CoinClear

Oxen (formerly Loki)

5.4/10

Privacy infrastructure project powering Session messenger and Lokinet — the messaging app may be more valuable than the cryptocurrency itself.

Updated: February 16, 2026AI Model: claude-4-opusVersion 1

Overview

Oxen (formerly Loki Network) launched in 2018 as a Monero fork with an added service node layer. The original vision combined Monero's privacy technology with a network of incentivized service nodes that would power privacy applications. Over time, the project evolved from a privacy cryptocurrency into a privacy infrastructure platform, with Session messenger becoming its most prominent product.

The Oxen ecosystem consists of three main components:

  1. Oxen (OXEN): The cryptocurrency, a CryptoNote-based privacy coin with service node staking.
  2. Session: An end-to-end encrypted messenger that requires no phone number, email, or identity to register. Messages are routed through a decentralized network of Oxen service nodes.
  3. Lokinet: A low-latency onion-routing network (similar to Tor but faster) powered by Oxen service nodes.

Session has achieved meaningful traction, with millions of downloads and a growing user base among privacy-conscious individuals, journalists, activists, and users in censored regions. The app is available on iOS, Android, and desktop, with a user experience that approaches Signal's simplicity while offering stronger metadata protection.

The strategic evolution from privacy coin to privacy infrastructure is pragmatic. Privacy coins face extreme regulatory pressure, but privacy messaging and networking tools have broader societal acceptance — even governments use encrypted communications. Session's adoption provides a more viable growth path than the OXEN cryptocurrency alone.

Privacy Technology

Session Messenger Privacy

Session's privacy properties are compelling:

  • No phone number required: Unlike Signal or WhatsApp, Session doesn't require a phone number or email to register. Users receive a Session ID (a long alphanumeric string) that serves as their identifier.
  • Decentralized routing: Messages are routed through Oxen's service node network using onion routing (similar to Tor). No single service node sees both the sender and receiver.
  • End-to-end encryption: Messages are encrypted using the Signal protocol, with keys managed locally.
  • No central server: Unlike Signal (which uses centralized servers), Session's message routing is decentralized through service nodes. There's no single entity to subpoena for message records.
  • Metadata protection: The onion routing hides IP addresses and routing patterns, providing metadata protection that centralized messengers cannot match.

CryptoNote Privacy (Oxen Coin)

The OXEN cryptocurrency inherits Monero's privacy features: ring signatures, stealth addresses, and RingCT for hidden amounts. This provides strong transaction privacy for the cryptocurrency itself, though the coin is secondary to Session in terms of project relevance.

Lokinet

Lokinet provides low-latency onion routing for general internet traffic. Unlike Tor (which uses volunteer relay operators), Lokinet uses Oxen's economically incentivized service node network. This theoretically provides more reliable and faster routing than Tor, with economic incentives for maintaining node quality.

Service Node Architecture

Oxen service nodes are the backbone of the privacy infrastructure. Operators stake OXEN tokens and run nodes that provide: Session message routing, Lokinet traffic routing, and blockchain validation. The service node incentive model ensures a robust network of privacy-enabling nodes.

Security

Session Security Model

Session's security has been audited by Quarkslab and other firms. The end-to-end encryption uses well-studied protocols (Signal's X3DH and Double Ratchet). The decentralized routing adds metadata protection that centralized alternatives cannot provide.

Key security considerations:

  • No perfect forward secrecy in groups: Session group chats use sender keys rather than the pairwise ratcheting that provides perfect forward secrecy in 1:1 chats. This is a known trade-off for group scalability.
  • Service node trust: While no single service node sees full message metadata, colluding service nodes along a route could theoretically correlate traffic. The large service node network makes this difficult but not impossible.

Service Node Security

Service nodes stake OXEN tokens (currently ~15,000 OXEN per node), providing economic security against misbehavior. Nodes that go offline or fail to meet uptime requirements are deregistered and lose staking rewards. The staking requirement provides Sybil resistance for the service node network.

Chain Security

The Oxen blockchain uses a modified CryptoNote consensus with service node-based block validation. Service nodes reach consensus through a quorum mechanism, providing finality beyond PoW confirmation. The security model is adequate for the chain's size and purpose.

Audit History

Session has undergone security audits, which is important for a messaging application that privacy-sensitive users depend on. The audits found issues that were addressed, demonstrating responsible security practices.

Decentralization

Service Node Network

Oxen operates 1,000+ active service nodes globally. This provides substantial infrastructure for Session message routing and Lokinet traffic. The service node requirement (significant OXEN stake + hardware) creates moderate barriers to entry but ensures committed operators.

Session Decentralization

Session's decentralized architecture means there's no central server that can be shut down, no single entity that stores all messages, and no organization that can be compelled to provide bulk surveillance access. This is genuinely more decentralized than Signal, WhatsApp, or Telegram.

Governance

Oxen governance is managed by the Oxen Privacy Tech Foundation (OPTF), based in Australia. The foundation directs development priorities for Oxen, Session, and Lokinet. While not a fully decentralized DAO, the foundation provides a legal entity that can defend the project's interests.

Token Requirement

Session currently requires the OXEN token for service node operation, tying the messaging infrastructure to the cryptocurrency. There have been discussions about potentially separating Session's infrastructure from the OXEN token, which could benefit Session's adoption but would undermine OXEN's utility.

Adoption

Session Growth

Session is the project's adoption success story. The app has been downloaded millions of times across platforms and has a growing user base. Session is used by:

  • Privacy advocates and cypherpunks
  • Journalists and sources in sensitive environments
  • Users in censored regions seeking metadata-resistant communication
  • Crypto communities preferring Session over Telegram
  • Organizations requiring secure, anonymous communication

Session vs. Signal

Session trades some of Signal's features (phone number-based identity makes onboarding easy, centralized servers provide reliable delivery) for stronger privacy properties (no phone number, decentralized routing, metadata protection). For users who prioritize privacy over convenience, Session is arguably superior to Signal.

Oxen Coin Adoption

The OXEN cryptocurrency itself has limited adoption for payments or transfers. Its primary utility is service node staking, which provides infrastructure for Session and Lokinet. The coin's value is increasingly derived from its infrastructure role rather than direct payment usage.

Lokinet Adoption

Lokinet usage is small — most users prefer Tor for anonymization or traditional VPNs for basic privacy. Lokinet's advantages (speed, economic incentives for node operators) haven't been sufficient to capture meaningful market share from established alternatives.

Regulatory Risk

Encrypted Messaging Regulatory Landscape

Encrypted messaging faces increasing regulatory pressure globally. Proposals like the EU's Chat Control, UK's Online Safety Act, and Australia's TOLA Act threaten end-to-end encryption. Session's decentralized architecture makes compliance with "lawful intercept" orders technically impossible — a feature for privacy advocates but a concern for regulators.

Australian Jurisdiction

The OPTF is based in Australia, which has some of the world's most aggressive anti-encryption legislation (the Telecommunications and Other Legislation Amendment Act). This jurisdictional choice creates legal risk for the foundation, though Session's decentralized architecture limits what the foundation can technically provide even if compelled.

Privacy Coin Regulations

The OXEN cryptocurrency faces standard privacy coin regulatory pressures — exchange delistings, jurisdictional restrictions, and compliance concerns. However, the cryptocurrency is increasingly secondary to Session in the project's overall value proposition.

Moderate Risk Position

Session's regulatory risk is real but not as severe as privacy coins. Encrypted messaging has broader societal acceptance than private cryptocurrency — even government officials use encrypted communications. The framing as a "messaging app" rather than a "crypto project" provides some regulatory cover.

Risk Factors

  • OXEN-Session coupling: Session's infrastructure depends on OXEN token staking; potential separation could undermine token value.
  • Australian regulatory risk: OPTF in Australia faces aggressive anti-encryption legal environment.
  • Privacy coin regulatory pressure: OXEN cryptocurrency subject to standard privacy coin delistings.
  • Competition: Signal, WhatsApp, Telegram are far more widely used for messaging.
  • Lokinet limited traction: Tor dominates the onion routing market; Lokinet has minimal adoption.
  • Service node economics: OXEN price decline could make service node operation unprofitable, reducing network size.
  • Group chat limitations: No perfect forward secrecy in group chats is a meaningful security trade-off.

Conclusion

Oxen represents one of the more successful pivots in privacy crypto — from a Monero-fork privacy coin to a privacy infrastructure platform anchored by Session messenger. Session is a genuinely useful privacy product with a growing user base and a compelling privacy proposition that exceeds centralized alternatives. The onion-routed, decentralized architecture provides metadata protection that Signal cannot match.

The OXEN cryptocurrency itself is primarily a staking mechanism for the service node network rather than a standalone privacy currency. This creates an interesting dynamic where Session's success doesn't necessarily translate to OXEN token value — especially if Session's infrastructure could theoretically be decoupled from the token.

The 5.4 score reflects Session's meaningful adoption and strong privacy properties, balanced against the uncertain relationship between Session's success and OXEN token value, regulatory risks, and limited adoption of Lokinet and the cryptocurrency itself.

Sources