Dead Letter Drops are pretty secure but there are still a few things that you might want to consider.
There is no concept of us "creating" a mailbox, even though it might look like it when you generate your QR code. Both your public and private key is stored in your browser and not transmitted to our server on creation. When someone sends you a message, they are sending it to our server addressed only to the hash of your public key. There is no way for us to even know who the message is intended for or whether they actually exist.
However, if you send more than one message to the same address, both message recipients would have the same hash and we could therefore see that both messages are for the same person. This is why, if privacy is really important, you only ever use an address for one message and then move on.
When you retrieve a message, you send a request to our server to ask for any messages addressed to your public key. At this point, we hash (sha256) your public key and check for any messages sent to the hash. Obviously, at this point we now know the public key of the hashed address. Any risk of metadata leak here is very low but it might be that your public key was published in plain sight for someone to find and we (or someone with access to our server) could now search the internet and see where.
We would also have the IP address from which you requested your messages or that of any proxy you used. The same as we could see the IP address from the person who sent it.
We don’t store or track any of this information specifically and have no interest in doing so. However, some information may temporarily appear in standard server logs. The whole idea of a Dead Letter Drop is that it is hidden in plain sight. Since this is a side project for lightweight use, we’re not going to get overly paranoid about this.
It is impossible for us to see the content of your messages or to give access to anyone else. If our server gets hacked, the hacker could not read your messages.
**The biggest real risk isn’t even our server, it’s your own browser.** Your keys are stored locally in your browser storage. In theory, any browser extension with broad permissions could access that storage and potentially steal your private key. In practice, though, this is a pretty low-risk scenario: Dead Letter Drops are uncommon, one-off message boxes, so a malicious extension would have to recognize what it was looking at and care enough to do something with it. The real danger comes from installing extensions you don’t trust so keep them to a minimum.
> We will upgrade the key storage so that so can encrypt your keys in the browser on the next update.
**Another realistic risk is if our server (or we ourselves) serve you malicious JavaScript. In that case it would be possible for us to cheekily see your message before encryption.**
To protect yourself from this attack vector you can save a verified copy of the send message page to your device. Then enter the recipient URL and address yourself. Honestly, this is a bit OTT and if you're really that paranoid, you should probably just host the thing yourself - that would also remove any IP address worries.
There is no concept of us "creating" a mailbox, even though it might look like it when you generate your QR code. Both your public and private key is stored in your browser and not transmitted to our server on creation. When someone sends you a message, they are sending it to our server addressed only to the hash of your public key. There is no way for us to even know who the message is intended for or whether they actually exist.
However, if you send more than one message to the same address, both message recipients would have the same hash and we could therefore see that both messages are for the same person. This is why, if privacy is really important, you only ever use an address for one message and then move on.
When you retrieve a message, you send a request to our server to ask for any messages addressed to your public key. At this point, we hash (sha256) your public key and check for any messages sent to the hash. Obviously, at this point we now know the public key of the hashed address. Any risk of metadata leak here is very low but it might be that your public key was published in plain sight for someone to find and we (or someone with access to our server) could now search the internet and see where.
We would also have the IP address from which you requested your messages or that of any proxy you used. The same as we could see the IP address from the person who sent it.
We don’t store or track any of this information specifically and have no interest in doing so. However, some information may temporarily appear in standard server logs. The whole idea of a Dead Letter Drop is that it is hidden in plain sight. Since this is a side project for lightweight use, we’re not going to get overly paranoid about this.
It is impossible for us to see the content of your messages or to give access to anyone else. If our server gets hacked, the hacker could not read your messages.
**The biggest real risk isn’t even our server, it’s your own browser.** Your keys are stored locally in your browser storage. In theory, any browser extension with broad permissions could access that storage and potentially steal your private key. In practice, though, this is a pretty low-risk scenario: Dead Letter Drops are uncommon, one-off message boxes, so a malicious extension would have to recognize what it was looking at and care enough to do something with it. The real danger comes from installing extensions you don’t trust so keep them to a minimum.
> We will upgrade the key storage so that so can encrypt your keys in the browser on the next update.
**Another realistic risk is if our server (or we ourselves) serve you malicious JavaScript. In that case it would be possible for us to cheekily see your message before encryption.**
To protect yourself from this attack vector you can save a verified copy of the send message page to your device. Then enter the recipient URL and address yourself. Honestly, this is a bit OTT and if you're really that paranoid, you should probably just host the thing yourself - that would also remove any IP address worries.