A startup called Germ becomes the first private messenger that launches directly from Bluesky’s app

Here's something you don't usually see on Big Tech social platforms: the decentralised, open social network Bluesky has integrated technology from a startup called Germ Network to bring end-to-end encryption (E2E) to the Bluesky app. This makes Germ DM the first private messenger to be launched natively within Bluesky's app experience.

Alongside the launch, Germ is also publishing new guidance that would allow other apps built on the AT Protocol — the same underlying protocol that powers Bluesky — to implement the same kind of integration.

The integration is a notable example of how open social networking ecosystems operate differently from the Big Tech platforms dominating social media today, because new functionality can be built by the community rather than just by the platform's company.

Bluesky announced its integration with Germ earlier this month, explaining that the experimental feature would allow Germ users to add a button to their Bluesky profile so others can message them within an E2E-encrypted environment.

Meanwhile, Germ's standalone app is available in a public beta on iOS in both North America and Europe. The app had already seen thousands of downloads, but after the official integration announcement, the company said daily active users increased by 5x.

California-based Germ is a startup founded by Tessa Brown, a communications scholar who previously taught at Stanford, and Mark Xue, a privacy engineer at Apple who worked on products including FaceTime and iMessage. The company has positioned Germ as an alternative to other E2E encrypted messaging services like iMessage, Signal, and WhatsApp, but built using newer technologies.

Today, Germ uses Messaging Layer Security (MLS), a newer standard approved by the Internet Engineering Task Force (IETF), alongside the AT Protocol (or ATProto), which powers Bluesky, Skylight, and a growing number of other social apps.

Rather than relying on a phone number, Germ ties encrypted chats into ATProto. As a result, Germ messages can't be decrypted by another service — including Germ itself or Bluesky.

To use the messenger, users click a badge on a friend's Bluesky profile, which opens an iOS App Clip—a lightweight, temporary app experience. From there, they click "open" and authenticate using their ATProto handle. Once logged in, they can message their friend immediately. Users are also encouraged to download the full Germ DM app, though that step is optional.

If someone wants to add the badge to their own Bluesky profile, they download the Germ DM iOS app and authenticate their Bluesky credentials inside Germ. (In testing, it was necessary to force-quit the Bluesky iOS app and restart it before the Germ badge appeared.)

Germ has been preparing for the official Bluesky integration for months. The process began with a private beta in August, during which the service launched using "magic links" embedded in users' bios. Now, users who set up Germ in Bluesky receive a new badge on their profiles, allowing them to remove the link-in-bio workaround they previously used. (Those links will still function, but the badge is more visible and easier to use.)

Germ said it has been working with the broader ATProto developer community — including Bluesky's app and protocol teams — since the ATmosphere Conference held in Seattle last year.

"We've been transparent about our planning and roadmap, and shipping our private beta in August generated valuable feedback from users and developers about the desire to replace our links in bios with native UI," said Xue, the CTO at Germ Network. "Both our team and Bluesky's saw value in better AppView support for the Germ link."

Changes to the Bluesky app were led by head of product Alex Benzer, as Bluesky explored how to support third-party services inside its app.

"Working directly with the Bluesky team has been a treat," Brown, Germ's CEO, said. "They ship fast, prioritise the user experience, and care about their users' access to end-to-end encrypted messaging. We're thrilled to be the first secure messenger they've brought natively into their app."

While the AT Protocol could eventually support E2E encryption on its own, that is not currently a priority. Bluesky protocol engineer Daniel Holms recently said there are multiple reasons Bluesky is not designing its own encrypted messaging system.

"The reality is that E2EE is hard," Holms wrote in a blog post. "And this inherent complexity isn't something that the protocol team at Bluesky can just handle – it gets pushed out to every dev trying to build a client that works with encrypted data," he said.

Xue agreed, adding, "We align with the ATProto ethos that people should be able to communicate using the apps and tools they choose. We believe that by solving the hard problems for ATProto users in safe, transparent, and user-friendly ways, they'll continue to choose us," he said.

Soon after Bluesky added support for the Germ badge, another AT Protocol-based client, Blacksky, followed suit.

Brown said the team is currently focused on building more everyday messaging features rather than monetisation, though the company may explore paid features later.

"We expect that our first paid features will be centred on the needs of prosumer power users like creators, journalists, and politicians—for example, support for multiple handles and private AI-powered screening for first messages from new connections," she said.