End-to-End Encrypted Messages

1. Create a Wysper
   Enter your secret message in the textarea and generate a 7-word passphrase using the "Generate Random Passphrase" button.
2. Set Self-Destruct (Optional)
   Choose a self-destruct timer (0, 10, 30, or 60 seconds) to make the message ephemeral after it's viewed.
3. Generate Link
   Click "Generate Secure Link" to create a unique URL containing your encrypted message.
4. Share Securely
   Copy the link and share it separately from the passphrase via a secure channel (e.g., Signal, Simplex, or in-person on a trusted device).
5. Decrypt
   Recipient opens the link and enters the passphrase to decrypt and view the message.

• Secure Messaging: Encrypts messages using 100% client-side AES-GCM and PBKDF2, ensuring data remains private and inaccessible to servers.
• No Server Storage: Does not store messages, passphrases, or metadata on our servers—everything is processed in your browser.
• Ephemeral Messages: Supports self-destruct timers to automatically delete messages after viewing.
• Open-Source Transparency: Fully open-source, community-driven by Unshakled Inc., allowing anyone to verify the code.

• Protect Against Malware: Cannot prevent malware on your device from capturing your screen, keyboard input, or clipboard data.
• Guard Against Social Engineering: Cannot stop you from being tricked into sharing your passphrase or link with an attacker.
• Prevent Key Compromise: Cannot secure your passphrase if you send it with the URL or store it insecurely.
• Recover Lost Passphrases: Cannot retrieve a forgotten passphrase—there's no backdoor or recovery mechanism.
• Ensure Recipient Security: Cannot control the recipient's device security or prevent them from sharing the decrypted message.

Wysper works like a digital envelope with a special lock. You put your message inside, and only someone with the right passphrase can open it. The message isn't stored anywhere except in the link itself.

When you use Wysper, your message is scrambled (encrypted) right in your browser with bank-level security. We never see your message or store it on any server. When the recipient opens the link and enters the right passphrase, the message is unscrambled in their browser.

For maximum security, always share the link and passphrase through different channels. For example, send the link through email and the passphrase through a text message.

Always share the passphrase separately from the Wysper Link via trusted channels (encrypted messaging, in-person, etc.). Never include it with the message link. Use a unique passphrase for each wysper and avoid reusing it.