The messages are encrypted by 7 AES 256 different keys, 1 AES 256 key for each line and 2 RSA 2048 asymmetric keys.
The RSA public key encrypt the message into inbox and the private key decrypt the message to read.
There are two different user's password to decrypt the public or private key of the inbox.
An attacker can't decrypt your inbox or message or any metadata with server key only.
All file names are created by hash algorithm. An attacker can't associate user's files.
An attacker can't read the data without keys and login ans salt... etc...