Question 1

Can you read my notes?

Accepted Answer

No. Your note is encrypted in your browser before anything leaves your device. We store a 16-byte key fragment that is meaningless on its own — it exists so your note can only be unlocked once, and even that is deleted forever.

Question 2

What happens after someone reads my note?

Accepted Answer

The key fragment on our server is deleted immediately. The link stops working. There is no copy, backup, or undo.

Question 3

What if nobody reads it?

Accepted Answer

It expires automatically. You choose the time window — 1 hour, 24 hours, or 7 days. After that, the server key fragment is gone and access is impossible.

Question 4

Can you prevent screenshots or copy-paste?

Accepted Answer

No, and we won't pretend otherwise. Once decrypted in the browser, the reader can capture the content. This is a limitation of all screen-based communication. notefade ensures only one chosen reader sees the information exactly once.

Question 5

What encryption do you use?

Accepted Answer

AES-256-GCM via the Web Crypto API built into your browser. No external crypto libraries. The key is generated fresh for each note, then split using XOR — a mathematically proven unbreakable split. The larger piece lives in your link, and a small ephemeral shard stored on our server self-destructs after one read.

Question 6

Do I need an account?

Accepted Answer

No. No sign-up, no email, no cookies. You write a note, get a link, share it.

Question 7

How can I trust your code?

Accepted Answer

The code is fully open source on GitHub. Every production build includes subresource integrity checks and a build manifest with SHA-256 hashes. You can clone the repo, build it yourself, and verify the output matches what we serve.

Question 8

Can only messages be sent?

Accepted Answer

Yes. Only text up to 1,800 characters can be sent. Everything is embedded directly in the link itself, so nothing extra ever touches a server.

Question 9

How do I send the note?

Accepted Answer

After creating your note, you get a unique link. Copy it and send it however you like — email, messaging app, or scan a QR code directly from the link page. Whoever opens it first reads the content, and then it's gone.

Question 10

What if I regret sending a note?

Accepted Answer

You can destroy it before anyone reads it. Use the Destroy now button on the note link page to immediately delete the server shard. Once destroyed, the link is dead — no one can open it, including you.

Question 11

Can someone recover a read note from browser history?

Accepted Answer

No. The encrypted payload lives in the URL fragment, which is cleared after decryption. Even if someone finds the link in their history, the server shard is already gone — the note cannot be reassembled.