Jack Dorsey, co-founder of Twitter and Block, has launched a new messaging app called Bitchat, which allows users to send messages without internet or cellular connectivity. Built over a weekend in early July, the app has already drawn attention—not just for its bold approach to offline communication, but for the security concerns trailing it.
Available now on the iOS App Store and GitHub for Android users, Bitchat functions through Bluetooth mesh networks. This means users within a 100-meter range can send and receive messages—no Wi-Fi, no SIM card, no data plan required. The app has no login system. Once opened, users are met with a simple interface that lets them send messages and set a temporary display name.
The concept isn’t new. Apps like Bridgefy gained popularity in scenarios like music festivals or civil protests, where network congestion or government censorship restricted digital communication. Bitchat revives that idea with a familiar face behind it—Dorsey, whose past ventures have included everything from microblogging to fintech.
Privacy Claims Under Fire
Dorsey touted Bitchat as a secure and private messaging platform during its soft launch. However, cybersecurity researcher Alex Radocea soon raised critical concerns about its architecture. According to Radocea, the app lacks basic identity protections, making it easy for users to impersonate others.
“In cryptography, details matter,” he warned in a blog post, suggesting that the app’s emphasis on vibe and decentralization may have come at the cost of fundamental safeguards. Dorsey has since acknowledged that Bitchat has not undergone external security audits.
Adding to the confusion, fake versions of Bitchat have emerged on the Google Play Store, capitalizing on its early buzz. These counterfeit apps have already seen thousands of downloads, prompting Dorsey to repost a warning on X (formerly Twitter) advising users to avoid Google Play and stick to GitHub for the Android version.
Why It Matters
Bitchat reflects a growing interest in decentralized, privacy-first tools that resist traditional surveillance and infrastructure. It has the potential to thrive in low-connectivity regions or politically sensitive environments. Yet without robust protections against impersonation and data manipulation, its utility may be undermined by the very trust it aims to inspire.
Africa’s burgeoning tech ecosystem, which often struggles with internet accessibility and data costs, could benefit from such peer-to-peer innovations. But the rush to adopt “off-the-grid” tools without adequate vetting could open new doors to exploitation.
As the debate intensifies around privacy, decentralization, and security, Bitchat presents both a compelling experiment and a cautionary tale. It’s an app that skips the cloud but may be floating on vulnerabilities unless serious improvements are made.
Talking Points
Decentralization is Cool Until It’s Not. Jack Dorsey’s Bitchat taps into the growing hunger for decentralized tools that reject Big Tech’s stranglehold.
No logins, no cloud, no carriers — just Bluetooth. But let’s be honest: the same decentralization that enables privacy can also open the door to impersonation, disinformation, and cyber abuse. Trust can’t survive without verification.
The App is Vibe-Coded, Not Security-Coded. A secure messaging app that hasn’t undergone a proper external security audit? That’s not “edgy,” that’s reckless. Dorsey’s app banks on goodwill and curiosity, not encryption.
If we’re building tools that claim to protect activists, protestors, or anyone vulnerable especially in volatile regions the code must be bulletproof, not weekend hobby-grade.
Africa Needs Offline Messaging but Not at Any Cost. Let’s not forget millions across sub-Saharan Africa still face poor network coverage. Apps like Bitchat seem tailor-made for the continent’s rural, underserved regions.
But deploying half-baked tech without accountability could make things worse, spreading fake news, facilitating scams, or helping authoritarian surveillance under the guise of “offline privacy.”