This repository contains the specification and reference implementation of Relay, an end-to-end encrypted messaging protocol that maps the Messaging Layer Security (MLS) protocol (RFC 9420) onto MQTT 5.0.
Relay acts as the Delivery Service for MLS, providing:
- End-to-end encryption via MLS (forward secrecy, post-compromise security)
- Asynchronous messaging via KeyPackages (prekeys)
- Standard MQTT 5.0 transport (works with any MQTT broker)
- Minimal protocol surface - just MLS messages over MQTT topics
┌───────────────────────────────────────────────────────┐
│ Application Layer │
├───────────────────────────────────────────────────────┤
│ MLS Protocol (RFC 9420) │
│ (Key Agreement, Forward Secrecy, Auth, Group State) │
├───────────────────────────────────────────────────────┤
│ MQTT 5.0 Transport │
│ (Routing, Pub/Sub, Reliability) │
└───────────────────────────────────────────────────────┘
- protocol.md - Relay protocol specification
- relay-rs/ - Reference implementation in Rust
- relay-ios/ - Native iOS client for the Relay protocol
Relay uses the following MQTT topic structure:
| Topic | Purpose | QoS | Retain |
|---|---|---|---|
relay/k/{client_id} |
KeyPackages (prekeys) | 1 | true |
relay/w/{client_id} |
Welcome messages | 1 | false |
relay/g/{group_id}/m |
Group messages | 1 | false |
relay/g/{group_id}/i |
GroupInfo | 1 | true |
- Broker is untrusted: Confidentiality and integrity guaranteed by MLS
- Content privacy: All application messages encrypted via MLS PrivateMessage
- Client-centric: Uses client IDs per RFC 9750 MLS Architecture
- Ordering: MQTT broker provides message sequencing
- Availability: Best-effort via MQTT QoS 1
This is an experimental protocol for research and demonstration purposes. The specification and implementation are subject to change.
See LICENSE file for details.
Contributions are welcome! Please open an issue or pull request.