Skip to content

How to Send an Eyes-Only Message in UnoLock

Welcome to the guide on sending an Eyes-Only message in UnoLock CybVault. Eyes-Only is a standalone, anonymous Progressive Web App (PWA) that allows anyone, whistleblowers, journalists, or privacy-conscious individuals, to send post-quantum encrypted messages and files to UnoLock Safes without leaving any trace of identity or metadata. This feature is available for recipients on the Sovereign or HighRisk tiers, ensuring only they can decrypt the payload using their private key. The process empowers secure, untraceable communication, redefining privacy in high-stakes scenarios.

Eyes-Only operates on UnoLock's zero-knowledge principle, using ML-KEM-1024 and AES-GCM-256 encryption to resist quantum threats. Senders remain completely anonymous, with no account required, while recipients decrypt client-side in their Safe.

Why Send an Eyes-Only Message?

  • Absolute Anonymity: No sender data (IP, fingerprints, or identifiers) is collected, making it ideal for sensitive transmissions without surveillance risks.
  • Post-Quantum Security: Protects against future quantum decryption, ensuring long-term confidentiality.
  • Flexible Distribution: Send encrypted files via email, USB, or any method, UnoLock infrastructure isn't involved, preventing tracking.
  • Forward Secrecy: Each message uses a unique secret, so compromising one doesn't affect others.
  • Use Cases: Whistleblowing (send disclosures anonymously), covert operations (transmit evidence offline), or legacy drops (encrypt messages for future decryption).

Security Note

Eyes-Only is for one-way, anonymous sending. Ensure the recipient's Safe is on Sovereign or HighRisk tiers. Never send unencrypted sensitive data, always encrypt first.

Prerequisites

  • Recipient's Encrypted Address: You must know the recipient's random Eyes-Only address (shared by them from their Safe).
  • Device: Use a secure, trusted device (e.g., no malware). The PWA works offline for composition.
  • Tier Requirement: Recipients must be on Sovereign or HighRisk tiers for decryption. Senders need no UnoLock account.
  • Browser: Modern browser for the PWA (e.g., Chrome, Firefox) with JavaScript enabled.

If you're a recipient, see Using UnoLock Eyes-Only for decryption instructions.

Step-by-Step Guide to Sending an Eyes-Only Message

Follow these steps to compose, encrypt, and distribute your message.

  1. Access the Eyes-Only PWA
    Go to the UnoLock website and scroll to the bottom. Click the link "Eyes-Only Send Anonymously." This launches the Eyes-Only page, a standalone PWA for encryption, no login required.

  2. Enter the Recipient's Address
    Input the recipient's encrypted address (a random code they provide). This ensures the message can only be decrypted by their Safe's private key.

  3. Enter a Subject
    Provide a subject line for the message (optional but recommended for recipient context).

  4. Compose Your Message
    Write your message in the text area, similar to an email. Keep it concise for security.

  5. Add Attachments (Optional)
    Attach files as needed (e.g., documents, images). The PWA supports multiple attachments, encrypted alongside the message.

  6. Encrypt the Message
    Click "Encrypt." The PWA performs client-side encryption using ML-KEM-1024 for key encapsulation and AES-GCM-256 for the payload, with a unique IV per message. No data is sent to UnoLock servers.

  7. Download the Encrypted File
    A file download prompt appears. Name the file as you wish (e.g., "secure-message.unolock"). It saves as an UnoLock Encrypted Message file.

  8. Distribute the Encrypted File
    Send the file to the recipient via any private method: email, file sharing, cloud storage, USB drive, or even QR code. No one except the recipient can decrypt it.

  9. Recipient Decryption
    The recipient uploads the file to their Safe's safe-to-safe messaging area (in Sovereign or HighRisk tiers) and decrypts it client-side. See Using UnoLock Eyes-Only for details.

Troubleshooting

  • Invalid Recipient Address: Double-check the address provided by the recipient. It must match their Safe's key.
  • Encryption Fails: Ensure your browser supports modern cryptography. Try a different browser if issues persist.
  • File Not Downloading: Check browser permissions for downloads. The PWA works offline, retry in a secure session.
  • Large Attachments: Eyes-Only supports files, but very large ones may require splitting. Limit to essential data for security.

If problems continue, join our Reddit community for support.

Security Considerations

  • Anonymity: No sender metadata is collected, use a VPN or Tor for extra protection during access.
  • Post-Quantum Resilience: ML-KEM-1024 and AES-GCM-256 ensure quantum-proof encryption.
  • Zero Metadata: No key IDs or patterns allow correlation; payloads are distributed outside UnoLock.
  • Offline Capability: Compose offline to avoid network exposure, ideal for high-risk environments.
  • Forward Secrecy: Unique secrets per message prevent past compromises from affecting others.

For a deep dive into Eyes-Only security, see UnoLock Eyes-Only Security. Own your digital destiny with UnoLock.