[ relay ] how sharing works
You can send a secret through our server, and we still can't read it.
Sharing a glimpse makes a link you paste into any chat. It travels through a small server, the relay, which forwards a secret it has no way to open: the decryption key rides in the part of the link browsers never send to servers.
it's not that we promise not to look. it's that there's nothing there to look at.
[ 01 ] the whole thing in one picture
The ciphertext goes through the relay. The key goes around it.
[ 02 ] the link is the trick
Half of the link is the key. That half never reaches us.
- Before the # · sent to the relay
- The lookup code. It names one encrypted blob. It can't open it.
- After the # · never sent anywhere
- The key. Browsers never transmit the fragment to a server, so it goes device to device inside the link.
[ 03 ] what they see
Open, hold to reveal, gone.
[ 04 ] the rules
Short-lived on purpose.
- One view
- The blob is deleted the moment it's opened. A leaked link is already empty.
- 24 hours
- Unopened shares expire and are wiped.
- Preview bots
- Chat crawlers get a blank card, and it doesn't spend the view.
- The link is the ticket
- Anyone holding the full URL can open it once. Send it over a chat you trust.
share it the way you'd whisper it. one view means a leaked link is already empty.
[ 05 ] the relay
A small Go server you can read, and run yourself.
The relay is open source under MIT: one Go binary, a Dockerfile, and a compose file. Run your own with docker compose up, then point the app at it in Settings → Relay server; the app verifies it with a handshake before adopting it. Your links then work exactly like ours, through hardware you control.