ShroudNote Documentation
Zero-knowledge encrypted messaging on Solana. Everything you need to know.
What is ShroudNote?
ShroudNote is a zero-knowledge encrypted messaging platform built natively on Solana. It enables anyone to send private, self-destructing messages to any Solana wallet address without requiring phone numbers, emails, or centralized accounts.
The core idea is simple: use your existing Solana wallet as both your identity and your encryption key. No new accounts. No trusting us with your data. The server stores nothing but unreadable ciphertext.
How It Works
Register Your Key
Connect your wallet once to generate a one-time encryption public key.
Send Encrypted Messages
Enter any Solana address, write your message, and we encrypt it client-side.
Decrypt & Read
The recipient connects their wallet to derive the private key and decrypt.
Quick Start Guide
Step 1Connect Your Wallet
Click the wallet button in the top right and connect with Phantom, Solflare, or any supported wallet.
Step 2Generate Your Encryption Key (One-Time)
If this is your first time, you'll see a yellow banner asking you to generate your encryption key. Click the button and sign the message in your wallet.
This is a one-time setup. Once done, anyone can send you encrypted messages.
Step 3Send a Message
Enter the recipient's Solana address, write your secret message, and optionally enable self-destruct or attach SOL.
Step 4Share the Link
Copy the generated link and send it to the recipient via any channel. Only their wallet can decrypt it.
x25519 Cryptography
ShroudNote uses x25519 elliptic-curve Diffie-Hellman on Curve25519, the same curve used by Signal, WireGuard, and SSH.
Ephemeral Key Pair
Every message generates a fresh ephemeral x25519 key pair. The ephemeral public key is stored on the server; the private key is discarded after encryption.
Shared Secret
The sender uses ECDH with their ephemeral private key and the recipient's public key to derive a shared secret.
XSalsa20-Poly1305
The shared secret encrypts the message with XSalsa20 and authenticates with Poly1305 MAC — same as libsodium.
Zero-Knowledge Architecture
The server mathematically cannot read your messages. Here's the proof:
Key Derivation from Wallet
Your encryption key pair is deterministically derived from a wallet signature on a fixed message.
Self-Destructing Notes
One-Time Read
Default. Self-destructs immediately after first decryption. Perfect for seed phrases or private keys.
Custom Read Limit
Set any number of reads. Useful if the recipient might need to re-read the message.
SOL Gifts with SplitNow
Attach SOL to any message and we'll deliver it via SplitNow.
Create Gift Order
We generate a SplitNow order and receive a unique deposit address.
Send SOL to Deposit
You send SOL to the deposit address from your wallet.
Confirm & Deliver
Once confirmed on-chain, SplitNow forwards the SOL to the recipient.
Wallet Integration
ShroudNote supports any Solana wallet via the wallet-adapter standard. Currently tested with:
Threat Model
Compromised server
Messages are encrypted. Server only stores ciphertext, nonces, and ephemeral public keys. No decryption possible.
Network eavesdropper
All traffic is HTTPS. The note link contains only the note ID — no decryption key in the URL.
Recipient's device
Once decrypted, the plaintext is in the recipient's browser. We can't control their device.
Sender's device
The plaintext exists on the sender's device before encryption. Standard endpoint security applies.