Quickstart
Initialize CoreCrypto, create an MLS conversation, and send your first encrypted message.
Architecture
Learn how the keystore, MLS provider, and FFI layers fit together.
What CoreCrypto does
CoreCrypto sits between your application and the raw protocol libraries. It:- Abstracts MLS and Proteus behind a single
CoreCryptostruct and a transaction-basedCoreCryptoContextAPI, hiding protocol-specific details. - Manages an encrypted keystore for all keying material — SQLCipher on native platforms, AES256-GCM over IndexedDB on WASM.
- Exposes a consistent cross-platform interface through UniFFI (Kotlin/Swift) and
wasm-bindgen(TypeScript), so one Rust codebase powers all targets. - Enforces atomic state mutations through transactions: changes are buffered in memory and only flushed to the keystore on commit.
Protocols supported
MLS (Messaging Layer Security)
CoreCrypto implements MLS via a Wire-maintained fork of OpenMLS. MLS is an IETF standard group messaging protocol designed to provide:- Forward secrecy — past messages are safe even if current keys are compromised.
- Post-compromise security — the protocol self-heals after a key compromise.
- Scalable group messaging — efficient key updates for large groups.
mlsInit, createConversation, addClientsToConversation, encryptMessage, and decryptMessage on the transaction context.
Proteus
CoreCrypto also supports Proteus, Wire’s Signal-based double-ratchet protocol. Proteus support is available via a Wire-maintained fork and is enabled as an optional feature. The same transaction-based API is used for Proteus operations (proteusInit, proteusSessionFromPrekey, proteusEncrypt, proteusDecrypt).
Proteus is a feature-flagged dependency. It is not enabled by default in the Rust crate. The platform FFI bindings (TypeScript, Kotlin, Swift) do include Proteus support in their published packages.
Platform support
Rust (native)
Direct use of the
core-crypto crate. Full API access. Suitable for server-side and CLI tooling.TypeScript / WASM
Published as
@wireapp/core-crypto on npm. Browser and Node.js supported via a WASM binary (wasm-bindgen) with a native Node.js variant via N-API.Kotlin / Android
Published to Maven Central as
com.wire:core-crypto-android. UniFFI-generated Kotlin bindings wrapping a native .so library.Swift / iOS
Distributed as an XCFramework (
WireCoreCrypto). UniFFI-generated Swift bindings with an async/await API.Relationship to Wire
This repository is part of the Wire open-source platform. CoreCrypto is used directly by Wire’s mobile and web clients for all end-to-end encrypted messaging. The library is developed and maintained by the Wire CoreCrypto team.Wire CoreCrypto is licensed under GPL-3.0. The Wire trademark and associated logos remain the exclusive property of Wire Swiss GmbH. For full licensing details, see wire.com/legal/licenses/.
Key design decisions
Transaction-based mutations. All state-changing operations are performed inside atransaction callback. If the callback throws an error, all changes within that transaction are discarded. This prevents partial writes to the keystore and makes error recovery predictable.
Encrypted keystore. All keying material is stored encrypted at rest. On native platforms, SQLCipher is used. On WASM, the keystore is backed by the browser’s IndexedDB with AES256-GCM encryption via RustCrypto.
Wire’s OpenMLS fork. CoreCrypto depends on a Wire-maintained fork of OpenMLS. This fork may include Wire-specific patches not yet upstream. The exact revision is pinned in Cargo.toml.
UniFFI for Kotlin and Swift. The crypto-ffi crate uses UniFFI to generate Kotlin and Swift bindings from Rust. This means the API surface on mobile is derived directly from the Rust type definitions.