The Double Ratchet is the algorithm that powers Signal, WhatsApp, Matrix's Olm, and most modern 1:1 encrypted messaging. It does something unusual: it gives you forward secrecy and post-compromise security at the same time. Here is how it actually works. When most people hear "end-to-end encrypted," they imagine a single shared key that both parties use to encrypt and decrypt messages. That model exists — it is what PGP does for email — but it has a serious limitation: if the key is ever exposed, every message encrypted with it is exposed too, in both directions, forever. The Double Ratchet, designed by Trevor Perrin and Moxie Marlinspike around 2013, solves this by ensuring that every single message uses a different encryption key , and that those keys cannot be reconstructed from each other in either direction. The result is a protocol where a key compromise leaks at most a single message — and recovers automatically once both parties exchange anything new.…