X cannot read your messages. We back up your private keys to our hardware security modules (HSMs) to make recovering your message history on new devices frictionless. These HSMs were initialized in our published key ceremony: https://x.com/XEng/status/1971739456857145574 Your keys can only be recovered from the HSMs by entering your PIN correctly. The limit on the number of guesses for the PIN is set to 20 by default (this can be verified through the key fetch response and cannot be disabled after registration), after which the keys self-destruct, meaning no one at X can reliably brute force your PIN to recover your keys. We're always improving X Chat and aim to boost security even further without hurting the user experience on X. The goal of X Chat is to be the communication system for Earth. Privacy and usability are core. We offer end-to-end encrypted messages, with no ad hooks and no dependency on AWS like other messaging services. Enhanced privacy features such as opt-in self custody and forward secrecy are on our roadmap.
See Tweet