Our own onion network — not Tor, and not slow.

Encryption hides what you say. It does almost nothing to hide that you said it, to whom, and when. That trail — the metadata — is often more damaging than the message itself. Helix routes every message across its own private onion network to break that trail, with multi-hop paths, cover traffic, and speeds up to 2.5 Gbit/s. Here's how it works, and why it isn't Tor.

1. What an onion network is

When you send a message directly from your device to a server, anyone who can watch the connection — your internet provider, the network at the airport, a state-run telecom, an attacker who has tapped a cable — can see two things: your address and the destination's address. Even if the contents are perfectly encrypted, that pairing is enough to build a map of who talks to whom. Encryption protects the letter; it leaves the envelope, the postmark and the return address in plain view.

An onion network attacks that problem. Instead of sending your traffic straight to its destination, it routes it through a chain of intermediate relays. Before the message leaves your device, it is wrapped in layers of encryption — one layer for each relay in the path, like the layers of an onion, which is where the name comes from. Each relay peels off exactly one layer. That layer tells it only one thing: the next relay to forward to. No relay can see the full picture. The first relay knows who you are but not where the message is ultimately going. The last relay knows the destination but not who you are. The relays in the middle know neither. The link between sender and receiver is broken into pieces, and no single piece reveals it.

2. How multi-hop onion routing works

Concretely, here is what happens when Helix sends a message across the onion network:

• A fresh path is chosen. The app selects a randomized path of multiple relays for the message. The path is not fixed — different messages take different routes, so there is no single stable circuit for an observer to lock onto.
• The message is layered. Your device encrypts the message once for the destination, then wraps it again for the last relay, then again for the middle relay, then again for the first. Each wrapping uses a key only that relay can undo.
• Each relay peels one layer. The first relay decrypts its layer, learns only "forward this to the next relay," and does so. It never sees the content or the final destination — just the next hop. Each subsequent relay does the same.
• No single relay sees both ends. This is the whole point. To deanonymize you, an adversary would need to control or watch every relay in your path at once and correlate the timing across all of them — a far harder problem than tapping one link.

The content itself is still protected by Helix's triple post-quantum encryption, end to end, on top of the onion layers. The onion routing is not a replacement for that encryption; it is a separate protection for the metadata — the routing information that end-to-end encryption alone leaves exposed.

3. Why it isn't Tor

Tor is the most famous onion network, and it deserves enormous credit — it proved the concept at global scale and protects millions of people. But Tor was designed for a different job, and it carries real trade-offs that make it a poor fit for fast, private, everyday comms:

• Tor is a shared public network run by volunteers. Anyone can run a relay, including adversaries who run them specifically to watch traffic. Exit nodes have repeatedly been caught snooping. The network is also a known, fingerprinted entity — many services block "Tor traffic" outright, and simply using Tor can itself draw attention in some places.
• Tor is slow. Its volunteer relays, conservative design and congestion mean real-world throughput is often a few megabits per second, with high latency. Video calls, large files and snappy messaging are painful or impossible. Anonymity at the cost of a barely usable connection.

Helix runs its own onion network instead. The relays are part of the Helix infrastructure, not an open volunteer pool, and the protocols are Helix's own rather than the widely studied, easily fingerprinted Tor protocol. That gives two concrete advantages. First, there is no third party in the path — no external relay operator to subpoena, no exit node run by someone you can't see, no analytics backend. Second, the relays are high-bandwidth and the protocol is lean, so the network moves traffic at up to 2.5 Gbit/s rather than crawling. You get the anonymity of onion routing without the uselessness of a congested connection.

4. Cover traffic and fixed-size cells

Breaking the sender-to-receiver link is necessary but not sufficient. A sophisticated observer who can watch large parts of the network does not need to read your messages to learn a great deal — they can study the pattern of your traffic. The size of your packets, the rhythm of when you send and go quiet, the timing of bursts: all of these leak information. This is called traffic analysis, and it is exactly how well-resourced adversaries attack anonymity networks.

Helix defends against it with two techniques borrowed from the most serious mix-network designs:

• Fixed-size cells. All traffic is broken into uniform, identically sized packets — "cells." A short text and the start of a large file look the same on the wire: a stream of identical cells. An observer cannot infer what kind of activity is happening from packet sizes, because every packet is the same size.
• Cover traffic. The network keeps a steady, constant-rate hum of decoy cells flowing whether or not you are actually sending anything. To an observer, your line is always lightly active. They cannot tell the moments you are genuinely communicating from the moments you are silent, because both look identical. The signal of "this person just sent something" is buried in continuous noise.

Together, uniform cells and constant-rate cover traffic defeat the size and timing analysis that would otherwise undermine onion routing. The adversary sees a featureless, steady stream and learns nothing from its shape.

5. Two lanes: fast and private

Strong anonymity has a cost. Every extra hop adds latency; cover traffic and uniform cells add overhead. For some tasks — a live video call where every millisecond of delay is felt — you may want to dial back the protection in exchange for raw speed. For others — a sensitive message where you would gladly trade a little latency for maximum metadata protection — you want the full treatment.

Helix exposes this as two lanes. A fast lane prioritizes throughput and low latency for real-time, high-bandwidth use like HD video and large transfers, while still riding the network's own encrypted transport. A private lane prioritizes maximum metadata resistance — more hops, fuller cover traffic — for when concealing the pattern of your communication matters more than shaving milliseconds. Both lanes are end-to-end encrypted; the choice is about how much traffic-analysis resistance you want for a given task. You are not forced to accept Tor-style slowness on everything just to have the option of strong anonymity when you need it.

The point isn't to make every byte maximally anonymous at the cost of being unusable. It's to give you a genuinely fast network most of the time and a genuinely private one the moment you ask for it — on the same infrastructure, with no third party in either lane.

One more property is worth calling out: because the lanes share the same infrastructure, switching between them does not mean leaving the private network or touching a third party. The fast lane is not "the VPN off"; it is still your traffic on Helix's own relays, end-to-end encrypted, with no external operator in the path. The difference between the lanes is purely how aggressively the network resists traffic analysis for a given task. You move along a dial from "fast and still private" to "slower and maximally unlinkable," never off a cliff into the open internet.

6. The threat it stops: traffic analysis

The specific threat this network is built to defeat is metadata surveillance and traffic analysis — the discipline of learning about people not from the content of their messages but from the pattern of their communication. It is, for many adversaries, the easier and more reliable attack, because content is increasingly encrypted while metadata historically is not.

Consider what an adversary can do with metadata alone, even when they cannot read a single word. They can map a network: who contacts whom, how often, in what direction. They can spot the moment a relationship begins or a tempo changes — a sudden flurry of contact between a journalist and a new number, a lawyer and a regulator, two parties before a deal leaks. They can identify a confidential source not by reading the leak but by noticing who was talking to the reporter right before publication. A former director of the NSA put it bluntly: "We kill people based on metadata." The envelope, not the letter, is often the prize.

Onion routing breaks the who-talks-to-whom map. Cover traffic and fixed-size cells break the when-and-how-much pattern. Together they take the metadata that end-to-end encryption leaves exposed and bury it.

It is worth being concrete about how an adversary uses this in practice, because it is rarely about a single dramatic interception. More often it is patient accumulation. A telecom or an intelligence service collects connection records in bulk — not contents, just who connected to what, when, and for how long. Over weeks, those records resolve into a social graph: clusters of people who talk, the hubs that connect clusters, the rhythms that mark working relationships versus personal ones. When something happens — a leak, a deal, an arrest — the analyst doesn't need to have read anything. They reach back into the archive and ask "who was this person talking to in the days before?" and the graph answers. Defeating that means making sure the records, if collected at all, simply don't contain the edges of the graph. That is the job the onion network and cover traffic do: they remove the edges, so the graph never forms.

7. Why it matters to you

Metadata protection is the layer most people don't realize they're missing — and the people who need it most are exactly those whose relationships are sensitive, not just their words:

• Journalists and sources. The single most dangerous thing is often not what a source said but that they were talking to a reporter at all. Onion routing and cover traffic are what stop "who contacted the journalist" from being a recoverable fact.
• Lawyers. The mere pattern of contact — which clients, which co-counsel, which regulators, and when — can reveal strategy, deals and exposure long before any privileged content is at risk. Hiding the relationship map protects the matter.
• Crypto whales. An adversary who can see that you regularly contact a particular exchange, custodian or counterparty learns where the funds are and who controls them — without ever reading a message. Concealing the pattern conceals the target.
• Family offices and executives. A spike in contact between two firms is itself market-moving intelligence. Suppressing the traffic pattern keeps the existence and tempo of sensitive activity private, not just its content.
• The targeted. Activists and dissidents are frequently mapped by their networks — who knows whom — and that map is how a state rolls up a movement. Breaking it protects not just you but everyone you talk to.

If the only thing you protect is the content of your messages, you have left the most valuable intelligence — the shape of your relationships — in plain sight.

8. How Helix does it

Helix builds the onion network into the app as the default path for traffic, not as an optional proxy you have to configure. Messages, calls, video and file transfers all ride it. The network is decentralized across multiple hops, the paths are freshly randomized, fixed-size cells and constant-rate cover traffic run underneath, and the whole transport fails closed — nothing connects unless the secure tunnel is up first, and traffic never silently falls back to your real connection. That last property matters: a network protection that quietly drops to your raw connection when it struggles is worse than useless, because you'd never know your real address just leaked.

Because the relays and protocols are Helix's own, there is no external network operator in the loop and nothing off-the-shelf for a pre-built attack to fingerprint. The same infrastructure carries the post-quantum encrypted content, the encrypted calls and video, and the built-in VPN — one private network underneath everything, rather than a patchwork of third-party services each with its own logs and its own subpoena risk.

9. The honest limits

A few things worth saying plainly:

• No anonymity network is perfect against a global passive adversary. An attacker who could watch every link of every relay simultaneously and correlate timing across all of them could, in theory, undermine any onion network — including this one. Cover traffic and fixed-size cells exist precisely to make that correlation as hard as possible, but anonymity is a matter of raising cost, not delivering a mathematical guarantee.
• Stated speeds are a ceiling, not a promise for every connection. Up to 2.5 Gbit/s describes what the network is built to move; your real throughput depends on your device, your local connection and the lane you choose. The private lane trades some speed for stronger metadata resistance by design.
• The network protects metadata, not the endpoint. If your device is compromised by spyware, no amount of onion routing helps — the attacker reads your screen directly. That is why Helix pairs the network with a device-level shield, and is honest that detection is a strong signal, not a guarantee.

Within those limits, the goal is concrete: break the who-talks-to-whom map and the when-and-how-much pattern, on your own private network, fast enough to actually use.