Family-founded · Bootstrapped · Mission-driven · Delaware Public Benefit Corporation
We build zero-knowledge, post-quantum encrypted software — and the open-source cryptographic libraries that power it. We're a small, family-founded U.S. public benefit corporation. No venture capital. No advertising. No tracking. One thesis:
Software does not need to spy on people to be profitable.
The privacy commitment is encoded in our legal structure (PBC), in our architecture (defense-in-depth, post-quantum, zero-knowledge), and in the open-source licenses on the libraries below. We build on the shoulders of giants — Erlang/OTP, Elixir, Phoenix, Rust, NaCl, the NIST PQC standardization effort — and we publish back so the next privacy-first project doesn't have to start from scratch.
The world's first post-quantum zero-knowledge social network. All write paths and high-traffic read paths are zero-knowledge encrypted — posts, replies, conversations, journals, groups, and more. Bluesky/ATProto sync today; ActivityPub on the roadmap. ZK migration shipped May 2026, audit-confirmed.
The world's first post-quantum zero-knowledge habit tracker. Habits, journal, goals, reflections, mood tracking, calendar, and family/groups — all encrypted on-device before they reach our servers. Progressive Web App, no app store. Read the announcement.
metamorphic-crypto (MIT / Apache-2.0)
Our Rust encryption library. The cryptographic core that powers both Mosslet and Metamorphic.
#![forbid(unsafe_code)]- Hybrid post-quantum KEM — ML-KEM-768 (Cat-3) and ML-KEM-1024 (Cat-5) + X25519
- XSalsa20-Poly1305 AEAD, Argon2id key derivation
- Version-tagged ciphertext for forward compatibility
- Compiled to WASM for browsers and UniFFI for native targets
metamorphic_crypto (MIT) · hex.pm
The Elixir wrapper around metamorphic-crypto. NaCl-compatible, drop-in replacement for enacl. Precompiled Rust NIFs — no C compiler needed.
{:metamorphic_crypto, "~> 0.1"}📖 Featured doc: The Zero-Knowledge Architecture Guide — how we structure end-to-end encryption, key management, and recovery on top of these primitives. If you're building privacy-first Elixir software, this is the doc we wish had existed when we started.
pwned_coretheory (Elixir)
A small Elixir library for checking passwords and email addresses against the HaveIBeenPwned database — k-anonymity password lookups and breach checks. Predates Moss Piglet (which is why the name isn't on-brand yet) but lives under the org now. Stable, low-maintenance, used in production.
Open source isn't a marketing strategy for us — it's a precondition. We can't credibly tell anyone "we don't read your data" if our cryptography is a black box. So we publish it. All of our cryptographic work ships under permissive licenses (MIT, Apache-2.0) so you can use it, fork it, audit it, embed it in something we'll never see.
A few things we try to do:
- Permissive licenses on the libraries so the next privacy-first project — including commercial ones — can build on our work without friction
- AGPL-3.0 on the social network because we want Mosslet's improvements to flow back to the community
- Publish the architecture, not just the code — see The Zero-Knowledge Architecture Guide and our blog
- Contribute upstream where we can — Elixir, Phoenix, and the broader BEAM ecosystem have given us nearly everything we run on. One example: Mark authored the official Ecto guide on self-referencing many-to-many relationships (contribution history)
- Engage in the community openly — Elixir Forum, Hex, GitHub Discussions. If you find a bug, file it; we'll work it out in the open
If you want to help: starring the repos genuinely helps discoverability, GitHub sponsorships keep the libraries maintained, and PRs are welcome on all open-source projects. Most of all — build something with the libraries. That's the highest compliment.
Every Moss Piglet product uses the same three-layer defense-in-depth model:
| Layer | Technology | What it protects against |
|---|---|---|
| Client-side (zero-knowledge) | Hybrid ML-KEM + X25519, XSalsa20-Poly1305, Argon2id (WASM) | The server, us, subpoenas, breaches, future quantum attacks |
| Application at-rest | Cloak AES-256-GCM | Database-level exposure |
| Infrastructure | LUKS full-disk encryption | Physical disk theft, hosting compromise |
Each layer fails independently. An attacker has to defeat all three. The outermost layer is the one we literally cannot help with — we don't have your keys.
- Elixir & Phoenix LiveView — the BEAM runs the show. Erlang/OTP fault tolerance, soft real-time everything, and an actor model that makes per-user crypto contexts feel natural.
- Rust — for the cryptographic core. Memory safety where it matters most.
- WASM — so the crypto runs in your browser, not on our servers.
- PostgreSQL — managed, encrypted, on Fly.io.
- No third-party telemetry, session replay, or behavioral analytics. Operational logs only.
- Moss Piglet Corporation, PBC — Delaware public benefit corporation
- SAM.gov ACTIVE — UEI Q9VFAM286JA3, primary NAICS 541511, small business across all categories
- Founders: Mark Thayer (solo developer/CEO), Ryan Thayer (veteran, advisor), John Thayer (advisor)
- Founder story: From stay-at-home dad to privacy-first founder
We take on a limited number of client projects each year — custom encrypted web applications, mobile apps, Elixir/Rust cryptographic libraries, and security consulting. We are also registered for U.S. federal contracting (SAM.gov active, DoD-eligible).
If our cryptographic libraries or our work make your day a little better, you can sponsor us on GitHub. Sponsorship goes directly to maintaining the open-source crypto libraries that the rest of the ecosystem can build on.
Made with care by a family in the United States.
