Hey HN! I built a lightweight chat app that randomly pairs two strangers for live conversations, with all messages encrypted end-to-end *in the browser* using OpenPGP.js. The server never sees plaintext; it only relays ciphertext. Once a chat ends, everything is auto-deleted. *Key Features:* • Browser-based encryption/decryption with OpenPGP.js (like ProtonMail) • Zero registration required—fully anonymous • Ephemeral chats automatically expire after a short time • “Stranger danger” reminders to keep users cautious • Simple, single-file PHP, database-less back end (for easy deployment anywhere if I open this up) I’d love feedback on: - The security model (particularly key exchange & verifying authenticity) - Performance and resource usage (in your browsers) - UI/UX improvements, or any other features you think are missing Live demo: https://secrets.lol/ Thanks, and I look forward to your thoughts! |