Affinidi Messaging
Affinidi Messaging

Privacy-firstcommunication

Enable communication between people, business and AI agents without exposing identities. End-to-end encrypted channels built on DIDComm and open standards: privacy by default, trust by cryptography.

Join Beta Programme View Documentation
Where it fits

A decentralised, encrypted channel between trusted parties

Affinidi Messaging is a communication system built on the DIDComm v2.1 protocol. It gives people, businesses and AI agents a way to discover each other, exchange verifiable data and hold private conversations without depending on a centralised platform or sharing personal identifiers up front.

A mediator routes encrypted messages between parties without ever seeing their contents, working like a decentralised SMTP relay. The same channel carries verifiable credential exchange, agent-to-agent calls and human conversations, all under the same identity model.

Impact

Less data exposure, faster onboarding, and no vendor dependency for every team.

No PII to connect

Establish a channel with a passphrase or QR code, no email or phone number required before trust is built.

Mediator cannot read content

End-to-end encryption keeps message bodies private; the mediator only forwards sealed envelopes.

Open standards, no lock-in

Built on DIDComm v2.1 and W3C DIDs. Switch providers, self-host on your own infrastructure, or connect with any compliant ecosystem without rebuilding your integration.

Core capabilities

What Affinidi Messaging gives you

One trusted messaging capability with supporting infrastructure components for secure communication in the Internet of Trust.

Affinidi Messaging

Complete trusted communication stack

Comprehensive messaging solution with DID-based protocols for encrypted message routing, and multi-party discovery and engagement mechanisms into integrated components.

Explore More

DIDComm Client SDK

Messaging implementation for building DID-based peer-to-peer encrypted messaging into applications.

Explore More

DIDComm Mediator

Message relay providing routing and temporary storage without accessing message content.

Explore More

Meeting Place

Build applications to discover, connect, and engage individuals, businesses, and AI agents.

Explore More
System view

How a message moves between two DIDs

Each party is identified by a DID. Messages are sealed end-to-end and handed to a mediator, which stores and forwards them without seeing the contents.

How teams use it

A communication layer that works the way you ship

Use the same encrypted channel for human conversations, credential exchange and agent-to-agent traffic, with the controls each team needs at their layer.

For Business and Partnerships

Connect users, partners and AI agents without exposing identities

A customer scans a QR code or shares a passphrase and is connected to your business over an end-to-end encrypted DIDComm channel. No email, no phone number, no account is required to establish trust. From there, you can exchange verifiable credentials, run multi-party workflows, or let AI agents talk to each other on the same channel.

Because the mediator never sees the content of any message, you reduce data exposure by default. And because everything is built on open standards, you can self-host the mediator, switch providers, or interoperate with any DIDComm v2.1 system without rewriting your application.

  • Zero PII for discovery
  • End-to-end encryption
  • Self-host or managed
  • Agent-ready

Built for compliance and trust

Reduce regulatory exposure by collecting less data and proving every interaction with cryptography.

  • GDPR, CCPA and HIPAA-aligned by design with minimal PII
  • Verifiable Credentials prove who you are talking to
  • Cryptographic audit trail of message exchanges

Built for developers and platform teams

Drop a DIDComm channel into your stack without taking on cryptography or vendor lock-in.

  • Self-host the open-source Mediator or deploy from AWS Marketplace
  • Meeting Place SDK in Dart, with TypeScript and Rust coming
  • Open standards keep you portable across clouds and frameworks
For developers

Ship secure communication in hours, not months

Install the SDK, point at a mediator and you can send your first encrypted DIDComm message in three steps. Run the open-source Mediator on your own infrastructure or via AWS Marketplace.

Quickstart

Send your first encrypted message in 3 steps

From SDK setup to encrypted DIDComm messaging in minutes. Switch between Dart and Rust to see the same flow in your language.

1

Install DIDComm dependencies

# pubspec.yaml
dependencies:
  didcomm: ^2.3.3
  ssi: ^3.6.0# Cargo.toml
[dependencies]
affinidi-messaging-sdk = "0.15"
affinidi-messaging-didcomm = "0.12"
affinidi-tdk-common = "0.4"
2

Initialize SDK and create DID

import 'package:didcomm/didcomm.dart';
import 'package:ssi/ssi.dart';

// Initialize DID manager with key store
final didManager = DidKeyManager(
  wallet: PersistentWallet(InMemoryKeyStore()),
  store: InMemoryDidStore(),
);

// Generate key and create DID
await wallet.generateKey(keyId: keyId, keyType: KeyType.p256);
await didManager.addVerificationMethod(keyId);
final didDoc = await didManager.getDidDocument();use affinidi_messaging_sdk::{ATM, config::ATMConfig};
use affinidi_tdk_common::TDKSharedState;
use affinidi_did_common::{DID, PeerCreateKey};

// Initialize messaging SDK
let tdk = Arc::new(TDKSharedState::default().await);
let atm = ATM::new(ATMConfig::builder().build()?, tdk.clone()).await?;

// Create DID with verification and encryption keys
let keys = vec![
    PeerCreateKey::from_multibase(PeerKeyPurpose::Verification, v_key),
    PeerCreateKey::from_multibase(PeerKeyPurpose::Encryption, e_key),
];
let (did_peer, _) = DID::generate_peer(&keys, None)?;
3

Create and send encrypted message

// Create and encrypt message
final message = PlainTextMessage(
  id: Uuid().v4(),
  type: Uri.parse('https://example.com/protocols/1.0'),
  from: clientDid, to: [recipientDid],
  body: {'msg': 'Hello, secure world!'},
);

final signer = await didManager.getSigner(clientDid);
final encrypted = await DidcommMessage.packIntoSignedAndEncryptedMessages(
  message, keyType: keyType,
  recipientDidDocuments: [recipientDidDoc], signer: signer,
);

// Send via mediator
await mediatorClient.sendMessage(encrypted);// Create and encrypt message
let message = Message::build(
    Uuid::new_v4().to_string(),
    "https://example.com/protocols/1.0".to_string(),
    json!({"msg": "Hello, secure world!"}),
)
.to(recipient_did.clone())
.from(client_did.clone())
.finalize();

let (encrypted, _) = message.pack_encrypted(
    &recipient_did, Some(&client_did), Some(&client_did),
    &tdk.did_resolver, &tdk.secrets_resolver,
    &PackEncryptedOptions::default(),
).await?;

// Send via ATM
atm.send_message(&profile, &encrypted, &sha256::digest(&encrypted)).await?;

Run your own Mediator

Deploy the open-source DIDComm Mediator on your infrastructure or one-click from AWS Marketplace. Move between self-hosted and managed without changing app code.

See the open-source Mediator

Read the docs

Architecture overview, integration guides, Meeting Place SDK reference and DIDComm protocol details.

View Documentation
Explore the suite

Part of Affinidi Elements

Affinidi Messaging is one part of the Affinidi Elements suite. Used with Elements Services and Vault, it closes the loop from issuing credentials to keeping them with the user to sharing them securely.

Issue, verify, request and manage Verifiable Credentials

  • The credential layer for your apps and workflows
  • Credential Issuance, Login, Verification and Iota
  • Everything you need to build a production credential ecosystem
See product page

A user-owned digital wallet

  • Users access their wallet on web and mobile
  • Developers embed Vault directly into their own apps
  • Selective sharing with granular consent
See product page
Get started

Ready to build privacy-first communication?

Join the Affinidi Messaging beta or start exploring the open-source stack today.

Join the beta

Sign up for early access to Affinidi Messaging and start building privacy-first channels.

Join Beta Programme

Book a demo

Talk to our team about your use case, deployment topology and integration plan.

Schedule a Demo

Explore the docs

See architecture, integration guides and the open-source Mediator quickstart.

View Documentation
Related Products

Explore the ecosystem

Affinidi Trust Fabric icon

Affinidi Trust Fabric

Identity-first gateway for agentic AI with cross-boundary trust tunneling, observability, and policy enforcement.

Learn more
Affinidi Radix icon

Affinidi Radix

Build Trust Networks with Governance Frameworks, Registries, and runtime trust queries via TRQP endpoints.

Learn more
Affinidi Elements icon

Affinidi Elements

Issue, verify, and manage W3C Verifiable Credentials with OID4VCI and OID4VP standards, Schema Builder, and multi-wallet support.

Learn more
Affinidi Forge icon

Affinidi Forge

Complete developer toolkit with multi-language SDKs, CLI tools, and comprehensive documentation for building trust solutions.

Learn more

Cookie Preferences

We use cookies to enhance your experience. You can manage your preferences below. For more information, read our Cookie Policy.

Strictly Necessary Always Active

These cookies are essential for core website functions such as security, session integrity, and cookie preference storage. They cannot be disabled.

  • _cf_bm: Distinguishes humans from bots (Cloudflare) · 30m
  • _cfuvid: Ensures secure browsing (Cloudflare) · Session
  • __hs_initial_opt_in: Prevents HubSpot's banner · 7 days
  • _gtm_debug: GTM debug mode (testing only) · Session
Analytics

These cookies help us understand how visitors interact with the site so we can improve content and performance. All data is aggregated and anonymous.

  • _ga, _gid, _gat: Google Analytics · Session – 2 years
  • __hstc, hubspotutk, __hssrc: HubSpot visitor tracking · 13 months
  • __hs_opt_out: HubSpot opt-out preference · 6 months
Marketing & Targeting

These cookies allow us and our partners to serve personalised ads and measure campaign performance.

  • _gcl_au, _gcl_dc: Google Ads conversion tracking · 90 days
  • IDE: Google Display Network personalisation · 1 year
  • _fbp: Meta / Facebook remarketing · 90 days
  • li_gc, _li_fat_id, bcookie: LinkedIn tracking · 1–24 months
  • guest_id, personalization_id: Twitter/X analytics · 2 years