A new startup called GARM brings end-to-end encrypted messaging to the Bluesky social network, allowing users to have more secure options for chat than existing DMs on Bluesky. After more than two years of development, the service plans to launch Bluesky’s encrypted DMS in beta this week, gradually boarding new testers before they are released to the public.
In time, many of the technologies Germ is building are open source, allowing Bluesky to deploy encrypted messaging into its own apps.
Germ is designed to provide alternatives to existing, end-to-end encrypted platforms that are globally dominated, such as iMessage, Signal, and WhatsApp. Germ will utilize new technologies such as Messaging Layer Security (MLS), new standards approved by the Internet Engineering Task Force (IETF), and AT protocols (or AtProto) that enhance BlueSky.
However, instead of requesting a user’s phone number as some messaging apps do, DARM integrates with Atproto. This allows Germ users to safely chat with friends on BlueSky and the wider open social web, including apps like Flashes and Skylight, but adds control over the user experience.
For example, you can either accept DMs from people you follow on Bluesky, or configure them to start chatting with others. Additionally, blocking users with germ allows you to choose to block only germ, or even in BlueSky or other ATPropowed apps.
The Germ concept comes from Tessa Brown (CEO), a communications scholar who previously taught at Stanford, and Mark Xue, who worked as Apple’s privacy engineer in technologies such as FaceTime and Imessage.
Brown’s research has made her realize that access to private communication is based on the health of social networks.
“Psychologically, I know that even if you feel you’re constantly staring and manipulating, you can’t build a good relationship with people. That’s really what social media is like today,” Brown tells TechCrunch. “So I came out of that job with such a strong conviction about end-to-end encrypted messaging as the kind of center of what I thought was the future of social media and the future of communication,” she adds.
Meanwhile, Xue came out of Apple believing that the use of phone numbers and telephony is a technology that serves as the basis for secure communication and wants to build something new.
Today, Germ’s services work with a “magic link” that is generated for you and pasted into your Bluesky Bio. Another Bluesky user on iOS clicks this link and can chat right away without downloading a new app from the App Store. To make this possible, Germ uses underutilized Apple technology called App Clips. This allows users to run some of the app’s code on their devices without installing the full app.
Today, app clips are used for other one-time transactions, such as paying for parking via QR codes. But in the case of Germ, they allow quick chat.
The user experience is simple enough, but the technology behind it is not. The link itself is actually an encryption key that authenticates the user’s ATProto ID and confirms that the user is the person associated with its Bluesky handle.
From the Germ App Clip, you can choose to install the Derm iOS app, which offers more controls, access to your friend list, and Bluesky pairing.
The pairing feature was a bit off in testing, but since it runs iOS 26 developer beta, it could be causing complications. (To work around this issue, I first started chatting with an app clip before trying to authenticate from an installed app.)
Brown told TechCrunch he was excited to build within the Blueski community, given the growing cultural impact of the app, which has attracted a huge name to American politics, including Barack Obama, Hillary Clinton and other representatives, Senators and governors.
Given that DERM is ahead of the BlueSky team building encrypted messaging technology, Brown hopes that Germ’s protocol will be adopted more widely in the future by Bluesky and others.
Although available now, the Germ app may later introduce premium subscription upgrades that offer more advanced services, such as private AI services, personalization tools, and more.
The four startups raised pre-seed funds from angel investors, including co-authors of MLS and other trust and safety experts. Institutional investors include K5 Global and Mozilla Ventures. The company hopes to raise additional funds for the Android version in the future.
