February 2026 | Independent audit via opacE2EE

Security Audit Results

Three E2EE protocols evaluated using opacE2EE (Open Protocol Auditor for End-to-End Encryption), a deterministic Rust-based framework that scores protocols across 9 security dimensions. All results are fully reproducible.

Protocols Tested

Fourier

Used by a.s.d.f. Built on the Signal Protocol implementation with protocol-level message padding and metadata protection enhancements.

Signal (libsignal)

Reference implementation of the Signal Protocol. Used by Signal, WhatsApp, and others. X3DH + Double Ratchet.

Olm/Megolm

Used by Matrix/Element. Implements X3DH-style key exchange with Megolm group ratchet. vodozemac-0.9 implementation.

Overall Scores

Fourier

89.5 / 100

Used by a.s.d.f

Signal (libsignal)

87.5 / 100

Reference implementation

Olm/Megolm

87.5 / 100

Matrix / Element

Key difference: Fourier implements message padding through dedicated protocol-level APIs, scoring higher on metadata protection (4.0 vs 2.0). Neither Signal nor Olm/Megolm include built-in padding at the protocol layer — their applications add it separately.

Dimension Breakdown

Key Exchange Weight: 12%

Fourier: 10.0 Signal: 10.0 Olm/Megolm: 10.0

Fourier

Signal

Olm

Forward Secrecy Weight: 15%

Fourier: 10.0 Signal: 10.0 Olm/Megolm: 10.0

Fourier

Signal

Olm

Post-Compromise Security Weight: 12%

Fourier: 10.0 Signal: 10.0 Olm/Megolm: 10.0

Fourier

Signal

Olm

Server Trust Weight: 15%

Fourier: 10.0 Signal: 10.0 Olm/Megolm: 10.0

Fourier

Signal

Olm

Group Security Weight: 10%

Fourier: 10.0 Signal: 10.0 Olm/Megolm: 10.0

Fourier

Signal

Olm

Metadata Protection Weight: 10%

Fourier: 4.0 Signal: 2.0 Olm/Megolm: 2.0

Fourier

Signal

Olm

Cryptographic Primitives Weight: 8%

Fourier: 10.0 Signal: 10.0 Olm/Megolm: 10.0

Fourier

Signal

Olm

Identity Verification Weight: 10%

Fourier: 7.5 Signal: 7.5 Olm/Megolm: 7.5

Fourier

Signal

Olm

Multi-Device Security Weight: 8%

Fourier: 7.5 Signal: 7.5 Olm/Megolm: 7.5

Fourier

Signal

Olm

Full Results Table

Dimension	Weight	Fourier	Signal	Olm/Megolm
Key Exchange	12%	10.0	10.0	10.0
Forward Secrecy	15%	10.0	10.0	10.0
Post-Compromise Security	12%	10.0	10.0	10.0
Server Trust	15%	10.0	10.0	10.0
Group Security	10%	10.0	10.0	10.0
Metadata Protection	10%	4.0	2.0	2.0
Cryptographic Primitives	8%	10.0	10.0	10.0
Identity Verification	10%	7.5	7.5	7.5
Multi-Device Security	8%	7.5	7.5	7.5
Overall Score	100%	89.5	87.5	87.5

What Fourier Scores Prove

Perfect Scores (10/10)

All three protocols achieve perfect scores on 6 of 9 dimensions — confirming strong foundational cryptography across the board:

Key Exchange (10.0): Full X3DH with 4-DH variant, proper 3-DH fallback, signature verification on signed prekeys, unique sessions per handshake
Forward Secrecy (10.0): Per-message chain key ratcheting, root key advancement on every DH step, immediate key erasure after use
Post-Compromise Security (10.0): DH ratchet introduces fresh randomness on each conversation turn, automatic recovery from compromised state
Server Trust (10.0): Server never sees plaintext, AEAD integrity verified on every message, tampered ciphertext rejected, replay protection via monotonic counters
Group Security (10.0): Sender key encryption with authentication, non-members rejected, unique ciphertexts per group
Cryptographic Primitives (10.0): Ed25519, X25519, ChaCha20-Poly1305, HKDF-SHA256 — all constant-time, well-audited implementations

Where Fourier Leads: Metadata Protection (4.0 vs 2.0)

Fourier is the only protocol that scores higher on metadata protection. It implements message padding at the protocol level through dedicated APIs. Messages are padded to fixed-size tiers (256B, 1KB, 4KB, 16KB, 64KB, 256KB, 1MB) before encryption, preventing length-based traffic analysis.

Neither Signal (libsignal) nor Olm/Megolm (vodozemac) include built-in padding — their respective applications add padding at a layer above the protocol. Both also lack sealed sender and timing obfuscation at the protocol layer.

Shared Gaps (All Protocols)

Identity Verification (7.5): All three support safety numbers for out-of-band verification but lack key transparency (auditable key directory)
Multi-Device Security (7.5): All support per-device keys and independent sessions but lack a built-in cross-device message sync protocol

Methodology

About opacE2EE

opacE2EE (Open Protocol Auditor for End-to-End Encryption) is an open-source Rust framework that evaluates E2EE protocol security across 9 weighted dimensions, producing a deterministic score out of 100.

Transparent: All test source code is open for inspection and verification
Deterministic: Identical adapter runs produce identical scores
Protocol-agnostic: Any protocol can be evaluated by implementing the ProtocolAdapter trait
Reproducible: Each audit run generates a unique SHA-256 run ID for reference

Tests operate exclusively through the ProtocolAdapter trait interface without accessing protocol internals. Session state changes are verified via SHA-256 fingerprinting of serialized state, and server-view tests confirm that servers observe only opaque ciphertext.

Scoring Formula

The overall score is computed as:

Score = Σ (dimension_score / 10 × dimension_weight)

Audit Run IDs

Protocol	Implementation	Run ID (truncated)
Fourier	fourier crate	`View in PDF`
Signal	libsignal-protocol	`View in PDF`
Olm/Megolm	vodozemac-0.9	`b21cc03f9166...`

Full audit PDFs are available in the opacE2EE results directory. For protocol details, see the Fourier Protocol specification.