No marketing fluff — this is exactly what happens to your messages, what we store, and how you can check it yourself.
In Temporary and Private rooms, your message is locked inside your browser before it ever leaves your device, using the Web Crypto API (AES-GCM) — the same standard banks and messengers use.
The encryption key lives in the room link itself (after the #) and is never sent to our servers. We only ever see scrambled ciphertext we can't unlock.
Messages are relayed, not saved. They live only in the open browsers of people in the room, then vanish. There's no database of conversations, no chat history, no backups.
No accounts. No email. No phone number. Every time you join you get a random alias like Tiger_482. Rooms self-destruct on their timer.
| Room | Encryption | Who can join |
|---|---|---|
| Public | Secure transport (HTTPS/WSS) + live moderation | Anyone — it's an open lounge |
| Temporary | End-to-end — server can't read | Anyone with the link |
| Private | End-to-end + password | Only with link and password |
Public rooms are open by nature, so we keep them safe with filtering and rate-limits instead of E2EE. True end-to-end encryption is in Temporary and Private rooms, where it actually protects a private conversation.
No tool is magic. So you know the limits:
• Our servers route traffic, so at the network level your IP address is visible to the infrastructure (we don't store it). For full network anonymity, use a VPN or Tor.
• A private room is only as strong as its password — pick a strong one.
• Screenshots can't be stopped by any website. Don't share what you wouldn't want re-shared.
• Because messages are end-to-end encrypted, we can't moderate private content — that's the trade-off for real privacy. Use the report and block tools, and the room admin's controls.
The entire client is open source. Read the code, check the encryption, confirm there's no hidden logging. Promises are easy; code is proof.
View source on GitHub