$ burner-chat — v0

Burner-style E2EE chat.
Open it on your terms.

A chat app you forget exists until you need it. No notifications. No phone number. No recovery. Two PINs — one real, one decoy. The icon on your home screen says whatever you want it to say.

Sign up / Sign inInstall on your device

One button does both — new or returning, you get an 8-digit code by email. No password, no recovery.

// why this exists

Things every other chat app gets wrong.

No notifications. Ever.

The app never wakes you. There's no banner, no badge, no buzz. You open it when you decide to. Removes the metadata leak push notifications create — the lock screen never knows there's a message waiting.

Dual-PIN duress mode.

Two PINs. One opens your real chats. The other opens a separate persona with seeded, plausible chats. Both vaults sit in the same encrypted store as opaque blobs — nobody glancing at storage can tell which is real.

Cover-story PWA install.

Install as ScoreCenter, FitJournal, RecipeBox, or NotePad. The home-screen icon and name match the cover. Underneath, it's the same chat — but at a glance, it's a sports app.

Screenshot-resistant media.

Photos and videos only render under your finger — a small spotlight follows your touch and a fast flicker raster sits on top. Eye fuses, casual phone-camera shutter doesn't. Mark a send as view-once and it vanishes the moment you lift your finger.

// features

Everything that's in here.

  • End-to-end encrypted

    Signal Protocol — X3DH for the initial handshake, Double Ratchet for ongoing messages. Server stores ciphertext only.

  • Email magic-link sign-in

    No password. No phone number. Email is HMAC-hashed at rest; plaintext only crosses the wire to the mailer.

  • Mutual contact pairing

    No friend requests. We both add each other by username — that's the consent. Either side unlinks and the channel is gone.

  • Photos & videos

    Encrypted client-side with a per-message AES-GCM key. The blob URL alone is unreadable; the key only travels in the E2EE envelope.

  • Hold-to-reveal viewer

    Media renders only inside a 90px spotlight that follows your finger, with a high-frequency flicker raster on top. Defeats casual screenshots and most phone-camera shutters. Release to hide.

  • View-once media

    Toggle 🔥 before sending: the message vanishes from the viewer's device the moment they lift their finger. Server's blob remains, but the per-message key is gone — undecryptable forever.

  • Burn this conversation

    One tap clears every message in a thread on this device. The other side keeps theirs unless they burn too. No undo, no archive.

  • PIN strength meter

    Real-time scoring on PIN setup, blocks the obvious 1234 / 0000 / birthday-year picks. Length, character variety, and a common-pin denylist.

  • 8-digit code sign-in

    OTP code paste — works inside the installed PWA. No magic-link race where the OS browser eats your token before the PWA can use it.

  • Disappearing messages

    Per-chat timer (1h / 1d / 7d). Sender encodes the TTL; both sides delete in lock-step.

  • Auto-lock + wipe

    Locks after 5 minutes of inactivity. After 5 wrong PIN attempts, all local vaults are wiped. The counter persists across reloads — you can't game it.

  • Vault export / import

    Download your encrypted vault as a single file. Import on a new device, enter your PIN, you're back. Lose the file and the PIN — gone forever.

  • Safety-number verification

    Per-chat 60-digit fingerprint derived from both identity keys. Compare out of band; mark verified. The standard defense against MITM.

  • Strict CSP, HSTS, no third-party scripts

    Default-src 'self'; HSTS preload-eligible; Permissions-Policy disables camera/mic/geolocation/interest-cohort.

  • Pull-only delivery

    Server queues encrypted blobs; the client fetches when it opens. Nothing pushes anything to your device. Undelivered messages are deleted after 7 days.

// how it works

The honest version.

01.All keys are generated and held client-side. The server only sees ciphertext, your username, and your prekey bundle's public material.

02.Local data lives in an encrypted vault — AES-GCM-256, key derived from your PIN via PBKDF2 (600,000 iterations, SHA-256). The PIN never leaves your device.

03.We only run a thin signaling + relay server. We can't read your messages, see who's sending what to whom in plaintext, or recover your account if you lose the PIN. By design.

# stack

next.js 16 · react 19 · typescript · tailwind v4

libsignal-protocol-typescript (X3DH + double ratchet)

aes-gcm-256 vault, pbkdf2 600k, web crypto api

vercel · neon postgres · vercel blob

# server posture

stores: usernames, identity public keys, signed prekeys,

one-time prekeys, ciphertext blobs, hashed emails

does not store: plaintext, push tokens, read receipts,

typing state, last-seen, recovery secrets