Frequently Asked Questions

  1. How is it anonymous?
  2. How do users send encrypted messages to others?
  3. What information is stored on the server?
  4. Are there message size limitations?
  5. Is it possible to attach files to a message?
  6. How long are encrypted messages stored on the server?
  7. Is it possible to manually delete an encrypted message stored on the server?
  8. How important is a long passphrase?
  9. What if the server is compromised and all the data is stolen?
  10. Do you log any IP metadata or email addresses?
  11. Is the source code open and available?
  12. How are bugs or vulnerabilities reported?

How is it anonymous?


No personally identifying information about any message ID, sender, or recipient is stored without user knowledge.

How do users send encrypted messages to others?


When an encrypted message is created, the user receives a link to the encrypted message. This link can be shared any way the user wishes. To streamline the emailing a link to a recipient, simply enter the recipient's email address when the encrypted message is created. After the encrypted message is stored on the server, the recipient receives an email with the link to the encrypted message. A passphrase hint may also be provided to help the recipient recall the correct passphrase.

What information is stored on the server?


The following information is stored:
  1. Message ID (80-bit UTF-8 string)
  2. Timestamp;
  3. Salt (256-bit base64 string)
  4. Initialization vector (128-bit base64 string)
  5. Authentication hash (256-bit base64 string)
  6. Encrypted message (base64 string)
  7. Message signature hash (256-bit base64 string)

Are there message size limitations?


Messages up to 40,000 characters are supported.

Is it possible to attach files to a message?


Currently, only text is supported, but file attachment support is a planned addition.

How long are encrypted messages stored on the server?


Messages expire and are deleted from the server automatically after 30 days.

Is it possible to manually delete an encrypted message stored on the server?


This is not currently supported but is a planned addition.

How important is a long passphrase?


Since brute force guessing of the passphrase is the only known attack on an encrypted message stored on the server, a short passphrase means it will be easier for an attacker to decrypt the message contents. A good rule of thumb is to choose a passphrase that is easy enough to remember or derive but long enough to make it difficult for others to guess (we recommend at least 12 characters).

What if the server is compromised and all the data is stolen?


Each encrypted message is generated from a different 256-bit salt and user passphrase, thus making every encryption key different. Determining the key for one message does not directly help an attacker determine the key for another encrypted message. Since each key is only as strong as the passphrase, users can mitigate the efficacy of such an attack by selecting a long passphrase.

Do you log any IP metadata or email addresses?


No IP metadata is stored or retained. Email addresses or personally identifying information of senders and recipients are used only long enough to send a notification of a message to the recipient.

Is the source code open and available?


By its very nature, all encryption source code is readily viewable on the client machine.

How are bugs or vulnerabilities reported?


Please use the contact form.