Security by Omission

We cannot hand over data we do not have. Our architecture is built to minimize liability by minimizing knowledge.

Volatile Memory (RAM)

Active rooms exist only in the server's Random Access Memory. We do not write message content to a database or hard drive. When a room expires, the data is physically overwritten by the OS.

No Access Logs

Our web server is configured to discard access logs. We do not store IP addresses or User-Agent strings. There is no historical record of who connected to the server.

No Persistent ID

GhostyMsg has no user accounts. You do not have a persistent ID. This prevents "Social Graphing"—the ability to link your conversations together over time.

Forward Secrecy

We utilize ephemeral key exchanges. Encryption keys are generated client-side and exist only for the duration of the session. Once the tab closes, the keys are destroyed forever.

Zero Third-Party Scripts

We do not use Google Analytics, Facebook Pixels, or external fonts. Your browser connects exclusively to our server, preventing cross-site tracking by ad networks.

No AI Training

Your conversations are never used to train Large Language Models (LLMs) or AI algorithms. Because data is deleted immediately, there is no dataset to harvest or sell.

The Threat Model

No software is unhackable. It is important to understand what GhostyMsg protects against, and what it does not.

Protects Against

  • Data Retention: We don't keep logs.
  • Database Leaks: We don't have a DB to leak.
  • Social Graphing: No accounts to track relationships.
  • Network Snooping: HTTPS/TLS protects transit.

Does Not Protect Against

  • Compromised Device: Malware on your phone can read your screen.
  • The Other User: The person you talk to could take a screenshot.
  • Active Server Seizure: A sophisticated live memory dump during an active raid is theoretically possible.

Cryptographic Primitives

We rely on battle-tested, standard algorithms via the native Web Crypto API. We do not roll our own crypto.

Encryption (AEAD) AES-256-GCM
Key Exchange X25519 (ECDH)
Key Derivation HKDF-SHA256
Randomness (RNG) Web Crypto CSPRNG

Application Hardening

Cryptography is useless if the browser is compromised. We enforce strict web security standards to prevent code injection and local leaks.

  • Content Security Policy (CSP): Strict rules prevent unauthorized scripts from loading.
  • XSS Protection: We use textContent binding only. No innerHTML allowed.
  • Zero LocalStorage: Keys and messages live in RAM. Nothing is written to the browser's disk cache.