Common questions around Bridgelink. How it works, who it's for, and some clarity around the settings.
Bridgelink is a decentralized mesh messaging app for Android. It lets you send encrypted text messages to people nearby without needing the internet, cell service, Bluetooth, or any servers. Your phone communicates directly with other phones using WiFi Aware technology built into modern Android devices.
No. Bridgelink uses WiFi Aware (Neighbor Awareness Networking), a peer-to-peer technology built into modern Android devices. It works entirely without internet, cell towers, Bluetooth, or any external infrastructure. Your phone's WiFi hardware communicates directly with nearby devices.
Bridgelink uses WiFi Aware (Neighbor Awareness Networking), a peer-to-peer technology built into modern Android devices. It requires the Nearby WiFi Devices permission as WiFi Aware is built into the WiFi protocol. It also requires location services as WiFi Aware or NAN protocol uses it to work out distance from the connected device. Alarm permissions are used to keep WiFi aware working in the background when your device sleeps.
No, the only reason we request location services is because the WiFi aware protocol requires it to function. In fact, there is never any communication with any central servers or services, so there is nowhere for it to be reported to... and you're welcome to check us on that!
Bridgelink is designed for anyone who needs private, infrastructure-free communication. This includes people in areas with poor or no connectivity, privacy-conscious users, event-goers at festivals or conferences, activists in regions with internet shutdowns, emergency responders during natural disasters, or anyone who wants to communicate without relying on servers or services that can be monitored, censored, or taken down.
Bridgelink was born from a simple question: what if you could message someone without trusting any third party? Every mainstream messaging app requires you to trust a server operator with your metadata, and many with your messages themselves. Bridgelink eliminates that trust requirement entirely ‐ there are no servers, no accounts, no phone numbers, and no metadata collection. Your messages travel directly between devices.
Yep, Bridgelink is completely free to use. There are no subscriptions, no ads, no in-app purchases, and no premium tiers. The project is supported through voluntary donations by you the community if you like it, no obligations though, just sharing it with your friends and family would be amazing.
Bridgelink is a passion project first and foremost. It was built initially to see if it could be done. Secondly, I absolutely hate adverts. they track you, they advertise products you don't want and they ruin otherwise good applications. The market is flooded with apps that are built purely to run adverts and I wanted to do something different. If people like your product and find it useful then hopefully they will support it.
I have asked myself this often. If it became popular would I sell it and the answer is no. I would rather it remain free for everyone and it be supported by the community.
I will release the code at some point, but have taken the decision not to release it straight away because I don't want to split adoption. The application needs adoption for the mesh to become viable and having multiple forks of the application will only hurt it's progress in the short term. If it becomes successful and we get good adoption and mesh penetration then i'll open up the code for everyone to build upon. Feel free to stress test it, rip it apart, reverse engineer it though and let me know if you find any problems by submitting a bug report.
Currently, Bridgelink is Android-only. It requires WiFi Aware (Neighbor Awareness Networking). Apple has not implemented WiFi Aware in iOS yet (although they are reported to have added a version of it in the latest iOS), so iPhone support is not plausible at this time, but I would certainly like to see it on iPhone eventually.
Nope. Bridgelink is entirely local, there are no servers, no registration, no email, and no phone number required. You simply choose a username when you first open the app. Your identity keys are generated locally on your device and never leave it. There is no "account" sent anywhere on the internet. That does have a downside though, if you uninstall the app or you break your device and you have not saved a backup, you are screwed, there is nothing me or anyone else can do to get your contacts back. Create a backup often, the app will remind you to do it periodically.
A single WiFi Aware connection reaches up to about 75 meters between devices in optimal conditions. However, through the mesh network, messages can hop through up to 500 other devices and survive for 7 days, meaning they can travel as far as the chain of Bridgelink users extends. In a dense area like a campus or festival, messages can traverse significant distances.
Think Six degrees of separation.
Direct means the recipient was nearby and received your message directly from your device. Mesh means the message was sent onto a relay device where it will relay through multiple devices until it reaches your recipient. Both are end-to-end encrypted and equally secure, the difference is just the path taken.
Bridgelink is "honest about uncertainty." A message stays "Queued" until a recipient or relay confirms receipt of your message. This means you are in an area with low app usage, this will be the case for early adopters of the app especially. Messages stay queued ready to send for up to 7 days on your device, so there's time for a relay device or the actual recipient to collect your message.
WiFi Aware has strict bandwidth constraints. The 500 character text limit and 1,200-byte batch size are designed to work reliably within these constraints. Sending media would require orders of magnitude more bandwidth and would be impractical over the mesh. Text-only keeps the network fast and efficient for everyone.
Each message can be up to 500 characters long. This limit exists because WiFi Aware has limited bandwidth and limited time to transfer a message. Messages are encrypted, fragmented into small chunks, and reassembled on the other end. Messages need to hop between devices that are not static and may only be in range for a few seconds so a shorter limit ensures messages transmit quickly and reliably even in busy mesh networks. Unicode characters (including emoji) are fully supported.
When your recipient isn't directly nearby, your message is stored by other Bridgelink app users that are within range. Those devices carry the message and pass it along to other app users they encounter, like a chain. Each message can survive up to 7 days and hop through up to 500 devices. Relay nodes store up to 10MB of messages (30MB in hub mode) and can carry up to 100 messages at a time. They cannot read any of the messages they carry, everything is end-to-end encrypted.
Relay Hub mode turns your device into a high-capacity message relay. It forwards messages to 30 peers instead of the usual 10, stores up to 30MB of relay data, and can handle 100 messages per minute. There's also an overnight mode that auto-enables when your device is charging during configured hours, with optional clock or stats display. It's ideal if you want to help the network. for example, leaving a device plugged in at a busy location.
Postman mode prioritizes carrying messages for your contacts. When enabled, your device doubles its relay capacity to 200 messages and gives priority to messages destined for people in your contact list but where messages are not for you but say a family member or friend that you both know. It's useful if you regularly pass by certain contacts and want to act as a bridge for their messages.
Direct Only gives you maximum privacy. Your message is only sent if the recipient is directly nearby, and is never relayed through other devices. Mesh Only gives you location privacy, your message always goes through relays and is never delivered directly, so the recipient can't tell if you were nearby. Both (the default) uses whichever delivery method is available and is the most reliable option.
Physical proximity pairing (within 5 meters) is a deliberate security design. It ensures you always know exactly who you're adding. You can see them and verify their identity and eliminates impersonation, catfishing, and social engineering attacks that plague server-based messaging apps. There are no friend requests from strangers that might want to harass you or track you unless you add strangers as contacts, but then that's on you!
Both devices enter pairing mode and discover each other via WiFi Aware. During discovery, you appear as a random 3-word name (e.g., "apple-bridge-cloud") drawn from a list of over 8.5 billion combinations ‐ your selected username stays hidden at that point. Once you select each other, both devices display a 6 digit PIN that you must confirm matches. After confirming the PIN, encryption keys are exchanged using ECDH with signature verification to prevent man-in-the-middle attacks. Only then is your actual username revealed and the contact saved.
Bridgelink tries to detect and warn you ahead of time about usernames that contain URLs, email addresses, phone numbers and IP addresses. This warning appears before PIN verification, adding a layer of protection against phishing or spam contacts. It's not perfect but it should stop most standard forms of billboarding.
Groups support up to 50 members per group. Each group gets its own encryption key pair shared among all members. Only the group creator can add or remove members. removals propagate across the network like a normal message and may be unreliable. Any member can leave the group locally, but only the creator can remove others. Messages from people who aren't in your contacts show a truncated device ID until you add them as a contact yourself by meeting up with them and going through the add a contact process, at which point their username and their past messages are decrypted for you to see.
Yes. You can ignore someone thats annoying you. This is a personal setting that isn't synced to anyone else. The ignored person doesn't know, and other group members aren't affected. Their messages simply stop appearing in your group message chat window.
Your username is cryptographically bound to your identity ‐ it's signed with your private key. Changing your username invalidates the signature, which means all your existing contacts will no longer recognize you. This is a deliberate security feature to prevent impersonation. You would need to re-pair with all your contacts after a username change so it's advised that you pick a suitable username at the start.
No. All messages are encrypted before they ever leave your device. Relay nodes transport ciphertext that they cannot decrypt. Only the intended recipient, who has the corresponding encryption key that you exchanged when you added them as a contact can read the message content.
No, Bridgelink handles relay messages automatically in the background, you do not need to do anything to be a relay or handle messages that are not for you. If you look in the Outbox, you can see how many messages you are carrying for other people. If you want a few nerdy stats you can go into the Settings → Advanced → Queue Stats.
Bridgelink uses multiple layers of modern cryptography: ECDH (Elliptic Curve Diffie-Hellman) for key exchange, AES-256-GCM for message encryption with authenticated encryption, HMAC-SHA256 for username signing, PBKDF2 with 100,000 iterations for PIN hashing, and Argon2id (memory-hard, GPU-resistant) for backup encryption. Private keys are encrypted at rest with AES-256-GCM using Android Keystore, which is hardware-backed on compatible devices.
Your identity keys (encrypted with Android Keystore), contacts and their public keys, message history, group keys and member lists, settings, and relay queue. Everything is stored locally. Private keys are protected by hardware-backed encryption (TEE/StrongBox) on supported devices, which means even root access cannot extract them.
Nothing, nadda, not a thing. There are no server connections, you can test this yourself. Disconnect from your wifi network, (leave wifi on though it needs that to talk to other phones) turn off cell service and test it, it'll still send messages!. Bridgelink is completely decentralized ‐ all data stays on your device and the devices of people you communicate with and through who run the app.
The Duress PIN is an alternate PIN that, when entered, silently wipes all your messages, contacts, encryption keys and any backups you have so make sure when you run a backup, you save it somewhere secure off your phone if you want to set it back up again later. The app retains your username, sets the duress PIN as your app lock PIN and sets all settings back to default appears as if freshly set up, providing plausible deniability if you're forced to unlock the app under duress. Notifications are also silenced when a duress PIN is configured. It requires PIN-based App Lock to be enabled first.
Block Screenshots uses Android's FLAG_SECURE to prevent anyone (including you) from taking screenshots or screen recordings of the app on your own device. This also hides the app content from the recent apps overview. It's useful if you're concerned about someone messing with your phone and getting screenshots off of the device. This does not prevent screenshots being taken on anyone elses device that you message.
Incognito Keyboard tells your keyboard app to stop learning from what you type in Bridgelink. This prevents your keyboard from adding message content to its prediction dictionary, autocomplete suggestions, or clipboard history. It doesn't change which keyboard you use, it just asks the keyboard to operate in a private mode. Be aware though that some keyboards ignore this setting, if you are concerned about privacy and logging of data, only use a reputable keyboard app.
Message Retention automatically deletes messages from your device after a set period. You can configure the duration in hours, days, months, or years. The default is 30 days. Setting it to 0 keeps messages indefinitely. This applies to both direct and group messages. It's a local setting, it only affects messages on your device, not on your recipient's.
Intruder Detection silently activates the front camera when someone enters the wrong PIN to unlock Bridgelink. It stores up to 50 photos which you can review in a private gallery. This lets you see who tried to access your app without your knowledge. When you first enable this setting, you will be asked to allow permission to the camera, this is only used for the intruder photo setting.
App Lock secures Bridgelink behind authentication. You can choose from three methods: a PIN (4-8 digits, hashed with PBKDF2 at 100,000 iterations), a TOTP code (6-digit authenticator app), or biometric (fingerprint). The biometric option only appears after you have setup the app lock with a PIN code. You can also configure when the app locks: on screen off, when leaving the app, or after a period of inactivity (1, 5, 15, or 30 minutes). There's a separate option to lock settings changes behind the same authentication.
Bridgelink has an automatic peer reputation system that tracks violations like oversized messages, excessive frequency, invalid data, or key signature mismatches. Penalties are graduated: warnings at 10 points, throttling (1 message/minute) at 20 points, temporary ban (1 hour) at 50 points, and permanent ban at 100 points. Points decay naturally over time, so transient bugs don't result in permanent bans. Known contacts get higher thresholds and faster decay. Attackers receive no feedback about their penalty status. You can remove people from the ban list manually if you need to.
Bridgelink requires Android 8.0 or higher and a device with WiFi Aware hardware support. Google Pixel 2 and later have the best support. Samsung Galaxy S9+ generally works well but varies by region and carrier. Support for OnePlus, Motorola, Nokia, and Sony varies significantly by model. Huawei, Honor, Xiaomi, Oppo, Vivo, and Realme devices have minimal to no support. Check the compatibility page for specific models.
Install Bridgelink and it will tell you whether WiFi Aware is available on your device. You can also check your device's specs online for "WiFi Aware" or "Neighbor Awareness Networking (NAN)" support. Note that some manufacturers disable WiFi Aware in their firmware even if the hardware supports it.
Yes, as long as the underlying hardware supports WiFi Aware. GrapheneOS and CalyxOS on Pixel devices are fully compatible since they maintain WiFi Aware hardware functionality. Any ROM that preserves the device's WiFi Aware drivers should work. The key factor is the physical hardware, not the software.
WiFi Aware uses the same radio hardware as your regular WiFi, but operates on a separate channel. Android requires the WiFi toggle to be enabled for WiFi Aware to function, even though no internet connection is made. You can be connected to a WiFi network and use Bridgelink simultaneously, or have WiFi on with no network connection at all, both work.
Bridgelink has been extensively optimized for battery life. It uses AlarmManager-based scheduling with timed 90-second wake windows every 4 minutes, reducing wake lock usage by 75%. Expect approximately 1.2x normal battery drain. You can choose from four battery profiles: Battery Saver (lowest drain), Hybrid (good balance), Balanced, and Maximum Reliability (most drain but always connected).
Bridgelink is designed for situations where traditional infrastructure may be unavailable or untrustworthy ‐ and that includes app stores. By offering a direct APK download option, we ensure you can always get Bridgelink even if the Play Store is blocked in your region, unavailable, or you prefer not to use Google services. The APK is the same build as the Play Store version. To install it, enable "Install from unknown sources" in your Android settings.
Yes, as long as you download it directly from this official website. The APK is identical to the Google Play Store version. We provide MD5 and SHA-256 hashes on the download page so you can verify the file hasn't been tampered with. We recommend only downloading from this website or the official Play Store listing ‐ never from third-party APK sites.
Without a backup, reinstalling or clearing data is equivalent to a fresh install. New identity keys are generated, and all contacts, messages, groups, and settings are permanently lost. This is one of the downsides to a decentralized infrastructure, your data lives only on your device. Always create a backup and save that backup somewhere secure off your device.
ICE (In Case of Emergency) contacts are people you designate as trusted emergency contacts, you can set any contact you add as an ICE contact with the toggle button under their contact card. When you restore your identity from a backup, the app automatically sends a notification to your ICE contacts letting them know you've restored. This serves as a safety signal ‐ if someone steals your backup and tries to impersonate you, your ICE contacts will know something happened.
Bridgelink encrypts your backup using Argon2id key derivation (memory-hard, GPU-resistant) combined with AES-256-GCM. To create a backup you need a strong password, and you'll receive a 32-character hex backup code. Restoring requires both the password and the backup code (multi-factor). The backup includes your identity keys and contacts, but not message history. When you restore, your ICE (emergency) contacts if any are set are automatically notified.
Yes, using the backup and restore feature. Create a backup on your old phone, then restore it on your new phone using your password and backup code. Your identity and contacts will be preserved. Message history does not transfer. Make sure the new phone supports WiFi Aware before making the switch.
Make sure both devices have WiFi turned on (internet connection not required), both are running Bridgelink with pairing mode active, you're within 5 meters of each other and you have allowed all the required permissions. Some devices (notably Pixel 5) can have intermittent WiFi Aware session issues so if it doesn't work the first time, wait for a bit then try again. Also ensure battery saver mode isn't restricting Bridgelink's background activity.
Bridgelink requires that either the recipient or other relay devices are nearby. If you and the recipient are the only Bridgelink users and you're not near each other, messages will stay queued until you're in range. Also check that WiFi is enabled, that Bridgelink isn't being killed by your phone's battery optimization, and that you haven't exceeded the rate limit (500 messages per contact per day).
By default Bridgelink is in Battery Saver mode. This reduces WiFi Aware wake lock usage to short maintenance windows, giving you the lowest battery drain while still maintaining mesh connectivity. If you need even less drain, you can close Bridgelink when not actively using it although this means you won't relay messages for others making the service less reliable for everyone else.
Many Android manufacturers aggressively kill background apps. Go to your phone's Settings → Apps → Bridgelink → Battery and set it to "Unrestricted" or "Don't optimize." On Samsung devices, check "Sleeping apps" lists. On Xiaomi, enable "AutoStart" and lock Bridgelink in recent apps. Each manufacturer handles this differently ‐ search for your brand's specific instructions for keeping apps alive in the background.
This means the sender isn't in your contact list. Bridgelink shows a truncated device ID (e.g., "D4F2A9...F9G7B2") for unknown senders as a privacy measure. Once you add that person as a contact through the normal pairing process, all their past messages will retroactively update and will show their selected username.
Some manufacturers disable WiFi Aware in their firmware even though the hardware supports it. Try toggling WiFi off and on, restarting your device, or checking for system updates. If you're on a custom ROM, make sure WiFi Aware drivers are included. Unfortunately, if the manufacturer has removed WiFi Aware support at the firmware level, there's no workaround. You can check the compatibility page or submit a device report to help us track support.