TempMail Ninja
//

Paralino: An Open-Source, Privacy-First Location Sharing App

7 min read
TempMail Ninja
Paralino: An Open-Source, Privacy-First Location Sharing App

In an era defined by hyper-surveillance and the monetization of spatial data, a fundamental tension exists between digital autonomy and familial peace of mind. Every time a user installs a traditional location sharing app, they enter an implicit bargain: they trade their real-time coordinates, battery levels, and personal routes for the ability to coordinate with loved ones. For years, centralized tracking giants have collected, stored, and often monetized this highly sensitive telemetry. However, the release of the complete open-source code for Paralino on July 8, 2026, marks a pivotal shift in this landscape. Developed by Austrian software engineer Zelimir Bosnjak, Paralino is a mature, cross-platform utility that proves security, transparency, and a polished user interface do not have to be mutually exclusive.

Why the Modern Location Sharing App Needs an Open-Source Reboot

For over a decade, mainstream family safety and tracking services have operated as telemetry-gathering engines disguised as utility programs. Dominant players in this space have repeatedly faced scrutiny for selling real-time precise location data to third-party aggregators, insurance companies, and marketing firms. Even built-in operating system alternatives, such as Google Location Sharing or Apple’s Find My, bind users to proprietary ecosystems, requiring deep integration with Google Play Services or iCloud accounts. These platforms create massive, centralized honey pots of user behavior and physical routines.

The requirement for an end-to-end encrypted (E2EE), zero-knowledge location sharing app has never been more urgent. To be truly secure, location tracking must happen locally. Coordinates must be encrypted on-device before they are pushed to any transit server, and the keys to decrypt that data must remain strictly in the hands of authorized group members. Paralino’s transition to an open-source model directly answers this call. By placing the full codebase for both Android and iOS on GitHub, the project allows security researchers, developers, and privacy advocates to verify its cryptographic mechanisms and confirm that its servers have zero visibility into user coordinates.

The Cryptographic Blueprint of Paralino

At the core of Paralino’s design is a robust, zero-knowledge cryptographic architecture. The application is built entirely on the principle that the server is an untrusted medium. It cannot read, alter, or inject metadata into the communication stream. Under the hood, Paralino uses the industry-standard libsodium library to manage all of its mathematical operations, wrappered for Kotlin through the developer’s custom library, parasodium. The cryptographic pipeline is segmented into several specialized layers to handle authentication, identity management, group creation, and real-time telemetry encryption:

  • Password Hashing and Key Derivation (Argon2id): When an account is created, the application uses Argon2id, a state-of-the-art key derivation function, to hash the user’s password. This process derives a local Key Encryption Key (KEK) on the client device. This KEK is used to encrypt the user’s local Master Key, ensuring that even if the server is compromised, user credentials and master keys cannot be brute-forced without massive computational expenditure.
  • Symmetric Location Encryption (XChaCha20-Poly1305): Real-time location packets, speed, elevation, and historical travel paths are symmetrically encrypted using XChaCha20-Poly1305. This Authenticated Encryption with Associated Data (AEAD) cipher ensures both the confidentiality and integrity of location telemetry. The payload cannot be read or manipulated in transit.
  • Key Exchange and Asymmetric Encryption (X25519 & XSalsa20-Poly1305): To establish a secure channel between multiple devices in a shared group, the app leverages X25519 Diffie-Hellman key exchange. Group Master Keys are encrypted and cryptographically signed using a hybrid of X25519 and XSalsa20-Poly1305, allowing group owners to distribute keys to newly authorized members safely.
  • Digital Signatures (Ed25519): All location updates are signed using Ed25519 digital signatures. This guarantees authenticity, confirming to other members in a group that the incoming telemetry truly originated from the specified member’s device and has not been spoofed by an external entity or a rogue server.

The Paralino.ID Ecosystem and Pre-Key Handshakes

A common pitfall of private tracking utilities is the leakage of metadata during the discovery phase—when two users attempt to locate and connect with each other. Paralino mitigates this vulnerability through the Paralino.ID, an anonymized 8-character string generated cryptographically on the device. It acts as a public identifier that is completely decoupled from any personal details such as phone numbers or email addresses.

When a group owner invites a user, they input the target’s Paralino.ID. The inviting device locally derives an ID Encryption Key from this identifier. It then queries the server to fetch a single-use “Pre-Key” registered to that ID. This Pre-Key contains the user’s encrypted name, profile picture, Public Identity Key, and a signed membership key. The inviting device decrypts this payload, verifies that the internal Paralino.ID matches the input, and then uses the public keys to invite the member. Because this handshake occurs entirely client-side, Paralino’s backend server remains blind to who is connecting with whom, preventing the construction of social graphs.

Multiplatform Engineering via Kotlin and Compose

One of the most impressive technical achievements of Paralino is its unified codebase. Maintaining separate native codebases for Android and iOS is often the death knell for solo open-source projects; the sheer overhead of tracking API changes across both Swift and Kotlin leads to fragmentation, bugs, and eventual project abandonment. Zelimir Bosnjak bypassed this pitfall by building Paralino as a modular Kotlin Multiplatform (KMP) repository.

By pairing KMP with Compose Multiplatform, the project shares over 95% of its business logic, cryptographic wrapping, and user interface code across both mobile operating systems. This layout ensures that changes made to the cryptographic stack, background sync operations, or the spatial rendering UI are immediately compiled for both platforms. Rather than relying on generic cross-platform frameworks that degrade performance, KMP compiles down to native binaries, giving Paralino the snappiness of a native app on both iOS and Android while preserving structural parity across the two ecosystems.

Achieving a Fully De-Googled Tracking Architecture

Historically, the biggest challenge for any Android-based location sharing app has been its reliance on Google Play Services. To fetch precise coordinates efficiently and send background notifications, mainstream apps use Google’s proprietary Fused Location Provider and Firebase Cloud Messaging (FCM). For users running privacy-respecting, de-googled custom operating systems like GrapheneOS, LineageOS, or CalyxOS, this reliance makes such apps unusable. Paralino solves this bottleneck by providing a dedicated, completely de-googled Android build that operates entirely on native, open-source alternatives:

  1. AOSP LocationManager API: Instead of relying on Google’s proprietary location APIs, the de-googled Android build taps directly into the native Android Open Source Project (AOSP) LocationManager. It pulls coordinates directly from the hardware GPS receiver, bypassing any Google-owned telemetry-collection layers.
  2. MapLibre Native: To render the interactive map, Paralino eschews Google Maps APIs, which track user map queries and coordinate views. Instead, it incorporates MapLibre, an open-source, community-driven fork of Mapbox GL. MapLibre renders highly performant vector maps using open-source OpenStreetMap tiles hosted on private, EU-compliant servers.
  3. UnifiedPush and Direct WebSockets: To handle push alerts (such as geofence entries or battery warnings) without FCM, Paralino implements UnifiedPush. This decentralized protocol allows users to route push notifications through their own private servers (such as ntfy, Nextcloud, or Matrix gateways). For users without a UnifiedPush provider, the app establishes a highly optimized, direct WebSocket connection back to the Paralino server to maintain real-time sync without a battery-drain penalty.

Granular Sharing Controls and Privacy Zones

Most location trackers demand an all-or-nothing approach, forcing users to stream continuous, high-precision coordinates to their groups. Paralino introduces unmatched user agency through several modular, granular sharing options that put the user in complete control of their telemetry footprint:

  • Selective Attribute Sharing: Users can toggle specific data fields on or off for individual groups. You can choose to share your raw coordinate location while completely hiding your current speed, elevation, or exact device battery percentage.
  • Temporary and On-Demand Sharing: Rather than sharing coordinates permanently, users can configure self-expiring sharing windows. For example, a user can share their location with a coworker or friend for a fixed duration of two hours, after which the session automatically terminates on the client side.
  • Privacy Zones and Approximate Sharing: A major feature in Paralino is the ability to define geofenced “Privacy Zones”. When a user enters one of these pre-defined zones (such as their home, workplace, or a sensitive medical facility), the app automatically switches from precise GPS tracking to sharing an approximate area. This hides the user’s exact coordinates while still keeping loved ones informed that they are safe.
  • E2EE Geofencing (“Place Alerts”): Traditional apps monitor geofences by having the server track user coordinates in real-time and checking if they overlap with a geofence. Paralino processes geofencing entirely on the local device. The device itself recognizes when it crosses a geofence boundary, encrypts a notification (e.g., “Arrived at School”), and routes that encrypted packet to the group. The server has no knowledge of where the geofence is located or what place has been entered.

Compiling, Verifying, and Building From Source

By open-sourcing the mobile repositories on July 8, 2026, Paralino has bridged the gap between theoretical privacy and empirical verification. Developers, system administrators, and security auditors can verify the app’s cryptographic integrity by compiling it themselves. The repository is structured recursively to include all necessary submodules, including the custom Libsodium bindings.

To clone and build the project locally, developers can run the following sequence in their terminal:

git clone --recursive https://github.com/paralino/paralino.git
cd paralino

For users who prefer to use pre-compiled binaries but still want to verify their authenticity, the developer provides public cryptographic hashes for every release. By matching the

TN

Written by

TempMail Ninja

Digital privacy and online security expert. Passionate about creating tools that protect users' identity on the internet.