Yup, this is real-deal fully homomorphic encryption, running as realtime multiplayer in your browser. Five years ago, this demo probably did seem impossible, but a lot of recent work has made FHE fast enough for some specific applications, like the private information retrieval we show here. Want to try using fast FHE in your own apps? Here's our open-source SDK!
To send a message addressed to mailbox M, the browser client first derives a key K = PKBDF2(M), using a fixed salt. K is used by the client to AES encrypt the message; K never leaves your device. Of course, the server can't know M, so the client writes the encrypted message to server location L = SHA256(M).
To retrieve a message sent to mailbox M, we do the same steps in reverse: the client first computes L = SHA256(M), then performs a metadata-private read for L; the result is the encrypted message data of mailbox M, which the client finally decrypts with key K = PKBDF2(M).
Fully homomorphic encryption (FHE) is what makes this special. It lets the server retrieve any data the client requests, while the server remains completely oblivious to the client's selection. Here are some more detailed explainers on FHE, in increasing levels of technicality: a blog post we wrote, our source code, and a paper we published.
No, this is a different kind of privacy. In this toy demo, your message contents are encrypted, but under a weak key that is merely derived from the recipient's name - not something we'd ever call E2E. But the metadata of message retrievals is actually protected, so the server cannot know whom is messaging whom. Caveat: regardless of encryption strategy, patterns in client activity can always hint at client relationships, unless communicating parties take care to decorrelate their actions.
With a couple more steps (starting with E2EE), maybe! If you're interested in this sort of thing, we should definitely talk.