About Loqa

What This Project Is

Loqa is a chat platform built as an alternative to Discord. It supports text channels, voice channels, screen sharing, group video, direct messages, bots, and most of the features you'd expect from a modern communication app.

The project is in open beta. That means the core features work and are usable, but there are rough edges, missing features, and things that will break. We're actively developing it and shipping fixes regularly.

Loqa is built by a small team. The backend is written in Rust (Axum, SQLx, Redis, PostgreSQL), the frontend is React/TypeScript, and real-time voice/video runs through LiveKit (WebRTC). The landing site you're reading is Astro.

How We Use AI

We use AI as a development tool — it helps with scaffolding, boilerplate, and iterating faster than a small team normally could. We're transparent about this because it's a reasonable question and people deserve an honest answer.

Here's specifically what that means:

  • AI generates initial code scaffolding and boilerplate.
  • All generated code is reviewed and tested by a human before it ships.
  • Security-critical code (auth, encryption, rate limiting, permissions) goes through manual multi-pass audits — we don't trust generated code on sensitive paths.
  • We maintain standalone audit documents for encryption and infrastructure security that detail exactly what's been reviewed and how.
  • The landing page copy, docs, and marketing text are also AI-assisted and then edited by a human. We try to catch the polished-but-hollow phrasing — if you spot something that reads like a press release, let us know.

AI doesn't make architectural decisions, review its own output, or have access to production systems. It's a tool in the workflow, not a replacement for judgment.

Security & Privacy

Here's a summary of the security measures in place. For full details, see the Security and Encryption pages.

🔑 Authentication

  • Passwords hashed with Argon2 (8–128 char limits to prevent CPU DoS)
  • Registration gated by configurable modes: open, invite-only, captcha, or closed
  • Email verification required (6-digit code, 24hr expiry, 5-attempt lockout)
  • Rate limited: 3 registrations per 60 seconds per user, 15 auth requests per 60 seconds per IP
  • TOTP two-factor authentication with brute-force lockout
  • No public endpoint to skip email verification — admin-only action with audit logging

🔐 Encryption

  • PII (emails) encrypted at rest with AES-256-GCM
  • Lookups via HMAC-SHA256 blind indexes — email never stored in plaintext
  • DMs encrypted end-to-end via OpenMLS (Messaging Layer Security)
  • API tokens hashed with SHA-256

🛡️ Rate Limiting

  • Token-bucket algorithm, Redis-backed for horizontal scaling
  • Per-route limits (e.g. 3 req/60s for registration, 200 req/5s for messages)
  • Global limit: 4,000 req/s per authenticated user
  • IP flood protection: 600 req/60s (general), 15 req/60s (auth endpoints)
  • Discord-compatible headers: X-RateLimit-Limit, Remaining, Reset, Bucket

🚫 Privacy

  • Zero telemetry — no analytics scripts, no behavioral tracking
  • Voice and video streams are not recorded or stored
  • GDPR data export and account deletion available
  • Disappearing messages in DMs
  • Username validation with reserved name blocklist