[//] CIPHAR

About Ciphar

Ciphar is a zero-knowledge encrypted chat application. Open a channel, share the access key with one person, talk for up to sixty minutes, and the channel destroys itself. No account. No phone number. No email. No identifier of any kind.

Why it exists

Mainstream messengers solve a different problem than the one Ciphar solves. They optimise for permanence, identity, and reach: persistent accounts tied to a phone number, conversation history that lives on a server, contact graphs that reveal who you talk to. Those properties are useful for daily life and disastrous for the moments that matter — a source talking to a journalist, a lawyer briefing a client, a researcher disclosing a vulnerability, a person under threat reaching out for help.

Ciphar exists for those moments. The design goal is simple: if our database is leaked, stolen, subpoenaed, or exfiltrated by a state actor, the attacker still has nothing useful. Every byte we store is ciphertext that we cannot decrypt.

How it is built

Encryption happens entirely in the browser using AES-256-GCM with a key derived from the channel access key via PBKDF2 (210,000 iterations, SHA-256). The server only ever sees ciphertext, an opaque verification blob to admit the right people to the right channel, and an expires_at timestamp. There is no key escrow, no recovery mechanism, and no backdoor — by construction, not by promise.

The full technical model, the threat model, and the explicit list of what Ciphar does and does not protect against are written down on the security page.

Principles

  • Zero knowledge by construction. If we cannot decrypt your data, we cannot be compelled to.
  • No account, ever. Identifiers are the original sin of online communication. Ciphar refuses to take one.
  • Ephemerality is the default. Channels expire after sixty minutes, full stop. There is no "extend" button and no premium tier that buys you longer retention.
  • You hold the trigger. Every channel has a burn button. If a conversation needs to end now, you end it now — no confirmation, no undo, no waiting for the timer.
  • No tracking, no analytics, no telemetry. Not because we promise to be good, but because the code does not contain any.
  • Honest documentation. Where Ciphar has weaknesses, the security model and privacy policy say so out loud.

Who built it

Ciphar is built and operated by MJ, an individual based in the Kingdom of Saudi Arabia. There is no company, no investor, no "team". There is one operator and a small set of well-defined sub-processors disclosed in the privacy policy.

What Ciphar is not

Ciphar is not a long-term messenger, a group chat, a file storage service, or a collaboration tool. It is not a replacement for the apps you use every day, and it is not appropriate for regulated communications that require audit trails or message archival — see the Terms of Service for the explicit list. If you need persistent identity, persistent history, large groups, or any kind of retained record, use a tool built for that. Ciphar deliberately does the opposite.

How to reach us

Vulnerability disclosure, press, legal inquiries, or anything else: contact@ciphar.org. Mail is forwarded to the operator's personal mailbox via the provider listed in the privacy policy.

Related: How it works · Security model · Legal · FAQ.