2021 in review: An update from the Proton Engineering team

At Proton, our community is incredibly important to us. We exist only through your support, and we are here to serve you. As part of our commitment to you, we closely read the feedback you share with us directly and on social media platforms. We take your suggestions to heart and try our best to meet your needs. 

In reading through your feedback, we recognize that while 2021 was a busy year for us from an engineering and product perspective, we did not fully meet the expectations of many of you in the community. We, too, are disappointed by the slow pace of development of existing and new Proton products, and for that, we apologize. 

One of Proton’s core values is transparency. In this inaugural community engineering update, we want to provide some perspective on why we could not deliver on all commitments in 2021, what we are changing to improve this going forward, and what you can expect from us in 2022. 

The challenge of building encrypted products

The twin pillars of Proton product design are security and usability. It is difficult to build a secure product, and it is difficult to build an easy-to-use product. Meanwhile, doing both simultaneously is very challenging, particularly when dealing with end-to-end encryption.

Software engineering today, including at Proton, largely embraces “agile” development practices, which, at the risk of gross oversimplification, encourages rapid iteration rather than detailed in-advance planning (“waterfall”). The exception to this rule at Proton is designing the cryptosystems used in our products. Encryption is not simply a layer that we can add on top of an unencrypted product. Once a piece of data is encrypted, it is extraordinarily difficult (if not impossible) to change its format or restructure it to accommodate new features because we’re unable to read or modify the encrypted data.

The consequence of this is that things must be done “correctly” the first time around. There’s no real possibility to iterate and improve later, as future improvements may not be possible if the cryptographic architecture is incorrect. This sets a much higher bar for the care and attention that must go into the planning stages of our products and features, which simply takes more time.

Encryption also adds complexity in other ways. Our commitment to encrypting as much data as is practical and using digital signatures everywhere to verify data authenticity means we can rarely choose the simplest path or use pre-existing solutions. Many off-the-shelf libraries do not work because of our encryption of data (and metadata in some cases). 

A good example of this is our encrypted message content search feature(new window), which we recently released on our web app to everyone with a paid Proton Mail(new window) plan. Many great open-source search libraries exist, but they are all server-side software, which does not work for Proton Mail because our end-to-end encryption means that Proton servers do not have access to your messages. Thus, to introduce a full message content search, we had to build a custom solution that runs entirely on your device, has good performance, and scales well to large inboxes. As you might imagine, this took far more development time and effort than using an off-the-shelf library or service.

Overcoming technical debt

While we deal with some unique challenges at Proton, we also have to grapple with garden-variety software engineering challenges, including one of which will be familiar to any developer: technical debt.

Technical debt is a term used in the software industry to refer to the cumulative cost of the rework needed to address suboptimal technical choices made in the past. Technical debt, if left unaddressed, accumulates “interest”, which makes it progressively more difficult to build new features. An application with too much technical debt can also become more bug-prone if features are added without addressing the debt.

There is some nuance around the word “suboptimal” in the above definition. Suboptimal decisions can be made which are known to be suboptimal at the time but are still made because the trade-off is deemed worth the cost. In our case, we focused on speed and features during much of Proton Mail’s early development because early-stage startups do not have the luxury of time — this incurred technical debt, particularly on our mobile applications, which has required tremendous effort to rebuild. 

In 2021, we launched a new version of the Proton Mail web app that is much more modern, easy-to-use, and reliable. We rewrote this new web app from the ground up, which allowed us to retire a great deal of technical debt. This is already paying dividends, leading to the faster release of new features on our web app in 2021, and we will further accelerate the development of new features in 2022. 

The Proton Mail mobile apps are the subject of frequent complaints from the community, and they are due for a refresh. Unfortunately, we will also need to rewrite these apps to retire their technical debt. This is a highly complex project, and despite our best efforts, we could not complete it in 2021 (the new iOS and Android apps are now in public beta, but the general release will come later in 2022). However, once we release the new version of the mobile apps to all users, we will accelerate development as we have done with the web app. 

What happens with Proton Mail also has consequences for Proton Calendar(new window) and Proton Drive(new window). We are working with finite resources, which means we must prioritize. The Proton community has consistently favored prioritizing Mail development, so when we must make trade-offs, we prioritize Mail over Calendar and Drive. VPN has much less interdependence, so such trade-offs are less necessary. 

What’s next

This past year, we focused on laying down a foundation upon which we can build an internet where privacy is the default. While this work is never complete (as any engineer will tell you), we have made tremendous progress. Key architectural decisions have been finalized, shared components developed, and we will soon be able to retire the old mobile apps and move to a new framework that allows faster development. The work done in 2021 was essential, but unfortunately, it mostly happened behind the scenes, and in many cases, did not lead to immediately noticeable benefits for the community. However, in 2022 this will change as we build upon the new foundation that we have laid. 

It’s difficult to cover all we have planned in a single blog post, so we will follow up with more details in subsequent posts, but below are some of the highlights from the current 2022 roadmap.

The first half of 2022

  • A new iOS app for Proton Mail (the app is currently undergoing public beta testing(new window), and we’re implementing community feedback) 
  • A new Proton website and visual updates across all our products
  • The general release of the ProtonDrive web app (the beta is currently limited to people with a paid Proton Mail plan)
  • A public beta for Proton Mail for desktop (this is a proof of concept to test interest in a Proton Mail desktop app)
  • Proton Calendar Android general release (currently in open public beta(new window))

The second half of 2022

  • The general release of the Proton Calendar iOS app (the app is currently in limited public beta)
  • The general release of Proton Drive Windows, Android, and iOS apps
  • The general release of Proton Mail Bridge “v3”. The current Bridge release is “v1”, and a redesigned “v2” with many performance and sync improvements is currently in public beta. An even better “v3” which will resolve all outstanding performance and sync issues is coming in 2022.

The Proton Mail Android app is noticeably missing from the list above. The new Android app is in public beta testing right now, but due to issues with technical debt, we believe the app requires more work under the hood to unlock more future development velocity. We will provide more details on the release plan for the updated Android app in the coming months, but if you want to start testing it, you can join our public beta program for Android(new window)

In closing, we would like to thank you again for your patience and understanding. It is not always easy reading the comments asking us to move faster, but we are nevertheless grateful to receive them because it means what we are doing matters. Our first priority is always to serve you, and we will always endeavor to explain the situation to the community as transparently as possible. Thank you again for your support and for giving us the chance to serve you better.

Protect your privacy with Proton
Create a free account

Related articles

From the very beginning, Proton has always been a different type of organization. This was probably evident from the way in which we got started via a public crowdfunding campaign that saw 10,000 people donate over $500,000 to launch development. As
Your online data is valuable. While it might feel like you’re browsing the web for free, you’re actually paying marketing companies with your personal information. Often, even when you pay for services, these companies still collect and profit from y
Password spraying attacks pose a major risk to individuals and organizations as a method to breach network security by trying commonly used passwords across numerous accounts. This article explores password spraying attacks, explaining their methods
A secure password is your first defense against unauthorized access to your personal information. While there are tools that generate strong passwords, remembering these complex combinations can become a challenge. Even if you use mnemonic devices,
Choosing the best email hosting provider for your small business is crucial for maintaining security, control, and compliance with data protection laws.  For one, many popular providers, such as Gmail and Outlook, don’t apply end-to-end encryption b
Today, we’re excited to announce new enhancements to Proton Drive’s sharing functionality, giving you greater control over who you share with and how you share your files and folders. This feature builds on how sharing currently works in Drive by le