Compartment is a private, end-to-end-encrypted messenger. End-to-end encrypted means your messages are sealed on your phone and only opened on the phone of the person you're talking to — the server only ever relays sealed ciphertext and can never read your messages.
1. Before you start
- An iPhone on a recent iOS version, with Face ID (or Touch ID) set up.
- iCloud Keychain turned ON — Settings → [your name] → iCloud → Passwords and Keychain. Your sign-in passkey lives here; with it off, deleting and reinstalling the app loses the passkey and you'd need a new invite.
- An invite from whoever runs your organisation — Compartment is invitation-only. It comes in two parts: a one-time invite code (a long token or QR, used once to enroll) and your handle (looks like
firstname.l— your username, used every time you sign in).
2. Installing the app (TestFlight)
Compartment is currently distributed through Apple's TestFlight, not the public App Store.
- Install the free TestFlight app from the App Store if you don't have it.
- Open the invite email from TestFlight (separate from your Compartment invite code) on your iPhone.
- Tap View in TestFlight → Install.
3. Setting up your account
A three-step handshake: you enroll → your admin approves → you sign in.
Step 1 — Enroll your device
- Open Compartment → on the sign-in screen tap "Enroll a new device."
- Enter your invite code — scan the QR, or paste the token into Invite token.
- Optionally name the device, then tap "Enroll + create passkey" and confirm with Face ID.
A passkey is a phishing-resistant replacement for a password — nothing to memorise, and the secret never leaves your device's secure hardware.
Step 2 — Wait for approval
Step 3 — Sign in
- Tap "Sign in with passkey."
- Enter your handle (e.g.
tope.a). - Confirm with Face ID. You're in. 🎉
Reaching the home screen also quietly publishes the keys others need to start a chat with you — so just open the app to the list once.
4. Signing in
After setup, signing in is: open the app → if prompted, Sign in with passkey → enter your handle → Face ID. No password to remember. If you've been away a while the app may re-confirm with Face ID for safety — that's expected, and never requires re-enrolling.
5. The conversation list (home)
The home screen lists conversations, newest first. Each shows the name, a preview of the last message (prefixed "You:" if you sent it), a timestamp, and an unread badge when there's something new.
The list updates on its own — you don't have to open a chat or pull to refresh; new messages surface within about ten seconds while you're looking at it. You can also pull down to refresh manually.
6. Starting a conversation
- Start a new conversation from the home screen.
- Search people by name or handle.
- Select one person → a 1:1 (button reads Start), or two or more → a group (button reads Create group).
1:1 chats are deduplicated — starting a "new" chat with someone you already have one with just reopens it.
7. Sending and reading messages
Sending. Type at the bottom and send. Your message appears immediately with a small clock icon while it's sealed and relayed, then settles into a normal bubble. A failed send is marked "Not delivered · tap to retry" — tap it to try again.
Reading. Incoming messages appear in real time while the chat is open, and the list flags them even when it's closed. Opening a conversation catches you up on anything missed.
Layout. Several messages from the same person within a few minutes are grouped into a single run with one timestamp; day separators ("Today" / "Yesterday" / a date) mark each day; your messages are on the right, theirs on the left.
Copy. Press and hold a bubble to copy it.
8. Groups
- Create a group by selecting two or more people when starting a conversation.
- A group is named after its members automatically.
- Open the members screen to see who's in it and, with permission, add or remove people. When someone is removed, the group's keys roll forward so they can't read anything sent afterwards.
9. Notifications
Allow notifications at Settings → Compartment → Notifications → Allow. Compartment's notifications are deliberately content-free: a locked-phone alert shows a generic "New activity" banner — no sender name and no message text. Tapping it opens the app, which then loads the message securely.
10. Safety numbers & key transparency
Neither is needed for everyday messaging — they're there when you want to prove nobody is impersonating your contact or tampering in the middle.
Safety numbers
Each 1:1 has a safety number derived from both identity keys. From the conversation menu choose Verify safety number, compare it with your contact over a separate trusted channel (read it aloud on a call, compare in person), and if it matches tap "I've verified this matches." The app remembers this locally. If a number ever changes unexpectedly, ask your contact (it can be innocent — a reinstall — or worth a second look).
Key transparency
Compartment publishes everyone's public keys to a tamper-evident, append-only log so the server can't secretly hand you the wrong key. The Key Transparency screen (from Settings) shows, with ✓ / ⚠ indicators, that the log hasn't been tampered with or rewound, that your own key is correctly published, that its membership is backed by a cryptographic proof, and that independent witnesses agree on the same log. You can also share your own "witness" token and paste a contact's to cross-check. This is advanced, optional assurance — a normal user never has to touch it.
11. Your device & signing out
- One device = one identity. Your account is bound to the device you enrolled. For a second phone, ask your admin for a new invite.
- Signing out wipes local data. Logging out erases the on-device encrypted message archive — nothing private is left behind. Your history lives encrypted on your device, not on the server.
- Reinstalling. With iCloud Keychain on, your passkey survives a delete/reinstall and you sign straight back in. Without it, a reinstall loses the passkey and needs a fresh invite.
- Lost or stolen phone. Tell your admin — they can revoke that device immediately; any open session is cut off.
12. What the server can and cannot see
The server CANNOT see: the content of any message (sealed on your phone, opened only on the recipient's); your encryption keys (they live only on devices); or anything in a notification (pushes are content-free).
The server (and whoever runs it) CAN see some metadata: who has an account and their handles; that messages are flowing between participants, and roughly when; and group membership. It can't read a single word of what you say, and past messages stay protected even if the server were later compromised (forward secrecy).
13. Troubleshooting
"A developer has to invite you." (Internal testers only.) Open TestFlight signed into the exact Apple ID you were added under — watch for dots in Gmail addresses. Ask your admin which address they used.
Enroll failed — what the error means:
- 400 — usually the one-device-one-identity guard: this phone is already tied to a different account. Don't make a new identity on it; ask your admin to re-invite your existing account. (Can also mean a corrupted invite — get a fresh one.)
- 401 — your invite code is used or expired. Most often from enrolling a second time after already reaching "Waiting for approval" (that was already success). Ask for a fresh invite if you genuinely need to restart.
Stuck on "Waiting for approval." Normal right after enrolling — your admin hasn't approved your device yet. Ping them. Do not re-enroll.
Can't sign in after approval. Use Sign in with passkey and enter your handle (not the invite code). Check iCloud Keychain is on and your passkey exists.
Can't start a chat with someone you just invited. They need to have signed in and opened the app to their list at least once. Ask them to, then retry.
"Not delivered." Tap the bubble to retry once you have connectivity.
No notifications. Check Settings → Compartment → Notifications → Allow. The banner is intentionally generic ("New activity").
Still stuck? Contact your admin — most issues are an invite/approval-state mismatch they can clear in seconds.
14. Quick reference
| I want to… | Do this |
|---|---|
| Install the app | TestFlight email → View in TestFlight → Install |
| Set up my account | Enroll with invite code + Face ID → wait for approval → Sign in with passkey + handle |
| Sign in later | Open app → Sign in with passkey → handle → Face ID |
| Start a 1:1 | New conversation → pick one person → Start |
| Start a group | New conversation → pick two or more → Create group |
| Send a message | Type and send (clock = sending; tap a failed one to retry) |
| Copy a message | Press and hold the bubble → Copy |
| Refresh the list | It updates on its own (~10s); or pull down |
| Verify a contact | Conversation menu → Verify safety number → compare out-of-band |
| Check transparency | Settings → Key Transparency |
| Turn on notifications | Settings → Compartment → Notifications → Allow (banners are content-free) |
| Use a second phone | Ask your admin for a new invite for that device |
| Sign out | Logout (wipes the local message archive on this phone) |