Social●Mid
HugNote – send someone a tiny surprise message
Pretty animated cards for special moments, but market is crowded with similar no-code card builders.
Eye CandyCrowd Pleaser
krupa_049
203mo ago
Back to browse
TrueLock – secure messages as encrypted files with unlock rules
by dkatsura·Mar 5, 2026·3 points·3 comments
AI Analysis
●●SolidBig BrainSolve My Problem
Threat model is clear, but policy enforcement on compromised endpoints is the honest boundary.
Strengths
- •Encrypt-then-control model beats 'just encrypt'—unlock rules travel with ciphertext, solving real leak workflows where files get forwarded.
- •Offline-first, no accounts, open via any platform—genuinely reduces friction vs. messaging apps or cloud solutions.
- •Real scenarios (traders, retail, flash sales) show domain understanding, not generic crypto-for-crypto's-sake.
Weaknesses
- •Policy checks are local; fully compromised endpoint voids all guarantees—limits threat model to 'protect from platform/interception,' not from endpoint compromise.
- •Only Android + Windows; no macOS or web client limits adoption for iOS users and cross-platform workflows.
Category
Target Audience
Anyone sharing sensitive information via untrusted channels (traders, retail shops, enterprises needing leak control).
Similar To
Tresorit · Sync.com · Signal disappearing messages
Post Description
I built TrueLock for “secure messaging without a messenger”.
Instead of sending plaintext in chat, you wrap a message (and attachments) into a single encrypted capsule file (.cfcaps) and share it via any channel (Telegram/email/drive/USB). The recipient opens the file in the app.
What’s different vs “just encrypt a file” is that the unlock policy travels with the ciphertext:
time window
geo radius
password (Argon2id)
visual key (optional)
AND/OR logic across rules
Current clients: Android + Windows. Crypto: AEAD (AES-GCM / ChaCha20-Poly1305).
Threat-model boundary: policy checks are local; a fully compromised endpoint can bypass checks or exfiltrate plaintext after legitimate open.
I’d value technical feedback on:
threat-model clarity
strongest real use case
what trust artifact you’d want next (format spec, test vectors, reproducible builds)
Similar Projects
Security●●Solid
Ethernity: Secure paper backups with age encryption and SSS
Printable QR + human-readable fallback for offline recovery, no cloud dependency.
Niche GemWizardry
minorglitch
213mo ago
Security●●Solid
Secure Storage – An offline encrypted vault for iOS
Tidy, privacy-first vault that keeps everything on-device and uses Argon2id + AES-256 with per-field encryption — not just marketing buzz: the copy lists concrete choices like 64 MB memory hardness and biometric key storage in the secure enclave. Features such as camera card scanning, per-vault isolation, and on-demand file decryption are useful for single-device users, but the offline-only stance also limits appeal compared with cross-device managers like 1Password or Bitwarden.
Niche GemSlick
sbis04
114mo ago
Security●Mid
FileBit AES-256 file vault for macOS, zero network requests
Solid local encryption but FileVault and Cryptomator already solve this.
CozyNiche Gem
aarush-prakash
102mo ago
Security●Mid
LockFS is a flexible file-by-file encryption for secure storage
Encrypts files one-by-one from a single runnable JAR, which is nice for cross-platform use and managing many small vaults without re-archiving. The README clearly explains usage, but there’s no visible discussion of algorithms, key management, integrity guarantees, or threat model — that omission keeps this from standing out in a space already served by mature tools like age/gocryptfs.
Ship ItNiche Gem
0xGhostInAJar
103mo ago
Social●●Solid
WhisprMe – Anonymous messaging inside Telegram with Stars micropayments
Anonymous feedback app leveraging Telegram's native payments, but Ask.fm and Sarahah already solved this.
SlickCrowd Pleaser
paulbrickman
113mo ago