SECURITY

Engineered like a secret, not a product.

The short version: your content is encrypted on your device, decrypted only on your device, and the server sees ciphertext. The long version is below.

End-to-end encryption

Messages, media, and shared content are encrypted on your device and decrypted on your partner's device. The server is a relay for ciphertext.

  • ECDH P-256 key exchange between devices
  • AES-256-GCM authenticated encryption
  • Keys never leave your device unwrapped

Key management

Your private key is generated on your device and wrapped with material derived from your password. A recovery code provides a second, independent wrap.

  • PBKDF2 with 600,000 iterations
  • Recovery code is a separate, independent wrap
  • Private key lives only in IndexedDB on your device

Zero-knowledge architecture

The server stores ciphertext. Operators with full database access see nothing readable — not messages, not media, not shared content.

  • No server-side decryption path
  • Content hashes server-blind to plaintext
  • Database breach ≠ content breach

Infrastructure

Our own hardware, in our own rack. Not a cloud rental, not a resold AWS instance. No third-party data processors. No analytics SDKs. No ad networks.

  • Our metal, our network
  • No analytics, ads, or marketing pixels
  • Minimal external dependencies

GDPR & data rights

Full EU data-protection rights are honored: access, rectification, erasure, portability, and withdrawal of consent.

  • One-click export of your data
  • Consent tracked in user_consents table
  • Irreversible deletion on request

Open approach

Honest disclosure over marketing language. We describe how things work and let architecture do the talking.

  • No "military grade" buzzwords
  • Standard, reviewed cryptographic primitives
  • Verified by architecture, not claims

Read the policies for the legal detail behind the engineering.

Privacy policyTerms of service