Privacy

Nothing identifiable. Cipher does not require accounts, email addresses, phone numbers, or any personal information. The only data you provide is the messages you type into a room.

Each room generates a fresh P-256 ECDH keypair inside your browser. Public keys are exchanged through the relay, and the shared secret is derived locally. Every message is encrypted with AES-GCM 256 using a unique IV before it ever touches the network. The private key never leaves your device.

The relay server only ever sees ciphertext (encrypted blobs). It cannot read message content, sender identity, or room topics. Realtime presence data (public key fingerprints and peer counts) is used to establish the channel, but contains no message content.

Messages exist in browser memory only while a room tab is open. Close the tab and they are gone. There is no server-side message log, database, or backup. Room identifiers are short-lived identifiers used only to route encrypted traffic; they are not tied to any identity and hold no message history.

Cipher runs on a managed hosting platform that provides the underlying infrastructure and realtime relay. The app owner is responsible for the encryption implementation, rate limiting, and abuse controls described above. Platform-level infrastructure security is provided by the hosting vendor and is separate from the app's end-to-end encryption guarantees.

If you have a security or privacy concern, please reach out through the project's contact channel.