E2E encryption in the browser. Server stores ciphertext only.
Default: Encrypt + Sign. Incoming: Decrypt + Verify (if signature present).
Registration creates your UUID (phone-like ID).
If you can’t scan, use the secret below.
Note: Demo. For production add recovery, device mgmt, audit logs, stricter rate limits.
Keys stay in your browser. Only the public key can be published.
PGP is not Double Ratchet. No forward secrecy. Great for POC.
You only need a UUID to start. Saving is optional.
—