January 2025 • Security Tools • v2.3

VaporDrop: Ephemeral Messaging That Actually Disappears

A RAM-only messaging system with end-to-end encryption. No database, no logs, no disk writes. Non-NIST cryptography designed by independent cryptographers. When the server shuts down, everything vanishes.

Most "ephemeral" messaging apps keep your data on disk somewhere. They call it "disappearing messages" but the messages just become invisible to you, not to forensic analysis, not to subpoenas, not to the server operator.

VaporDrop takes a different approach: if data doesn't exist, it cannot be seized. Everything lives in RAM. The server stores only encrypted blobs it cannot decrypt. When the server shuts down, reboots, or loses power, all messages vanish instantly.

VaporDrop is Tor-only by design

To access VaporDrop, you need Tor Browser. This is intentional, not a limitation.

Download Tor Browser

How It Works

VaporDrop uses a brain key system for identity. You memorize 6 words. Those words become your cryptographic identity through key derivation:

Your brain key: "house cat moon pizza sea sun"
        ↓
Argon2id (100,000 iterations, 64MB memory)
        ↓
BLAKE3 key derivation
        ↓
X25519 key pair (public + private)

Same words always produce the same identity. No registration, no account creation, no email verification. You are your passphrase. Your public key becomes your numeric ID (like 12345678-90) that others can use to message you.

Why brain keys work: Even using only dictionary words, the combination of 6+ words creates a key practically impossible to guess. With a 10,000 word dictionary:

6 words = ~80 bits entropy = ~16 million years to crack
8 words = ~106 bits entropy = ~10¹⁵ years to crack
12 words = ~160 bits entropy = ~10³¹ years to crack

*Assuming 1 billion attempts/sec, which is unrealistic for Argon2id. Universe age: 13.8 billion years.

Why No NIST?

VaporDrop deliberately avoids all NIST-standardized cryptographic algorithms. This is not paranoia, it is a response to documented history:

Dual_EC_DRBG: NIST standardized an NSA-backdoored random number generator in 2006. The backdoor was confirmed in 2013 via Snowden documents.
Curve selection: NIST curves (P-256, P-384) have unexplained seed values. We use Curve25519, which has transparent, verifiable parameters.
Process opacity: NIST's selection process for cryptographic standards lacks the transparency of academic peer review.

Instead, VaporDrop uses algorithms designed by independent cryptographers with publicly auditable designs:

Function	Algorithm	Designer
Key Exchange	X25519	Daniel J. Bernstein
Encryption	XChaCha20-Poly1305	Daniel J. Bernstein
Hashing	BLAKE3	Aumasson, O'Connor, et al.
Key Derivation	Argon2id	PHC Winner (2015)
Signatures	Ed25519	Daniel J. Bernstein

Daniel J. Bernstein (djb) has a documented history of designing secure, efficient cryptographic primitives. His designs are public, auditable, and have withstood years of cryptanalysis.

Features

End-to-End Encrypted Messaging

Messages are encrypted client-side using X25519 key exchange and XChaCha20-Poly1305 authenticated encryption. The server never sees plaintext, it stores only encrypted blobs that it cannot decrypt.

File Transfer NEW

Send encrypted files up to 1 GB. Files are chunked, encrypted client-side with the same zero-knowledge architecture, and automatically deleted after 7 days.

Numeric ID & QR Code

Your identity is represented as both a 64-character hex public key and a short numeric ID (12345678-90) for easy sharing. Generate a QR code to share your identity in person without typing.

Contact Book

Save frequently used contacts locally in your browser. The server never sees your contact list.

Technical Implementation

Component	Implementation
Backend	Go, internal Tor via bine library
Storage	RAM only, no disk writes
Key Derivation	Argon2id (100k iter, 64MB, 4 threads)
Client Encryption	X25519 + XChaCha20-Poly1305
Hashing	BLAKE3 (server-side)
Message TTL	7 days, then garbage collected
File Transfer	Up to 1 GB, chunked, E2E encrypted
Network	Tor Hidden Service only

Threat Model

What VaporDrop protects against

Server seizure: Power off the server and all data vanishes from RAM instantly. There is nothing to image, nothing to analyze. Even while running, the server holds only encrypted blobs.
Subpoenas for logs: No logs exist. You cannot hand over what does not exist.
Traffic analysis: Random message padding (512-8192 bytes), randomized delays (50-500ms), constant-time operations.
Replay attacks: Nonce-based request validation with 24-hour expiration and hash-based cache.
NIST backdoors: We use zero NIST algorithms. All cryptography is from independent, auditable sources.
Metadata collection: No accounts, no registration, no logs. The server knows only that some identity sent a message to some other identity.

What VaporDrop does NOT protect against

Endpoint compromise: If your device is compromised, your messages are compromised. VaporDrop protects the transport and the server, not your laptop.
Screenshot attacks: The person you are talking to can screenshot your messages.

Why Tor Only?

VaporDrop runs exclusively as a Tor hidden service. This is not because we could not set up HTTPS on the clearnet, it is because Tor provides properties that TLS cannot:

Server location hidden: Nobody can determine where the server is physically located.
No exit node: Traffic never leaves the Tor network, so there is no exit node to monitor.
Self-authenticating addresses: The .onion address is derived from the server's cryptographic identity. No certificate authority required.
Client IP hidden: The server never sees your real IP address.

Access VaporDrop

Tor Browser required

http://njbdrwvqiyo53m4wsmdpj4kez2ct5zvgjgufotums464lacbttmx7byd.onion/

Works on desktop and Android (Tor Browser for Android)

Self-Hosting

For maximum security, run your own VaporDrop instance. The source code is available and the deployment is containerized:

git clone https://github.com/Virebent-do-ART/vapordrop.git
cd vapordrop
docker compose up -d --build

Your own .onion address will be generated automatically. See the GitHub repository for full documentation.

Warning: Your brain key is your identity. If you forget it, you lose access forever. There is no password reset, no recovery email, no support ticket. This is by design. Write it down on paper and store it somewhere safe, never on a computer or phone.

• • •

Source code: github.com/gabrix73
Questions and bug reports welcome.