X is now offering me end-to-end encrypted chat. You probably shouldn't trust it yet.

X, formerly Twitter, has started rolling out its new encrypted messaging feature called “Chat” or “XChat.”

The company claims the new communication feature is end-to-end encrypted , meaning messages exchanged on it can only be read by the sender and their receiver, and — in theory — no one else, including X, can access them.

Cryptography experts, however, are warning that X’s current implementation of encryption in XChat should not be trusted. They’re saying it’s far worse than Signal, a technology widely considered the state of the art when it comes to end-to-end encrypted chat.

In XChat, once a user clicks on “Set up now,” X prompts them to create a 4-digit PIN, which will be used to encrypt the user’s private key. This key is then stored on X’s servers. The private key is essenti