A company called Germ is aiming to bring end-to-end encrypted messages to Blueskys AT Protocol, a feature that the social network doesnt currently have.The tools security is yet to be independently audited, but the company says it plans to seek that out soon. Mark Xue, a former privacy engineer at Apple and CTO of Germ, told 404 Media Weve been working for about two years on Germ, and on this integration for 6 months or so.Essentially, Germ is its own app which is integrating with the AT Protocol that powers Bluesky, according to an announcement post the company shared with 404 Media before it went live on Monday. It describes itself as the first secure messaging service on the ATProtocol!To start an encrypted chat, users will click the magic link in a Bluesky users bio, the announcement says. A persons Bluesky or AT Protocol handle acts as what German calls an identity card. This directs people to the Germ app, which in turn asks for the users Bluesky handle and credentials. The messaging itself then happens in the Germ app, not Blueskys own, but it still serves as a way to connect people who are trying to send encrypted messages to Bluesky users.Screenshots provided by Germ.Rianna Pfefferkorn, a policy researcher at Stanford and who told 404 Media she was an advisor to Germ, said I believe theyve got a great bench of expertise, between their CTOs background at Apple and the outside advisors theyve brought on who have very deep expertise in cryptography. She said Tessa Brown, Germs CEO, reached out because I had long been arguing, in my work at Stanford, that strong encryption is not incompatible with effective trust & safety.That has been a constant tension in private messaging apps and social networks. If a platform introduces end-to-end encrypted messaging in order to protect users privacy, does that potentially enable other bad behavior, because the platform will be unable to see it?By design, end-to-end encryption means Germ cant analyze the content of peoples messages, just like Signal, iMessage, and WhatsApp. We will have abuse mitigation like those established systems do, Xue said. He added A key dimension of abuse in DMs is unsolicited or unwanted contact. With our integration, users will be able to use their Bluesky handle as their messaging identity without opening up unsolicited DMs. They can grant permission to contact by exchanging cards directly (by QR code or link), while still proving and using the ongoing binding between their private Germ Card and their public Bluesky profile.We set out to build interoperable E2EE [end-to-end encrypted] DMs, because we believe that people should be able to make independent choices of software and still be able to talk with each other. Diversity of interoperable apps and infrastructure is also a core value of Blueskys AT Protocol (motivated by Musks acquisition of Twitter and subsequent user exodus). Theres a community working group to develop interoperable BSky E2EE DMs, and we think our implementation would be a great starting point, he added.In May 2024, Bluesky itself said encrypted DMs were coming down the line.