🎉 Beta: Welcome to the beta! Join our Discord to report bugs or request features.

Privacy & Security

Last updated: January 2026

Carrion is designed for communities who face real-world consequences for their private conversations. We built our architecture so that we cannot betray your trust, even if compelled to.

The Short Version

What We Protect You From
  • Server seizure: A seized server reveals only encrypted gibberish
  • Subpoenas: We cannot produce chat logs we don't have
  • Data breaches: No message database exists to breach
  • Rogue employees: Staff cannot read your DMs
  • Social graphing: We can't tell who talks to whom
  • Fishing expeditions: No logs to search through
What We Cannot Protect You From
  • Your device being seized: Your chat history is on your device
  • Your chat partner betraying you: They have their copy
  • Screenshots: No technology prevents this
  • Someone watching your screen: Physical access defeats encryption
  • Nation-state targeting you specifically: Use Signal for that
Your Data, Your Control
  • Export anytime: Download your chat history as JSON or text
  • Import anywhere: Bring your logs to a new device
  • Delete everything: Your account, characters, and profile data
  • No lock-in: Your data is readable, portable, and yours

Who This Protects

This architecture is specifically designed for people who face legal or social risk for their private conversations:

  • LGBTQ+ people in hostile jurisdictions
  • Kink and adult content creators
  • Furries and other subcultures
  • Anyone whose private life could be weaponized against them

If a prosecutor, government agency, or hostile actor comes looking for evidence of "obscenity," "homosexual conduct," or whatever moral panic is trending, they will find nothing here. Not because we deleted it — because it was never here.

Technical Architecture

Message Encryption

Direct messages are encrypted end-to-end using:

  • Key Exchange: ECDH P-256 (Elliptic Curve Diffie-Hellman)
  • Encryption: AES-256-GCM (authenticated encryption)
  • Format: ENC:[version][iv][ciphertext][auth-tag]

Your encryption keypair is generated in your browser and stored locally. The private key never leaves your device. We store only your public key (useless for decryption).

Comparison to Other Platforms

Platform Stores Messages? Can Read DMs?
DiscordYes, foreverYes
Telegram (default)Yes, foreverYes
Telegram (secret)NoNo
SignalNoNo
CarrionNoNo

Zero Server-Side Storage

Messages exist on our server for approximately 50 milliseconds. Then they're gone.

Drakensberg Architecture: - Channel messages: Fan-out via Redis pub/sub, never written to disk - DM messages: Queued in Redis (7-day TTL), deleted after delivery - Room membership: Stored under hashed keys (cannot reverse to users)

There is no message database. There is no chat log. A forensic analysis of our server produces nothing.

Anti-Social-Graphing

DM Room IDs are generated using one-way hashes with a server-side secret:

room_id = SHA-256("dm-" + sorted(id1, id2) + SECRET_SALT)

The salt is stored in our environment variables — clients never see it. You cannot compute room IDs without compromising the server first. Given a room ID, we cannot reverse it to determine who the participants are. This defeats "social graphing" — mapping relationships to identify communities or targets.

No Room Registry: The server maintains no list of DM rooms. Room IDs are computed on-demand using deterministic hashing. A seized server contains no record of which rooms exist or have ever existed.

Room Ownership uses cryptographic proofs:

server_stores = SHA-256(HMAC(user_key, character_id + room))

We cannot determine which user owns which room.

What a Subpoena Produces

RequestResponse
"Give us messages between A and B"We don't store messages.
"Who has A been talking to?"DM room IDs are hashed. We can't tell.
"Decrypt this message"We can't. Keys are in users' browsers.
"Who owns channel #xyz?"We store only proof hashes.

Why Not Signal-Style Encryption?

Signal uses Perfect Forward Secrecy (PFS) to protect against "capture now, decrypt later" attacks. We don't, because:

  • We're encrypting smoke: Messages exist for ~50ms. There's nothing to capture.
  • Different threat model: Signal protects journalists from state actors. We protect furries from moral panics.

If you're hiding from the NSA, use Signal. If you're hiding from prosecutors looking for "obscenity," you're in the right place.

Standard Privacy Policy

What We Store

  • Account: Email, password hash, creation date
  • Profiles: Character names, descriptions, preferences
  • Public keys: For encryption (useless without your private key)
  • Access logs: IP addresses, rotated after 30 days
  • Messages: Never.

Data Sharing

We do not share data with third parties. No analytics. No ads. No data sales. In response to legal demands, we provide only what we have: account existence, profiles, and logs. We cannot provide messages or social graphs.

Your Rights

  • Access: View your stored data in your dashboard
  • Export: Download chat history from your browser
  • Deletion: Delete characters or your entire account
  • Correction: Edit your profiles anytime

Contact

For privacy questions or deletion requests, contact Vulture.

Changes

Material changes will be announced on the landing page. Last updated January 2026.