Quick answers to common questions about NexChat.
Yes! NexChat is completely free and open-source. You can self-host it using the provided Docker setup, or use our hosted version at no cost. There are no hidden fees or premium features locked behind a paywall.
NexChat uses a public key infrastructure (PKI) for encryption. When you register, your client generates a public-private key pair. Your public key is stored on the server so other users can fetch it to encrypt messages for you. Your private key never leaves your device. Only the intended recipient can decrypt messages sent to them.
NexChat collects your email or phone number (for account identification), display name, avatar, public encryption key, message content, and usage metadata (online status, last seen). Passwords are hashed with bcrypt — we never store plaintext passwords. See our Privacy Policy for full details.
Yes. You can log in to your account from any device using your email or phone number and OTP verification. If you set a password, you can also use that. However, if you lose your device and haven't backed up your private E2EE key, previously encrypted messages cannot be decrypted on the new device.
NexChat implements multiple layers of security: JWT authentication with token rotation, OTP verification, rate limiting, Helmet security headers, Zod input validation, and bcrypt password hashing. All traffic should be served over HTTPS. The server never stores plaintext passwords. See our Security page for the full breakdown.
Absolutely. You can request account deletion by contacting us at support@nexchat.app. We will delete your account, messages, and associated data. Note that message history with other users will also be removed from their conversation view.
Yes. You can register using just your email address. A phone number is optional. If you register with email, OTP codes will be sent via email instead of SMS.
You can create group conversations with multiple participants. The group creator is automatically assigned the ADMIN role. Admins can manage the group, while MEMBERs can participate in conversations. Groups can have a name and avatar, and support all message types including media sharing and replies.
File size limits depend on your storage configuration. When using the local mock upload, the limit is determined by your server's request size configuration. In production with Cloudflare R2, you can configure limits based on your R2 plan.
Yes! NexChat is designed to be self-hosted. We provide a docker-compose.yml with PostgreSQL, Redis, and the app server. You just need to set environment variables for your secrets and run docker compose up. See the project README for detailed instructions.