ASH Logo ASH
Infrastructure

Relay Infrastructure

Our relay servers are hosted in Europe with privacy-first infrastructure providers.

European Data Sovereignty

All ASH relay infrastructure is hosted within the European Union. This ensures your encrypted message blobs are processed under EU data protection laws, including GDPR.

🇪🇺 Why EU Hosting Matters

  • Data sovereignty - Your data stays in Europe under EU jurisdiction
  • GDPR protection - Strongest privacy regulations in the world
  • No US CLOUD Act - Not subject to US data access laws
  • Low latency - Fast connections for European users

Infrastructure Provider

ASH relay servers are powered by Scaleway, a European cloud provider headquartered in Paris, France.

Scaleway

European cloud provider with data centers in Paris and Amsterdam. Part of the Iliad Group, one of Europe's largest telecom operators.

🇫🇷 French Company 🇪🇺 EU Data Centers GDPR Compliant

We chose Scaleway because they are a European company with European data centers, ensuring your data never leaves EU jurisdiction.

Relay Locations

Region Location Provider Status
🇳🇱 EU West Amsterdam, Netherlands Scaleway Active

Additional relay locations may be added in the future based on user demand, always within privacy-respecting jurisdictions.

What the Relay Does

The relay server is intentionally designed to be untrusted. It handles:

  • Temporary storage - Holds encrypted blobs until retrieved (max 24-72 hours)
  • Message routing - Delivers messages to the correct recipient
  • Push notifications - Sends silent notifications via APNS

What the Relay Cannot Do

  • Cannot decrypt messages - Only you and your contact have the keys
  • Cannot identify users - No accounts, no identifiers
  • Cannot read metadata - Routing tokens reveal nothing about content
  • Cannot correlate conversations - Each conversation uses unique tokens

For complete technical details, see the Whitepaper and Security pages.

Open Source & Transparency

The relay server code is open source. You can audit exactly what it does:

View Backend Source Code

github.com/monadial/ash/backend

Deploy Your Own Relay

Don't want to trust our relay? You can deploy your own. We publish official Docker images with every release.

Full Control

Self-hosting gives you complete control over your relay infrastructure. Run it on your own servers, in your own jurisdiction, with your own security policies.

Docker Image (Scaleway Container Registry)

docker pull rg.nl-ams.scw.cloud/ash-backend/ash-backend:latest

Images are tagged by git commit SHA for reproducibility. Use :sha-<commit> for a specific version.

Quick Start Guide

1
Pull the Docker image
docker pull rg.nl-ams.scw.cloud/ash-backend/ash-backend:latest
2
Run the relay server
docker run -d \
--name ash-relay \
-p 8080:8080 \
-e RUST_LOG=info \
rg.nl-ams.scw.cloud/ash-backend/ash-backend:latest
3
Configure your domain (optional)

Set up a reverse proxy (nginx, Caddy) with TLS for production use. Point your domain to the relay.

4
Configure ASH app to use your relay

In the ASH app settings, enter your relay URL to use your self-hosted server instead of the default.

Environment Variables

Variable Description Default
RUST_LOG Log level (error, warn, info, debug) info
PORT HTTP port to listen on 8080
MESSAGE_TTL Message expiry time in seconds 259200 (72h)

For advanced configuration and deployment options, see the backend documentation on GitHub.

For security details, see Security. For technical specifications, see the Whitepaper.