Encrypted.
Verified.
Gone.

End-to-end encrypted messaging with RSA-2048, biometric authentication, and Shamir key splitting. Nothing stored. Nothing logged.

Available soon on iOS and Android

How it works

Write your message. A fresh RSA-2048 key pair is generated per message. AES-256-GCM encrypts the content. Set an expiry time. Tap Encrypt.

The decryption key is split into 3 shares using Shamir's Secret Sharing. Any 2 of 3 reconstruct it. Send each share through a different channel.

Paste the payload and any 2 shares. Face ID or fingerprint required. The message appears. Nothing is stored on either device.

Security features

Hybrid encryption with a fresh ephemeral key pair per message. The symmetric key is RSA-OAEP wrapped with SHA-256.

2-of-3 secret sharing over GF(2⁸). One share alone is cryptographically useless — intercept one, learn nothing.

Face ID and fingerprint authentication via the device Secure Enclave or TrustZone. Decryption is impossible without passing.

Expiry enforced against Cloudflare's trusted time server. Setting your device clock back does not work.

Deniable encryption produces an indistinguishable decoy payload. Under coercion, hand over the decoy. The real message stays hidden.

Nothing written to storage, logs, or the cloud. Screen capture blocked at OS level. Clipboard auto-clears. Wipes after 10 min of inactivity.

Encrypted.Verified.Gone.