Privileged communications, by design.
Attorney-client privilege requires confidentiality you can demonstrate. Koaich's encryption boundary excludes the vendor — making the privilege claim defensible even when third parties seek access through us.
FREE 3-MINUTE PRIVILEGE-DEFENSE AUDIT→What you get
E2E encrypted client messaging
Every message between you and your client is encrypted on-device. Our servers see ciphertext.
Per-matter vault isolation
Each matter has its own encryption boundary. Your associate sees Matter A, your paralegal sees Matter B — there's no shared key that opens both.
Document encryption with per-recipient wrapping
Your co-counsel only sees the matters you've shared. Wrapping is by recipient, not by vault — granular without ceremony.
TTL-controlled retention
Messages can self-expire. The discovery footprint of long-ago drafts shrinks by default, not by retention policy debate.
Minimal disclosure surface
If our infrastructure is asked to produce data, we can hand over account-existence and authentication metadata. We can't hand over message bodies, document contents, or files — they're encrypted under keys we don't hold.
The underlying cryptography
Every claim above is grounded in a specific primitive. Not marketing.
- →nacl.box (X25519) for 1:1 attorney-client threads
- →MLS (IETF RFC 9420) for matter teams
- →WebAuthn passkeys for case-sensitive logins
- →Per-document symmetric keys, wrapped to each recipient
Get on the waitlist.
We're onboarding legal practice first. Read the architecture if you want detail.