01 No backend
The app is a static client that runs entirely in your browser. There is no Platho server to log in to, deliver messages, or hold state — so it can be hosted anywhere: a server, IPFS, or inside Telegram.
LIVE ON TON MAINNET
Own your messages.
Own your name.
Own your keys.
Platho is a decentralized messenger on the TON blockchain. No backend, no platform permission, no central server to switch off. Encrypted today — post-quantum for tomorrow.
> establishing self-sovereign channel
philosophy
You're a tenant, not an owner.
The ordinary internet is built too comfortably for the people who control it. An account can be closed. Access can be limited. History can be deleted. Rules can be changed after you have already moved part of your life into a platform. The user is not an owner there — the user is a tenant who exists for as long as the platform allows it.
Platho rejects that model.
Core actions are anchored by your wallet and executed through open smart contracts. The wallet stays the root of control; routine activity runs through the Vault and signed commands instead of exposing the wallet every time. That doesn't make the system perfect — it removes the central defect of ordinary platforms: the hidden ability to rewrite the rules, cut off access, or seize what should belong to the user.
Platho is not trying to be a comfortable cage. It is a tool where control over basic digital things returns to the person using it — not to whoever controls the server, the database, or the access rules.
architecture
No server to trust. No database to edit.
Platho removes the structural incentive to centralize. Here is how.
02 On-chain, not a database
Public messages, profiles and names live as verifiable smart-contract state on TON (the Vault and CapsuleHub contracts) instead of a closed database an operator can quietly rewrite.
03 Client-direct
Each client talks to the TON network directly through its own RPC, with a keyless fallback when a provider is blocked. There is no central gateway that can become a single point of failure or censorship.
04 Wallet at the root
A single 24-word recovery phrase derives every key you need. The Vault sits between your wallet and the public network, so routine app activity never exposes the wallet directly on-chain.
capabilities
Everything a messenger does — owned, not rented.
Private messaging
End-to-end encrypted private capsules, anchored on-chain and readable only by you and the recipient.
Public channels
Public posts and channels as verifiable contract state — no operator policy deciding what survives.
.ath username NFTs
Your username is an NFT you actually own on-chain — 4 to 16 characters, yours to keep or move.
The Vault
A protective balance layer between your wallet and the public network — limits what's exposed to routine activity.
Embedded wallet
A built-in TON wallet — no external connector or extension. One recovery phrase is your entire backup.
Post-quantum encryption
Hybrid X25519 + ML-KEM-768 with AES-256-GCM on every private message — safe now, safe later.
Activity rewards
Earn ATH simply by using the network — distribution tied to real usage, not a closed allocation.
Censorship-survival
If a provider is blocked, the app falls back to an emergency route and keeps working.
security
Encrypted today. Secure against tomorrow.
Client-side encryption
Private messages are encrypted in your browser before they touch any transport. No server ever sees plaintext, and your keys never leave your device.
Post-quantum by design
ML-KEM-768 protects today's messages against tomorrow's quantum computers, combined with classical X25519 in a hybrid scheme — so it's safe against both today's and future attackers.
No hidden admin switch
The contracts give no one an arbitrary switch to seize balances, rewrite state, or change the rules. V1 keeps a few narrow, documented launch authorities — and says so openly rather than hiding them.
Your keys, your responsibility
A lost seed phrase cannot be restored through support. The blockchain is public and operations cost money. The trade-off for real ownership is stated honestly, not buried.
economics
GRAM pays. ATH participates.
GRAM
The network currency. It pays for operations — publishing, names, avatars. Messaging starts at a fraction of a GRAM. You pay the network, not a platform.
ATH
The protocol utility token: usernames, avatar updates, and post-airdrop fee discounts. A fixed supply of 100,000,000 — no quiet inflation.
Earned, not allocated
A meaningful share is distributed through real activity — 10 ATH per successful message — rather than a closed allocation to early addresses.
Informational only. Not financial advice.
platforms
Runs where you do.
Progressive Web App
Installable, works offline, no app-store gatekeeper between you and your messages.
Telegram Mini App
The same Platho, running inside Telegram — same keys, same ownership.
One codebase
Same contracts, same wallet, same self-sovereign model everywhere it runs.
faq
Straight answers.
What does it cost?
Operations cost small amounts of GRAM or ATH — a short message starts around 0.0337 GRAM. There's no subscription and no ads. You pay the network, not a platform.
Can Platho be shut down?
There's no central server to seize. The client is static and hostable anywhere, and the state lives in open TON contracts. Blocking one host or provider doesn't stop the protocol.
What if I lose my recovery phrase?
It's gone. There is no support line that can restore it — that's the real cost of holding your own keys. Back up your 24 words and keep them safe.
Are my messages really private?
Private messages are encrypted client-side with a hybrid post-quantum scheme. The transport and the contracts only ever see ciphertext and hashes — never your plaintext or keys.
Do I need an external wallet?
No. Platho has a built-in TON wallet derived from your recovery phrase — no separate connector or browser extension required.
Is it live?
Yes — Platho is deployed and running on TON mainnet today.
access
Stop asking permission.
Your wallet is your identity. Your keys are your backup. The network is the platform.
Open Messenger