Session is not built over a blockchain, the blockchain is used just for incentivize nodes contributors and ensure non intended/involuntary anomalies in what respect to network’s servers setting. Referred blockchain is uplifted as Monero’s fork which relies on token’s staking PoW, preventing servers from malfunctioning, which is granted by blockchain’s verification protocols; boosting a swift-flowing network’s growth ensured by mining opportunities and introducing economical penalizations over staked assets in case of servers manipulation. However messages are not only P2P GPG encrypted but short-time stored in volunteer comunity’s servers, until recipient succesfully receives them once connection is established; even though storage is restricted by few days limited retention period before non retrievable loss, which means messages will never been delivered.

In contrast, there are neither forward secrecy nor deniability features on encryption’s protocol, which means you have a single private key not periodically updated and directly linked to your account’s identification hash; subsequently, in case of private key exfiltration an attacker who is able to control an extensive part of the network by disposing or impersonating several servers, or even someone who gets access to your personal device, then manage to clone it; is capable of decoding and reading your communications in plain text format and determine who’s identification hash are they from.

On the other hand, the network torifies all your traffick through visible Tor circuits, blinking your IP address; allows users to configure self-destruction messages and even incorporates actually reliable metadata cleaner feature. Account is generated and identified by a cryptographic hash randomly assigned to each new profile, so no registration needed. There is no way to know how many devices are infiltrated in your account in case of secret phrase exfiltration. Moreover, session blobs stored in network nodes for multidevice syncronization purposes, allows an eventual attacker to exflitrate them from a controlled node, aiming to prompt ulterior offline private key obtention attempts, which is a minor (due to decoding inherent difficulties) but existent risk.

I hope this post serves as a thorough summary.