Pages
Contents
Security
End-to-End Encryption
Messages are end-to-end encrypted (ECDH P-256 + AES-GCM 256-bit) β in addition to the DTLS transport layer. The key is only computed on the devices of the conversation participants and never leaves them.
Each session uses a fresh, ephemeral key pair β forward secrecy is guaranteed.
Local Data Encryption
All sensitive data in the browser (peer list, chat history) is stored encrypted with AES-GCM 256-bit. The key is derived at login from your client ID and your personal hash using PBKDF2 (200,000 iterations, SHA-256) β it never leaves your device.
Older unencrypted data is transparently detected on read and automatically encrypted on the next write.
Encrypted Backup Export
When exporting you can optionally choose encrypted export. This produces an
.enc.json file that can only be opened on a device that has the same client ID
and hash.
An unencrypted export remains available and is the recommended way for device transfers.
WebRTC & IP Address
WebRTC uses encrypted connections (DTLS) by default.
However:
- Your peer sees your IP address β technically necessary for direct connections
- STUN/TURN servers are used for connection setup β the ICE configuration is delivered securely from our own server, no hardcoded third-party URLs
"No Server" β What Does That Actually Mean?
There is a signaling/presence server for:
- "Who is online?"
- "Who wants to connect with whom?"
- Exchanging WebRTC connection data (offer/answer/ICE candidates)
- Online/offline status and chat room state
Chat content does not go through this server β it goes directly from device to device.
TURN Server
For connections behind restrictive NAT/firewall configurations a TURN server (coturn) is integrated. It is used automatically when a direct P2P connection is not possible. TURN credentials are provided securely via the signaling server β not hardcoded in the client.
Server Logging
The signaling server can log connection events. The current logging status is shown as a notice in the app.
Logging Active (Normal Operation)
Connection events are logged:
- Who went online / offline
- Who paired with whom
- Connection setup (WebRTC handshake)
IP addresses are anonymised β the last octet is set to 0
(e.g. 88.12.34.0 instead of 88.12.34.56). Logs are automatically rotated
(max. 10 MB Γ 5 files) and not permanently archived.
Logging Disabled
No connection data is stored.
Debug Mode
Used exclusively for diagnostics by the operator. IP addresses are logged in full in this mode. Legal basis: legitimate interest pursuant to GDPR Art. 6(1)(f). An active debug mode is explicitly shown in the app.