ian
February 14, 2026, 9:25am
2
@jase Your phrasing seems overly verbose and vague, but let me see whether I understand what you want:
I have joined a public group of untrustworthy strangers. Then one of the participants started harassing and stalking me. What should I do?
You should delete the profile, create a new one and join the group with that (or just join other groups instead). In general, you should only participate in untrustworthy groups and contact untrustworthy individuals with a throw-away profile.
The threat model of Delta Chat identities, invites and spam resistance is documented in numerous threads already:
I joined a group chat via somebody’s invite link, but I got this invite link through an extremely insecure connection. Now this person and everybody they know shows up as verified. But the link could have been tampered with in infinite ways or have come from anybody impersonating the person I merely hoped it is, and I wouldn’t know. Therefore I’m quite unsure what the “verified” could even possibly mean or guarantee in that situation.
UI PROPOSAL TO FIX ALL OF THIS HERE: Trust design: perhaps a…
One issue that I commonly see brought up when I onboard people to Delta Chat is that it’s a bit cumbersome to share the links or QR Codes as the main and only supported way to make contacts, so I was thinking of some possible ways that “usernames” could be implemented on-top of existing chatmail infrastructure (notably NOT the underlying email address, as it’s only used for transport)
starting simple, we could allow users to set usernames at a domain/website, by having the website serve a small…
Can you add a function to add friends by username?
I’m new on delta chat and have tested all just with my own accounts… so not really in real live.
I like delta chat a lot but before i introduce the app to my friends i have one question:
Is delta chat spam resistant ? Or do we have to fight spam at the end the same way as we have to do it while we use regular Emails ?
It seams to me that delta chat has not really a resistant way to deal with spam. We can block contacts - but how to prevent in the first place that we get bothered by all kinds …
Could we crack down on ensuring that its easy to keep invite links secure?
Currently:
Easiest way to add somebody is via invite link to their profile
Unless you manually reset the QR code, no real way to differentiate people. Especially because we just trust their name as declared
Safer:
Generate invite link per contact. When creating the link, user should specify name.
This is something that SMS actually gets pretty corrrect. Incoming messages have opaque number until user decides on na…
The advantages:
works offline
The gist is after you exchange your first message or join a group shared with someone, they have your full public key and can utilize and forward it without restriction and subject you to numerous threats later on until you throw it away.