Back to Home

Security Model

ThisChatNeverExisted uses privacy-through-impossibility architecture to make data surveillance technically impossible. This document explains our security model, threat protection, and responsible disclosure process.

For complete security documentation, see SECURITY.md on GitHub.

Security Model

Zero-Backend Architecture

What This Protects Against:

  • ✅ Server-side data breaches (no server exists)
  • ✅ Database compromises (no database exists)
  • ✅ Backend vulnerabilities (no backend exists)
  • ✅ Subpoenas for user data (no data to subpoena)
  • ✅ Insider threats (no server access to compromise)

RAM-Only Storage

What This Protects Against:

  • ✅ Data persistence after browser close
  • ✅ Forensic data recovery (no disk writes)
  • ✅ Storage-based XSS attacks (no localStorage to steal)
  • ✅ Cross-session data leakage

Local AI Processing

What This Protects Against:

  • ✅ Network eavesdropping (no network calls during chat)
  • ✅ Man-in-the-middle attacks (no data transmitted)
  • ✅ Cloud provider access to conversations
  • ✅ Third-party AI service data collection

Out-of-Scope Threats

What This Architecture Does NOT Protect Against:

Client-Side Attacks

  • ❌ Malicious browser extensions (can access page content)
  • ❌ Keyloggers (can capture keystrokes)
  • ❌ Screen capture/recording
  • ❌ Browser vulnerabilities (report to Google)

Device Compromise

  • ❌ Malware on user's device
  • ❌ Rootkits
  • ❌ Compromised OS

Physical Access

  • ❌ Someone looking over your shoulder
  • ❌ Device theft with active session
  • ❌ Physical access to unlocked device

User Responsibility

To maximize privacy and security:

  • ✅ Keep Chrome updated to latest version
  • ✅ Use trusted browser extensions only
  • ✅ Secure your device with strong password/encryption
  • ✅ Use burn ritual after sensitive conversations
  • ✅ Don't share your screen during sensitive chats

Responsible Disclosure

We welcome security researchers to audit our code and report vulnerabilities.

How to Report Security Issues

GitHub Security Advisories (Preferred):

  1. Go to repository Security tab
  2. Click “Report a vulnerability”
  3. Provide detailed description with steps to reproduce

Report a Vulnerability

What to Expect

  • Acknowledgment: Within 48 hours
  • Assessment: Within 7 days
  • Fix Timeline:
    • Critical: 24-48 hours (privacy violations, data leakage)
    • High: 1 week (security vulnerabilities)
    • Medium: 2 weeks (code quality issues)
  • Disclosure: Coordinated disclosure after fix is deployed

Scope

In Scope:

  • Privacy violations (storage API usage, data leakage)
  • Security vulnerabilities (XSS, CSRF, injection attacks)
  • Dependency vulnerabilities (npm packages)
  • Build process security issues

Out of Scope:

  • Chrome browser vulnerabilities (report to Google)
  • Prompt API vulnerabilities (report to Google)
  • Cloudflare Pages vulnerabilities (report to Cloudflare)
  • Social engineering attacks

Security Best Practices for Contributors

If you're contributing code:

  • Never introduce storage APIs (localStorage, sessionStorage, IndexedDB)
  • Never add backend APIs or server-side processing
  • Never transmit conversation content over network
  • Run npm run lint before committing (ESLint enforces privacy rules)
  • Review dependencies for data-exfiltration risks

See CONTRIBUTING.md for full guidelines.

Security Audits

We invite security audits from the community:

  • GitHub Repository
  • MIT License (fully auditable)
  • All code is open source
  • No hidden dependencies or obfuscation

Summary

ThisChatNeverExisted's security model:

  • ✅ Zero backend → No server to compromise
  • ✅ RAM-only storage → No data persistence
  • ✅ Local AI processing → No network calls during chat
  • ✅ Build-time enforcement → Privacy rules enforced at compile time
  • ✅ Open source → Full code auditability

We invite security audits and responsible disclosure.