Private messages. No accounts.
Phantom is a tiny messenger that encrypts messages on your device before they leave. The relay stores only ciphertext and routing metadata — it never sees your message content. We try to maximize anonymity, but network anonymity is shared responsibility: use Tor or a trusted VPN.
Important: run through Tor or a trusted VPN to hide your IP from the relay/network.
Small, practical privacy
Client‑side E2EE
Messages are encrypted locally before sending and decrypted only on the recipient’s device.
No accounts
Your address is a derived UID from your public key. Share the UID to connect.
Burn messages
Delete room ciphertext from the relay. Burn requests are rate-limited and can be signature-authenticated.
Tor‑friendly
If Tor is running locally, Phantom routes traffic through it automatically. Without Tor/VPN, your IP may be visible to the relay provider.
Live updates
Uses WebSockets when available; falls back to polling when on Tor.
File attachments in chat
Send files with /file <path> (up to 50 MB) with a live upload progress bar and encrypted file metadata.
Limited retention
Relay-side cleanup runs automatically: 7-day message retention, 24-hour key-exchange retention, and 24-hour file retention.
What Phantom protects (and what you still must do)
Universal quick start
# Linux / macOS
curl -fsSL https://raw.githubusercontent.com/cqlnx/phantom/refs/heads/main/phantom.py -o phantom.py
python3 phantom.py
# Windows PowerShell
Invoke-WebRequest https://raw.githubusercontent.com/cqlnx/phantom/refs/heads/main/phantom.py -OutFile phantom.py
py -3 phantom.py# Phantom auto-installs missing packages on first run.
# If you prefer manual:
python -m pip install -r requirements.txt
python phantom.py
# follow the wizard to create an identity and get your uid/file /path/to/document.zip
/burn
/quit
Optional Tor (Linux): sudo systemctl enable --now tor then restart Phantom.
Common questions
Is this a web messenger?
Right now this is a lightweight Python client. This page is a simple landing site + docs for it.
What happens if I forget my password?
Your identity file is encrypted with that password. If it’s lost, the identity can’t be recovered — back up ~/.phantom/identity.json.
What does “burn” do?
It asks the relay to delete stored ciphertext for a room. It doesn’t affect local copies or backups, and the relay enforces burn rate limits.
What metadata does the relay learn?
It sees routing metadata like room IDs, sender UIDs, and rounded timestamps; when not using Tor it also sees client IP. Message contents remain ciphertext.
Is Phantom full anonymity by itself?
No. Phantom protects message contents with E2EE, but anonymity also depends on your network setup and behavior. Use Tor or a trusted VPN, and avoid identity leaks in what you share.
How long is data kept on the relay?
By default, encrypted messages are retained for 7 days, pending key-exchange entries for 24 hours (and deleted immediately when popped), and uploaded files for 24 hours.
How do file attachments work?
Use /file <path> in chat. The file is uploaded to relay storage, a short-lived relay URL is generated, and the metadata + link are sent as an encrypted chat message.
Don’t trust us?
Good. The client code runs on your machine, is not obfuscated, and is readable so you can inspect exactly what it does.
Can I customize Phantom?
Yes. You can modify the client to fit your workflow, including adding your own hardening choices like custom proxy routes. Keep code readable and avoid obfuscation so behavior stays auditable.