$ plaintxt --how-it-works

how it works

no accounts. no servers storing your plaintext. here's exactly what happens.

// from browser to message

01
you open plaintxt
no install, no login screen. the app loads entirely in your browser. nothing is downloaded to your device.
02
pick a username
choose any available username. it is temporary by default — free identities last 24 hours. pro and power users can extend up to 30 or 365 days.
03
key pair is generated locally
your browser generates an ECDH P-256 key pair. your private key is stored in IndexedDB — it never leaves your device, not even to our servers.
04
public key goes to the server
only your public key is uploaded. the server uses it to route encrypted messages to you. it cannot use it to decrypt anything.
05
you send a message
your browser fetches the recipient's public key, derives a shared secret using ECDH, and encrypts the message with AES-256-GCM. the server receives ciphertext only.
06
recipient decrypts locally
when the message arrives, the recipient's browser uses their private key to derive the same shared secret and decrypt. the server is never involved in decryption.
07
burn happens automatically
messages are deleted 60 seconds after the recipient reads them. if unread, they expire after 24 hours. a background sweep runs every 5 minutes. nothing lingers.
08
identity expires and is gone
when your identity expires, all messages, sessions, and keys are hard-deleted from the database. there is no archive. there is no recovery unless you have a Pro/Power recovery code.

// smart read detection

messages only mark as read when all three conditions are met simultaneously:

tab: the plaintxt tab is the active foreground tab

window: the browser window is focused (not minimized or behind)

dwell: the conversation has been open for at least 1.5 seconds

this prevents accidental reads from notification previews or tab switching. the burn timer only starts when you're actually looking at the message.

// what the server sees

server stores

• your username

• your public key

• message ciphertext

• timestamps

• session token (hashed)

server never sees

• your private key

• message plaintext

• your real identity

• your IP (Cloudflare proxies)

• any personal data