End-to-end encrypted e-commerce. Your customers' data stays between you and them.
Every online shop today leaks customer data. Not because the shop owner wants it to, but because the infrastructure demands it. Hosting providers see order data. CDN providers see product requests. Analytics tools track browsing behavior. Payment processors build purchasing profiles. E-commerce platforms mine transaction patterns. Every middleman in the chain gets a copy of your customers' names, addresses, and buying habits.
GoShop eliminates the middlemen from the data flow.
Built on the SimpleX Messaging Protocol, GoShop routes all communication between customer and shop through end-to-end encrypted channels. The product catalog, the shopping cart, the order with delivery address, the order confirmation, the shipping update - every single interaction is a Double Ratchet encrypted message with perfect forward secrecy. No relay server, no hosting provider, no third party can read what your customer buys or where they live.
This is not about anonymous shopping. This is not about hiding from law enforcement. This is about a shop owner's basic responsibility: keeping customer data private. The customer provides their real name and real delivery address - to the shop owner, through an encrypted channel that nobody else can tap.
GoShop runs as a browser application on the shop's website. When a customer visits the shop, their browser establishes an encrypted connection through an SMP relay server. From that point on, everything happens inside the encrypted channel.
Customer (Browser) GoRelay / SMP Server Shop Owner
| | |
|-- "Show me products" ----------->|----------------------------->|
|<- Product catalog (encrypted) ---|<-----------------------------|
| | |
|-- Add to cart (local) ---------->| (server sees nothing) |
| | |
|-- Order + Address (encrypted) -->|----------------------------->|
|<- Confirmation (encrypted) ------|<-----------------------------|
|<- Shipping update (encrypted) ---|<-----------------------------|
| | |
The relay server sees 16 KB encrypted blocks. It cannot distinguish a product catalog request from an order, a delivery address from a shipping update. All blocks are the same size, all encrypted, all anonymous.
| Data | Traditional shop | GoShop |
|---|---|---|
| Browsing behavior | Visible to hosting, CDN, analytics | Encrypted, invisible to all middlemen |
| Product searches | Logged by search provider | Encrypted message to shop owner |
| Shopping cart | Often stored server-side, trackable | Local in browser, never transmitted unencrypted |
| Name and address | Stored in shop database, visible to hosting provider | Encrypted end-to-end, only shop owner can read |
| Order details | Visible to platform, payment processor, hosting | Encrypted message, relay server sees only opaque blobs |
| Payment | Handled normally | Handled normally (bank transfer, PayPal, credit card) |
Payment processing works exactly like any normal shop. Bank transfer, PayPal, credit card - whatever the shop owner offers. GoShop does not touch the payment flow. What GoShop protects is everything else: what the customer looked at, what they bought, where they live, and every message between customer and shop.
A data breach at a traditional online shop exposes names, addresses, order histories, and browsing patterns of every customer. With GoShop, there is nothing to breach on the server side. The relay server never had the data. The shop's web hosting never had the data. The only place customer data exists in readable form is on the shop owner's device.
For DSGVO/GDPR compliance, this is the ideal architecture. You cannot leak data you never stored. You cannot be compelled to hand over data you cannot read. The shop owner holds the only key, on their own device.
| Project | Role |
|---|---|
| SimpleGo | Dedicated hardware messenger (ESP32-S3, 5 encryption layers) |
| GoRelay | Encrypted relay server (SMP + GRP, zero-knowledge) |
| GoChat | Browser-native encrypted messenger (SMP over WebSocket) |
| GoShop | End-to-end encrypted e-commerce (this project) |
GoShop builds on GoChat's browser-native SMP client and GoRelay's zero-knowledge infrastructure. The shop owner receives orders on their SimpleX app, SimpleGo hardware terminal, or GoChat admin panel.
Concept phase. Architecture and protocol design in progress.
AGPL-3.0
GoShop is part of the SimpleGo ecosystem by IT and More Systems, Recklinghausen, Germany.
GoShop - your customers' data is none of the internet's business.