A privacy-first, zero-setup burner chat application. Generate an instant room, share the encrypted link, and communicate securely. When the tab closes, the history vanishes forever.
Live Demo β’ Features β’ How It Works β’ Tech Stack β’ Setup
Messages are locked using the browser's native Web Crypto API (AES-GCM) before they ever leave your device. The room's URL hash acts as the cryptographic key. Even the database administrator (or Firebase) only sees randomized gibberish.
Designed for pure, untraceable communication. Messages are completely ephemeralβthey exist only in memory. Closing the browser tab instantly purges the chat. No server logs, no database history, no evidence.
No emails, no phone numbers, no OAuth, and no IP logging. Just click generate and start typing.
Powered by Firebase Realtime Database for instantaneous WebSocket message delivery without the need to maintain a traditional backend server.
βββββββββββββββ βββββββββββββββ βββββββββββββββ
β 1. Generate ββββββΆβ 2. Invite ββββββΆβ 3. Vanish β
βββββββββββββββ βββββββββββββββ βββββββββββββββ
β β β
βΌ βΌ βΌ
Create unique Share the hash Close tab &
AES-GCM Key with your peer messages vanish
| Technology | Purpose |
|---|---|
 |
Structure |
 |
Styling |
 |
Logic & Interactivity |
 |
Real-time Database & Sync |
- A modern web browser (Chrome, Firefox, Safari, Edge)
- A Firebase account (for database configuration)
- Clone the repository
git clone https://github.com/yourusername/hashchat.git
cd hashchat-
Configure Firebase
- Create a project at Firebase Console
- Enable Realtime Database
- Copy your Firebase config:
const firebaseConfig = {
apiKey: "YOUR_API_KEY",
authDomain: "YOUR_PROJECT.firebaseapp.com",
projectId: "YOUR_PROJECT_ID",
storageBucket: "YOUR_PROJECT.appspot.com",
messagingSenderId: "YOUR_SENDER_ID",
appId: "YOUR_APP_ID"
};-
Update the config
Open
index.htmland replace the Firebase config with your own:
const firebaseConfig = {
// Your config here
};-
Run locally
Simply open
index.htmlin your browser, or use a local server:
# Using Python
python -m http.server 8000
# Using Node.js
npx serve-
Deploy
Deploy to any static hosting service:
hashchat/
βββ index.html # Main HTML file with all structure
βββ script.js # JavaScript logic (encryption, Firebase, chat)
βββ stylesheet.css # All styling (dark theme, animations)
βββ README.md # This file
- Messages are end-to-end encrypted before being stored in Firebase Realtime Database
- Each room has a unique hash that acts as the room ID
- The encryption key is derived from the room URL - only those with the link can decrypt messages
- No user authentication β anyone with the link can join
- Messages are removed from memory when the tab is closed
- Even Firebase cannot read your message contents - they are stored as encrypted data
- For production use, consider implementing additional security rules in Firebase
Contributions are welcome! Please feel free to submit a Pull Request.
- Fork the repository
- Create your feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add some amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the MIT License β see the LICENSE file for details.
- Firebase for the real-time database
- Space Grotesk font by Google Fonts
- Inspired by privacy-first messaging apps
Made with π for private conversations
HashChat β When you're done, it's gone.