City of Hats vs. The Competition
Secure Messaging — Feature Comparison
How City of Hats compares to Signal, Telegram, and WhatsApp across privacy, encryption, ephemeral delivery, and identity verification.
Anonymous Intake & Source Protection
| Capability | City of Hats | Signal | Telegram | |
|---|---|---|---|---|
| No phone number or email required | ✓ | ✕ | ✕ | ✕ |
| Ephemeral disposable identities (Hats) | ✓ | ✕ | ✕ | ✕ |
| Works in any browser (PWA) | ✓ | ✕ | Web app | Web app |
| Native Android app | ✓ | ✓ | ✓ | ✓ |
| Sealed one-way tip submission | ✓ | ✕ | ✕ | ✕ |
| Two-way secure channel | ✓ | ✓ | ✓ | ✓ |
| No cloud backup of messages | ✓ | Optional | ✕ | ✕ |
Encryption & Ephemerality
| Capability | City of Hats | Signal | Telegram | |
|---|---|---|---|---|
| End-to-end encryption (default) | ✓ | ✓ | Secret chats only | ✓ |
| Post-quantum key exchange (ML-KEM-768) | ✓ | PQXDH | ✕ | ✕ |
| Forward secrecy (Double Ratchet) | ✓ | ✓ | ✕ | ✓ |
| Burn-after-read (server-side destruction) | ✓ | Timer only | Timer only | View once |
| 9 Security Modes (View Once, Recall, Sealed File, etc.) | ✓ | ✕ | ✕ | ✕ |
| Channel auto-expiry | ✓ | ✕ | ✕ | ✕ |
| Zero-knowledge server (blind relay) | ✓ | ✓ | ✕ | ✕ |
| No metadata or IP stored | ✓ | Sealed sender | ✕ | ✕ |
Dead Drops & Advanced Delivery
| Capability | City of Hats | Signal | Telegram | |
|---|---|---|---|---|
| Asynchronous encrypted dead drops | ✓ | ✕ | ✕ | ✕ |
| Time-locked delivery (future unlock) | ✓ | ✕ | ✕ | ✕ |
| Multi-path secret sharing (split delivery) | ✓ | ✕ | ✕ | ✕ |
| GhostFrame steganography (data in images) | ✓ | ✕ | ✕ | ✕ |
| EchoDrop (voice-passphrase retrieval) | ✓ | ✕ | ✕ | ✕ |
| E2E encrypted file attachments | ✓ | ✓ | Secret chats only | ✓ |
| Client-side crypto proof log | ✓ | ✕ | ✕ | ✕ |
Identity Verification & Access Control
| Capability | City of Hats | Signal | Telegram | |
|---|---|---|---|---|
| Face liveness verification (sender) | ✓ | ✕ | ✕ | ✕ |
| Face liveness gate (recipient, API-enforced) | ✓ | ✕ | ✕ | ✕ |
| 1:1 face matching for recipient (enterprise) | ✓ | ✕ | ✕ | ✕ |
| Zero biometric data retention | ✓ | — | — | — |
| Safety number verification | ✓ | ✓ | ✕ | ✓ |
| PIN-protected local key storage | ✓ | ✓ | ✓ | ✓ |
Voice, Video & Intelligence
| Capability | City of Hats | Signal | Telegram | |
|---|---|---|---|---|
| Encrypted voice calls | ✓ | ✓ | Secret chats only | ✓ |
| Encrypted video calls | ✓ | ✓ | Group only | ✓ |
| Built-in intelligence bot (CHECK) | ✓ | ✕ | ✕ | ✕ |
| Email / phone / domain risk scoring | ✓ | ✕ | ✕ | ✕ |
| Warrant canary (transparency) | ✓ | ✓ | ✕ | ✕ |
How we compare: Signal protects conversations through phone-bound identity and strong encryption. Telegram prioritizes reach and features over default encryption. WhatsApp uses the Signal protocol but operates under Meta's data practices — metadata, contacts, and usage data are collected.
City of Hats is the only platform that combines anonymous ephemeral identity, end-to-end encryption with post-quantum key exchange, burn-after-read with server-side destruction, asynchronous dead drops with time-lock and multi-path delivery, GhostFrame steganography, EchoDrop voice retrieval, 9 Security Modes, and face liveness verification without biometric data retention — all from a standard browser with no phone number required.