Mechanisms that prevent betrayal by design.
Client-side encryption
XChaCha20-Poly1305 via libsodium. Unencrypted payloads never reach the server.
Zero-knowledge transport
The decryption key lives in the link fragment →. Fragments are not sent to servers.
Ephemeral storage
Payloads exist only until view quota or expiry. Then they are wiped.
Integrity and authentication
Authenticated encryption prevents undetected tampering.
Transparency
Public status. Disclosed incidents. Clear timelines.
Operational Notes
- » If you lose the link, I cannot recover the secret.
- » If an attacker opens the link, that consumes views from the quota.
- » For sensitive context, split link and instructions across separate channels.