Merge pull request 'intro notes' (#1) from sarah_notes into main

Reviewed-on: #1

docs/intro.md

@@ -2,12 +2,65 @@
 sidebar_position: 1
 ---
 
-# Cwtch Intro
+# What is Cwtch?
+
+Cwtch (/kʊtʃ/ - a Welsh word roughly translating to “a hug that creates a safe place”) is a decentralized, privacy-preserving, metadata resistant messaging app.
+
+* **Decentralized and Open**: There is no “Cwtch service” or “Cwtch network”. Participants in Cwtch can host their own safe spaces, or lend their infrastructure to others seeking a safe space. The Cwtch protocol is open, and anyone is free to build bots, services and user interfaces and integrate and interact with Cwtch.
+* **Privacy Preserving**: All communication in Cwtch is end-to-end encrypted and takes place over Tor v3 onion services.
+* **Metadata Resistant**: Cwtch has been designed such that no information is exchanged or available to anyone without their explicit consent, including on-the-wire messages and protocol metadata.
+
+
+
+** See also: [Create a profile](/docs/profiles/create-a-profile)**
+
+# Security, Encryption and Safety
+
+##  Identity, or What exactly is a Cwtch Profile?
+
+With Cwtch you can create one of more **Profiles**. Each profile generates a random ed25519 keypair compatible with
+the Tor Network. 
+
+This is the identifier that you can give out to people and that they can use to contact you via Cwtch
+
+##  Peer to Peer, 2-party Conversions
+
+![](/img/BASE_3.png)
+
+In order to chat with your friends in a peer-to-peer conversation both must be online.
+
+After a successful connection both parties engage in an **authentication protocol** which:
+
+* Asserts that each party has access to the private key associated with their public identity.
+* Generates an ephemeral session key used to encrypt all further communication during the session.
+
+This exchange (documented in further detail in [authentication protocol](https://docs.openprivacy.ca/cwtch-security-handbook/authentication_protocol.html)) is *offline deniable*
+i.e. it is possible for any party to forge transcripts of this protocol exchange after the fact, and as such - after the
+fact - it is impossible to definitely prove that the exchange happened at all.
+
+One the authentication process is successful then both you and your friend can communicate away assured that no one else
+can learn anything about the contents or the metadata if your conversation.
+
+## Offline Delivery via Untrusted Routing Servers, and Group Conversations
+
+**Note: Metadata Resistant Group Communication is still an active research area and what is documented here
+will likely change in the future.**
+
+In order to get around the limitation of being always-online, Cwtch has built in support for hosting
+conversations on **Untrusted Servers**.
+
+These servers can be set up by anyone and are intended to be always online. Most importantly, all communication with a
+server is designed such that the server learns as little information as possible about the contents or metadata.
+
+The risk model associated with servers is more complicated that peer-to-peer communication, as such we currently
+require people who want to use servers within cwtch to [opt-in to the Group Chat experiment](/docs/groups/enable-experiment)
+in order to add, manage and create groups on untrusted servers.
 
-Cwtch (/kʊtʃ/ - a Welsh word roughly translating to “a hug that creates a safe place”) is a decentralized, privacy-preserving, metadata resistant messenging app.
 
 ## Getting Started
 
+
+
 ### Install
 
 Install on OS of choice:
@@ -16,8 +69,3 @@ Install on OS of choice:
 - Android
 - MacOS
 - Linux
-
-### Use
-
- **[Create a profile](/docs/profiles/create-a-profile)**
-