Void Chat
Encrypted in your browser. The server never sees a key.
Encrypted in your browser. The server never sees a key.
This is the only other thing on earth that can open your account. You will not see it again.
·
Both of these carry the code off the screen. The clipboard is readable by every other app on this machine, and a printed code is a piece of paper somebody can find - a shared office printer is a computer with a queue and a disk, and is not somewhere safe.
This code can open the account on its own. Anyone who finds this paper can read every message in it. Keep it where you would keep a spare key to your house.
Drop to attach
Encrypted in this browser before it is uploaded.
Every browser you sign in from has its own key, which never leaves it. Lost a laptop? Revoke it here.
Device names are encrypted with your key: the server stores them and cannot read them. We deliberately do not record IP addresses.
An invite lets somebody create an account. It is not a key - it decrypts nothing, and it gets them into no server on its own. Send it over Signal or say it out loud; sending it over the chat you are inviting them to is a chicken-and-egg problem.
Everyone, including the suspended - who are deliberately invisible in the ordinary directory. A ban you cannot see is a ban nobody can lift.
A ban is a lock on the front door, not a recall. It ends their sessions and stops them signing in. It does not reach into their browser and take back the server keys they already hold - nothing that respects rule 2 could. To actually shut them out of a conversation you must also remove them from the server, which rotates its key.
How much of everything there is. All of it is counted from metadata the server can already see - it holds no key, so it can tell you how many messages exist and never what one says.
How long somebody has to be quiet before their dot changes. It applies to everyone here, and takes effect immediately - nobody has to reload.
The offline number does two jobs. It greys out somebody sitting in an open tab who has not touched anything - and it is also how long the server waits before deciding a browser it has not heard from has gone. That second half is what catches a closed laptop: shutting a lid does not close the connection, it just stops talking, so without a deadline that person would look online until the machine woke up. None of this is written to disk. Statuses live in memory and are gone on restart, there is no "last seen" anywhere in this app, and these two numbers are the only thing on this page that is stored.
Someone sent you a message they thought you should see. Their browser sealed it to your key - the server carried it and could not read it, and neither could anyone who stole the database.
This is testimony, not proof. The reporter sealed the text themselves, so nobody - not the server, not you - can check it against what was actually sent. Checking would need the server's key, and holding that would make you able to read the server. You cannot, and that is deliberate.