End-to-End Encrypted
AES-256-GCM encryption happens directly in your browser. The keys strictly stay on your device, meaning we physically cannot access your messages even if we wanted to.
SPOF
€5 per room€5 per extra person€5 per hour extension
How It Works
How secure messaging should work
Most generic "private" chat apps will still store your data somewhere. SPOF is different. There is nothing to hack, subpoena, or leak because absolutely nothing is stored.
01
Create a Room
Get a unique room ID and a secret encryption key. The key is generated right inside your browser and is never sent to our servers.
02
Share Securely
Send the room credentials to your contact through a secure channel. Only people with both the ID and key can join.
03
Chat & Burn
Talk freely with total anonymity. When you are done, burn the room or let the timer run out. either way it gets wiped from existence.
Security First
No logs. No tracking. No compromise.
Privacy isn't just a feature we added. It is the very foundation we built this entire platform on.
Client-Side Encryption
Your messages get encrypted using AES-256-GCM before they even leave your browser. The encryption key is derived locally via PBKDF2 and never touches our servers. We simply relay encrypted blobs that we cannot decrypt.
RAM-Only Architecture
There is no database here. Rooms exist only in the server memory while they are active. When a room expires or is burned, the data is immediately freed from RAM. Nothing persists and there is nothing to recover.
No Accounts Required
No email, no phone number, and no username. You do not create an identity on SPOF. Each room is isolated and anonymous. When it is gone, there is absolutely no trace you were ever here.
Zero Metadata Logging
We do not log IP addresses, connection times, participant counts, or any other metadata. Our servers process requests and forget them instantly. There are no analytics and no user tracking. Nothing.
FAQ
Frequently Asked Questions
Everything you need to know about private, ephemeral chat.
Are my messages really private?
Yes. All messages get encrypted on your device using AES-256-GCM before being sent out. The encryption key never leaves your browser, which means our servers only see encrypted data. We cannot read your messages even if legally compelled to do so.
What happens when a room expires?
Rooms automatically self-destruct after 1 hour by default. When the room expires, all messages and room data are immediately wiped from server memory. There is no database, no backups, and no way to recover the conversation.
Can anyone read my messages, including SPOF?
No. Messages are fully encrypted client-side before transmission. Our servers only relay encrypted blobs between participants. Without the room's secret key (which is generated in your browser and never sent to us), the messages remain unreadable.
What does 'burn' mean?
The room owner can instantly destroy a room at any time by clicking the burn button. This action immediately wipes all messages and room data from server memory. All participants get disconnected and the room ceases to exist. There is no recovery.
Do you store chat logs or metadata?
No. SPOF has absolutely no database. Rooms exist only in server RAM while active. We do not log messages, IP addresses, or any metadata about your conversations. When a room is destroyed, nothing remains.
How is this different from other encrypted chat apps?
Unlike persistent chat apps, SPOF rooms are ephemeral by design. No accounts, no contact lists, and no message history. You get a one-time room for a one-time conversation. When it is done, it is truly gone.