P2P messaging without internet, honestly reviewed. No marketing fluff, just what you actually get.

TL;DR

What it is: Open-source (Apache 2.0 / MIT dual-licensed) peer-to-peer messaging app built on the Wesh Protocol and IPFS. Works without internet via Bluetooth (BLE) and mDNS — no servers, no phone number, no email required [3][4].
Who it’s for: Activists, journalists, travelers passing through surveilled networks, and privacy researchers who genuinely need censorship-resistant communication when traditional infrastructure is unavailable or hostile [3][4].
Cost: Free. The project is run by a Paris-based NGO and cannot make profit by design. No SaaS tiers, no subscriptions [4].
Key strength: The only mainstream-ish messaging app that works completely offline via Bluetooth between nearby devices, with no central server, no identifier requirement, and no metadata leakage to a third party [1][3][4].
Key weakness: It is slow — measurably, frustratingly slow, especially on first contact. The README itself warns the app “should not yet be used to exchange sensitive data.” The Android app is currently unavailable due to an unresolved security update [README][website]. The Privacy Guides community consensus is that it is “not mature enough” for real-world use [2].

What is Berty

Berty is a messaging app from a French non-profit (Berty Technologies) that sends messages without routing them through any server. It runs on the Wesh Protocol — a framework built on top of IPFS and OrbitDB that handles end-to-end encryption, peer routing, group coordination, and device sync entirely between devices [3][README].

What makes it genuinely different from every other private messenger: it doesn’t need the internet. When two devices running Berty are nearby, they can exchange messages over Bluetooth Low Energy (BLE) or mDNS on a local network. No cell towers, no Wi-Fi, no relay servers. When internet is available, it uses IPFS for routing — you’re still not trusting a central server, you’re trusting the distributed hash table [1][3].

The project has 9,116 GitHub stars and a team of roughly 10 people based in Paris. It’s structured as an NGO, which means there’s no investor pressure to monetize user data and also no war chest to fund rapid development. The codebase is dual-licensed Apache 2.0 / MIT [3][README].

Berty compares itself favorably to 16 mainstream messaging tools across 12 dimensions including open source, distributed architecture, anonymous use, offline messaging, and end-to-end encryption by default. On paper, that comparison looks strong [1]. In practice, as every review notes, the performance characteristics are a different conversation.

Why People Choose It

The honest answer from the available reviews is that very few people have chosen Berty as a daily driver. The people who are interested in it fall into two camps: the ideologically motivated and the technically curious.

The ideologically motivated case. The Medevel write-up [3] frames Berty as a “lifeline for free speech” — the messenger you reach for when a protest is being cracked down on, a disaster has knocked out cellular infrastructure, or you’re in a country that actively blocks and monitors messaging apps. For that use case, Berty’s architecture is genuinely compelling. There is no server to subpoena, no operator to serve a warrant, no phone number to correlate with a real identity. The offline-via-Bluetooth capability is not a novelty feature — it’s the entire point.

The technically curious case. The Odaily analysis [1] treats Berty as a crypto/Web3 curiosity, comparing it favorably to centralized Web2 messengers (metadata leakage, censorship risk, account suspension) and decentralized Web3 messengers (latency, cost, multiple authorizations). Berty sits outside both categories — neither trusting a central company nor running on a blockchain.

Why most privacy-conscious users don’t choose it. The Privacy Guides community thread [2] is the most useful reality check. A long-time privacy researcher who evaluated nearly every option on the market puts Berty in the category of apps that are “too buggy, not mature enough.” The same thread recommends SimpleX Chat and Session as the only realistic options — neither of which requires a phone number and both of which actually work reliably. The conclusion: Berty’s threat model is correct; the execution isn’t there yet [2].

The Odaily test [1] found: first message to a face-to-face contact took ~40 seconds. First message to a contact in another country (Beijing to Denmark) took over an hour and ultimately never connected. The official workaround — enable IPv6 on your router, wait for the user base to grow — is not a workaround. It’s an acknowledgment that the P2P routing layer needs more nodes to be useful [1].

Features

Based on the README, official website, and third-party coverage:

Core messaging:

End-to-end encrypted messages and group conversations by default [3][4]
No phone number, email address, or real name required — identity is a locally generated Berty ID [4][README]
Groups powered by OrbitDB over IPFS — decentralized, real-time sync [3]
Message history syncs across devices via the Wesh Protocol [README]
Fully open source — every line of code is auditable [4]

Offline / censorship-resistance:

Bluetooth Low Energy (BLE) messaging without internet or cellular data [1][3][4]
mDNS for local network discovery [3][README]
Designed for adversarial networks — works when apps like Signal are blocked [4]
No reliance on central relay servers or contact lookup services [4]

Privacy architecture:

Metadata minimized — the protocol is designed so that even Berty Technologies cannot see who is talking to whom [4]
No KYC (Know Your Customer) — no identity binding at account creation [4]
Resistant to SIM-swapping and email account compromise by design — there’s no account tied to a phone number [4]
E2EE is not an opt-in mode, it’s the only mode [4]

Developer / protocol layer:

Wesh Protocol SDK for building other P2P apps — handles encryption, routing, identity, and group lifecycle automatically [3]
CLI tools: berty mini (lightweight messaging) and berty daemon (full node with API) [README]
Multi-platform: Android (Play Store), iOS (App Store), CLI [README][3]

What’s missing:

No voice or video calls [2]
No file sharing with E2E encryption [2]
No desktop GUI app — only CLI for non-mobile users
Android app currently unavailable due to an ongoing security update [website features page]

Pricing: The Economics of a Non-Profit App

There is no pricing tier to analyze. Berty does not charge for anything [4].

The NGO model means Berty is funded by grants (Nodle granted $1 million to advance the protocol [website blog]) and community contributions, not by users. The trade-off is that a 10-person NGO moves slower than a funded startup and has less capacity to fix critical issues quickly — as evidenced by the Android app being pulled while a security update is worked through [website].

For comparison, what you’re replacing:

Signal: Free, but requires a phone number — a persistent identifier that ties your Berty-equivalent privacy expectations directly to your real-world identity [2]
Telegram: Free with a phone number requirement; E2EE only in “Secret Chats” (not default); stores plaintext messages on their servers by default
SimpleX Chat or Session: Free, no phone number required, far more mature than Berty, but requires internet/servers to route messages beyond local range

If cost is the driver, there’s nothing to save — Berty is free and so are its most credible competitors. The relevant comparison is capability and reliability, not price.

Self-hosting the protocol layer (running a berty daemon node as a relay) is possible and adds nothing in direct cost beyond a VPS (~$5–10/mo on Hetzner or similar). But this is only relevant for developers building on the Wesh Protocol — end users don’t need it.

Deployment Reality Check

For end users on mobile: Install from the App Store or Play Store, create an account without providing any personal information, and add contacts. The onboarding is simple. What isn’t simple is getting the app to reliably connect to anyone not physically nearby [1].

For iOS users: The app is available and functional.

For Android users: The app is currently unavailable on the Play Store due to an ongoing security update [website]. This is not a minor footnote — it means roughly half of all potential users cannot use the app right now.

For CLI users or developers: You’ll need Go installed to build the CLI tools. berty daemon runs a full Wesh Protocol node. This is documented in the README and is a reasonable path for technical users who want to contribute relay capacity to the network.

What can go wrong:

The performance on first contact is genuinely bad. The Odaily test [1] clocked 40 seconds for a face-to-face first message and a failed hour-long attempt to reach a contact internationally. This is a P2P routing problem that improves with network size, which is a chicken-and-egg problem for a small user base.
The README includes an active warning: “Berty is still under active development and should not yet be used to exchange sensitive data.” This is honest and significant. An app that openly warns against using it for its primary advertised use case should not be your emergency communication tool until that warning is removed.
The team is 10 people. Security vulnerabilities get patched, but slowly — the Android security issue pulling the app from the store is an example of that pace [website].

Pros and Cons

Pros

Genuinely serverless. Not “we don’t store your messages” — there are no servers involved in routing or delivery. No company to get a warrant served to, no service to get blocked by a government firewall [4].
No identifier required. No phone number, no email, no government ID. The only thing that identifies you is a locally generated key pair [4]. This is rarer than it sounds — Signal, Telegram, WhatsApp, and most Matrix servers all require a phone number or email.
Offline messaging via BLE. No other mainstream privacy-focused app does this. If you’re in a crowd at a protest with no cellular service, Berty is the only option that keeps working [3][4].
Dual Apache/MIT license. Genuinely permissive. You can fork it, embed the Wesh Protocol in your own app, redistribute it — no commercial restriction [3].
Non-profit structure. No incentive to monetize metadata, change terms of service, or sell to an acquirer. The structural alignment is unusually clean for this category [4].
Wesh Protocol SDK is a real thing for developers who want to build P2P apps without implementing the hard parts of encryption and routing [3].

Cons

Actively unstable. The README warns against using it for sensitive data. The Android app is currently unavailable. These are not marketing-speak hedges — they reflect real gaps in production readiness [README][website].
Slow first-contact performance. 40 seconds face-to-face, potentially hours or failure for remote contacts [1]. This is a fundamental property of P2P DHT routing at small user scale, not something a settings change fixes.
Tiny user base. P2P routing requires other nodes on the network. A messaging app with few users has poor routing, which further discourages new users — a vicious cycle that explains why the app hasn’t broken out despite being technically interesting for years.
No voice/video calls, limited file sharing [2]. For a general-purpose messenger, these are table-stakes features that aren’t there.
No desktop GUI. Non-technical users on laptops cannot use Berty without building from source.
Privacy community consensus is negative. The most thorough public evaluation of private messaging apps dismisses Berty as “not mature enough” [2]. These are people who evaluated dozens of options specifically for this use case. That verdict matters.
Small team, slow fixes. A 10-person NGO fixing a security issue that takes the Android app offline for an indefinite period is not the development velocity you want in an emergency communications tool [website].

Who Should Use This / Who Shouldn’t

Use Berty if:

You are a journalist, activist, or aid worker in a country with active network surveillance and you need to communicate with someone physically nearby when the internet is cut off. Bluetooth offline messaging is the feature nobody else has.
You are a developer evaluating the Wesh Protocol for building a P2P application that needs to work offline or in hostile network environments.
You want to understand the architecture of censorship-resistant communication — the code is readable and the documentation explains the design decisions clearly.

Skip it (use SimpleX Chat instead) if:

You want a private messenger with no phone number requirement that actually works reliably today. SimpleX has no persistent identifiers, no server metadata, and is recommended by the same community that dismisses Berty [2].

Skip it (use Session instead) if:

You want decentralized routing without the BLE-or-bust performance problem. Session runs on the Oxen network with enough relay nodes to actually deliver messages.

Skip it entirely if:

You need to communicate across distances greater than BLE range and you don’t have a stable internet connection. The P2P routing over internet is too unreliable at Berty’s current user scale to depend on [1].
You’re on Android right now. The app is not available [website].
You were planning to use this for anything genuinely sensitive. The app itself says not to [README].

Alternatives Worth Considering

SimpleX Chat — No user identifiers of any kind (not even a username), E2EE, open source, works over internet reliably. The privacy community’s current top recommendation for threat models where contact graph privacy matters [2].
Session — No phone number required, decentralized relay network (Oxen), works on desktop and mobile, more mature than Berty. Weaker metadata protection than SimpleX but more practical [2].
Briar — Also does offline Bluetooth and direct WiFi messaging, has a longer track record than Berty for disaster/protest scenarios. Limited to nearby contacts without internet, like Berty, but it’s a more battle-tested implementation for that specific use case.
Signal — The most secure widely-used messenger that also has a large user base (good for actually reaching people), but requires a phone number and routes through Signal’s servers [2]. Not viable if phone number association is the threat.
Matrix / Element — Federated, self-hostable, good for team communication, but servers store metadata and the federation model leaks contact graph data [2].
Meshtastic — Not a messaging app per se, but worth knowing: open-source LoRa mesh networking that achieves truly server-free, long-range offline messaging via cheap hardware (~$30). Different threat model than BLE but solves the range problem Berty doesn’t.

Bottom Line

Berty’s architecture is correct. Genuinely serverless, offline-capable, no-identifier P2P messaging is a meaningful privacy property that no other widely-available app provides. The Wesh Protocol is interesting engineering.

The execution isn’t there yet, and the project is honest about it. When your own README warns users not to exchange sensitive data, and your Android app is offline for an unspecified duration while a security issue is resolved, and independent performance tests show international contacts sometimes failing to connect at all — that’s not a tool you hand to someone in an emergency.

If you’re a developer building P2P applications, the Wesh Protocol SDK is worth evaluating. If you’re an activist who needs BLE-only local communication with physically nearby people, Berty is your only realistic option and that use case is real. For everyone else: check back in a year. The architecture deserves a mature implementation. It doesn’t have one yet.

Sources

Maxlion, Odaily — “Analyzing Berty: an instant messaging tool based on IPFS” (Sep 1, 2022). https://www.odaily.news/en/post/5181398
Privacy Guides Community — “Which private messaging / communication app is best?” (Dec 2024). https://discuss.privacyguides.net/t/which-private-messaging-communication-app-is-best/23335
Medevel — “Berty: Open-secure, Free, Offline-first, peer-to-peer Messaging App That Cares about your Privacy!”. https://medevel.com/berty-app/
Berty Technologies (official) — “Why Berty is so much different from other apps?”. https://berty.tech/compare

Primary sources:

GitHub repository and README: https://github.com/berty/berty (9,116 stars, Apache 2.0 / MIT license)
Official website: https://berty.tech
Features page: https://berty.tech/features

Features

Mobile & Desktop

Mobile App

Replaces

Related Communication & Messaging Tools

View all 128 →

LobeChat

74K

An open-source AI chat platform with multi-model support, agent building, MCP integration, and plugin ecosystem — a self-hosted alternative to ChatGPT.

communication

Rocket.Chat

45K

Rocket.Chat is an open-source team communication platform that combines messaging, video conferencing, and omnichannel customer engagement in a single self-hosted deployment.

communication