SimpleGo's software is released under the GNU Affero General Public License v3.0 (AGPL-3.0), and hardware designs under the CERN Open Hardware Licence v2 (Weakly Reciprocal, CERN-OHL-W-2.0). As stated in these licenses, the software and hardware designs are provided WITHOUT WARRANTY OF ANY KIND, either express or implied, including but not limited to the implied warranties of merchantability, fitness for a particular purpose, and non-infringement.

The availability of source code allows independent security review, which we actively encourage. However, the fact that code is open source does not by itself guarantee that it has been reviewed, that all vulnerabilities have been found, or that the code is free from defects.

11. Availability and Performance

Our SMP relay servers are operated on a best-effort basis. We do not guarantee any specific level of uptime, availability, throughput, latency, or message delivery reliability. Server maintenance, hardware failures, network outages, and other events may cause service interruptions without advance notice.

The relay service is provided free of charge. We reserve the right to discontinue the service at any time, with reasonable notice where practicable (see our Terms of Service for details).

We strongly recommend that users who require high availability or guaranteed message delivery do not rely solely on our relay infrastructure. The SimpleX Protocol's federated design allows users to run their own SMP servers, which we encourage for high-assurance use cases.

12. Relationship to Other Documents

This Disclaimer supplements our Terms of Service, Privacy Policy, and Acceptable Use Policy. In the event of a conflict between this Disclaimer and the Terms of Service, the Terms of Service shall prevail. All documents together form the complete legal framework governing the use of SimpleGo's services and products.

13. Contact

General inquiries: legal@simplego.dev
Security vulnerabilities: security@simplego.dev
Privacy inquiries: privacy@simplego.dev

IT and More Systems
Sascha Dämgen
Am Neumarkt 22
45663 Recklinghausen
Germany / EU