- Ghost Networking: No persistent user databases, no message archives.
- Client-Side Sovereignty: Cryptographic keys and encryption occur entirely on your device.
- Statelessness: Rooms exist only as long as they are needed and are destroyed without a trace.
Every message is encrypted locally using AES-256-GCM. The encryption key is derived from the room code using a SHA-256 hash. Because the key never leaves your browser, even the database administrator cannot read your messages.
Integrated with Cloudflare Turnstile to provide silent, privacy-preserving CAPTCHA verification. This ensures that all traffic originates from human actors without compromising user experience.
- 100-Message Limit: Rooms only maintain the latest 100 messages to prevent long-term data accumulation.
- 24-Hour Auto-Cleanup: A server-side Firebase Cloud Function automatically prunes rooms older than 24 hours.
- Volatile State: No IP addresses, metadata, or personal identifiers are ever stored.
Abuse logging is strictly limited to non-traceable session identifiers and timestamps. We do not log IP addresses or any information that could link a session to a real-world identity.
- Node.js 20+
- Firebase Project (Realtime Database + Cloud Functions)
- Cloudflare Turnstile Account
-
Clone the repository:
git clone https://github.com/Parth-Vasave/NoTrace.git cd NoTrace -
Install dependencies:
npm install
-
Environment Configuration: Copy the example environment file and fill in your credentials:
cp .env.local.example .env.local
-
Run development server:
npm run dev
- Framework: Next.js 15
- Database: Firebase Realtime Database
- Styling: Tailwind CSS
- Testing: Vitest
- Bot Protection: Cloudflare Turnstile
We welcome contributions! Please see our Contributing Guide and Code of Conduct.
This project is licensed under the MIT License - see the LICENSE file for details.