📢 Updates

What is Ephemeral Messenger?

Ephemeral Messenger is a decentralized, encrypted messaging system built on the Ergo blockchain. Messages are:

• Encrypted - Only the recipient can decrypt and read messages
• On-chain - Messages are stored as tokens on the blockchain
• Ephemeral - After a set time, anyone can "burn" the token to claim the ERG
• Trustless - No central server, fully peer-to-peer

How It Works

Sending a Message

When you send a message, the app:

• Fetches the recipient's public key from their on-chain transactions
• Encrypts your message (see Encryption below)
• Mints a token containing the encrypted data
• Sends it to a special smart contract with a time lock

Reading Messages

• Connect your Nautilus wallet
• Click on a message to decrypt it
• If passcode-protected, enter the passcode shared by the sender
• The message is decrypted locally in your browser

Burning Messages

After the message lifetime expires:

• Anyone can spend the box by burning the token
• The ERG locked in the box is released to whoever burns it
• This creates an incentive to clean up old messages

🔐 Encryption

Messages can be sent with two levels of encryption:

Standard Messages (No Passcode)

Messages are obfuscated using a basic encryption layer. This prevents plaintext from appearing directly on the blockchain, but is not cryptographically secure. Anyone with technical knowledge could potentially decrypt these messages.

⚠️ Use for non-sensitive messages only

Passcode-Protected Messages

For sensitive communications, enable passcode encryption when sending. This adds a layer of military-grade encryption:

• AES-256-GCM - Industry-standard symmetric encryption
• PBKDF2 - 100,000 iterations for key derivation (brute-force resistant)
• Random salt + IV - Each message has unique cryptographic parameters

Security Levels

💡 Tip: You can use memorable passphrases like "correct horse battery staple" instead of random characters. Share the passcode securely with the recipient (in person, Signal, etc.).

Smart Contract

Messages are sent to this contract address:

ErgoScript:

{
  val unlockHeight = SELF.R7[Int].get
  val allTokensBurned = SELF.tokens.forall { (token: (Coll[Byte], Long)) =>
    OUTPUTS.forall { (out: Box) =>
      out.tokens.forall { (outToken: (Coll[Byte], Long)) =>
        outToken._1 != token._1
      }
    }
  }
  sigmaProp(HEIGHT >= unlockHeight && allTokensBurned)
}

The contract allows spending if:

• Current blockchain height >= unlock height stored in R7
• All tokens in the box are burned (not in outputs)

Register Layout (EIP-4 Token Standard)

R5 JSON fields: from (sender address), to (recipient address), epk (ephemeral public key), ct (ciphertext base64), days (lifetime), ts (timestamp)

Technical Details

This application is a single HTML file containing:

• HTML - UI structure with tabs for Inbox, Send, Info, and Available Burns
• CSS - Dark theme styling with responsive design
• JavaScript - Wallet integration, encryption, transaction building

External dependencies loaded via CDN:

• Fleet SDK (@fleet-sdk/core) - Transaction building

APIs used:

• Ergo Node API - Box queries, transaction submission
• Ergo Explorer API - Balance queries
• Nautilus Wallet - Signing, address management

Privacy

While messages are encrypted, note that:

• Sender and recipient addresses are visible on-chain
• Message timestamps and lifetimes are public
• Only the message content is encrypted

Requirements

• Nautilus Wallet - Install from Chrome Web Store
• Recipient must have made at least one transaction (so we can get their public key)
• Some ERG to pay for messages