Skip to content

How to Open an Eyes-Only Message as a Recipient in UnoLock

Welcome to the guide on opening an Eyes-Only message as a recipient in UnoLock CybVault. Eyes-Only is a standalone, anonymous Progressive Web App (PWA) that enables senders to transmit post-quantum encrypted messages and files without any trace of identity or metadata. As a recipient on the Sovereign or HighRisk tier, you can decrypt these payloads securely within your Safe, ensuring only your private key unlocks the content. This process empowers high-stakes communication, such as whistleblowing or covert data sharing, with unparalleled privacy.

Eyes-Only leverages UnoLock's zero-knowledge principle, using ML-KEM-1024 and AES-GCM-256 encryption to resist quantum threats. Decryption occurs client-side, maintaining forward secrecy and anonymity.

Why Opening an Eyes-Only Message Is Important

  • Unmatched Privacy: Ensures only you can access the sender's encrypted content, protecting sensitive information from interception or surveillance.
  • Post-Quantum Security: Safeguards against future quantum decryption, preserving confidentiality for years.
  • Traceability Elimination: No metadata or sender identifiers, ideal for recipients in high-risk environments.
  • Flexible Integration: Seamlessly incorporates received messages into your Safe's notes and files, enhancing organization.
  • Use Cases: Decrypt whistleblower disclosures, activist evidence, or legacy messages securely, without compromising your vault's integrity.

Security Note

Only open Eyes-Only files in a trusted environment. Ensure your Safe is on Sovereign or HighRisk tiers. Once decrypted, handle content with care, save attachments offline if sensitive.

How Opening an Eyes-Only Message Works

The decryption process is integrated into UnoLock's safe-to-safe messaging area: - Upload and Decrypt: Files are uploaded client-side, decrypted using your Safe's private key. - Zero Metadata: No server-side processing exposes data; decryption is local. - Storage Options: Save messages as notes in your current Space, with attachments stored in files (cloud or local). - Forward Secrecy: Unique secrets per message prevent compromises from affecting others.

This aligns with UnoLock's defense-in-depth model, ensuring resilience and user control.

Prerequisites

  • UnoLock Safe Tier: Sovereign or HighRisk (decryption unavailable on Free or Inheritance).
  • Received Encrypted File: Obtain the .unolock file from the sender via email, USB, or other methods.
  • Device: Use a secure, trusted device with your authenticated Safe open.
  • Browser: Modern browser for the app (e.g., Chrome, Firefox) with JavaScript enabled.

If you're the sender, see How to Send an Eyes-Only Message.

Step-by-Step Guide to Opening an Eyes-Only Message

Follow these steps to upload, decrypt, and save the received message.

  1. Authenticate into UnoLock
    Open the UnoLock app and authenticate using your biometric or FIDO2 method. Ensure you're in a secure environment.

  2. Access the Messaging Menu
    In the left-hand menu, go to "Messaging." This is the hub for safe-to-safe communications and Eyes-Only decryption.

  3. Choose to Open a File
    In the Messaging section, select "Open File" to decrypt an Eyes-Only encrypted file. This option is available for Sovereign and HighRisk users.

  4. Upload the Encrypted File
    Click to upload the .unolock file received from the sender. The app will handle client-side decryption using your Safe's private key, only you can unlock it.

  5. Decrypt and View the Message
    Once uploaded, the file decrypts automatically. View the message content, subject, and any attachments. No one else can access this, thanks to post-quantum encryption.

  6. Save as a Note
    Save the decrypted message as a note in your current Space for organization. The note will appear in your notes section.

  7. Save Attachments
    Download or save attachments to the cloud (within your Safe) or locally. Attachments will appear in your files section if saved to the cloud.

  8. Review Saved Content
    Navigate to your notes and files to confirm the message and attachments are stored securely. The original encrypted file can be discarded.

Troubleshooting

  • Invalid File: Ensure the file is a valid .unolock Eyes-Only payload. If corrupted, request a resend from the sender.
  • Decryption Fails: Verify your Safe tier (Sovereign/HighRisk) and private key match. Retry authentication.
  • Upload Issues: Check file size limits or browser permissions. Use a different browser if problems persist.
  • No Messaging Option: Upgrade to Sovereign or HighRisk (see Upgrade Safe).

If issues continue, join our Reddit community for support.

Security Considerations

  • Anonymity: No sender metadata is revealed during decryption, your Safe processes everything client-side.
  • Post-Quantum Resilience: ML-KEM-1024 and AES-GCM-256 ensure quantum-proof decryption.
  • Zero Metadata Design: No correlatable patterns or logs are created, preventing tracking.
  • Offline Safeguards: Decrypt in a secure, offline-capable environment to minimize risks.
  • Forward Secrecy: Unique secrets per message protect against future compromises.

For a deep dive into Eyes-Only security, see UnoLock Eyes-Only Security. Own your digital destiny with UnoLock.