Skip to content

How to Send a Message with UnoLock Drop

This guide explains how to send an anonymous message or file using UnoLock Drop. UnoLock Drop is a standalone sender client that lets anyone send encrypted payloads to a Receive Address without creating a Safe. It is built for first-contact and high-risk disclosure workflows where identity exposure is unacceptable. UnoLock Drop is sender-only (no inbox or replies).

UnoLock Drop uses client-side encryption (ML-KEM-1024 + AES-256-GCM) and hashes the Receive Address (vaultxAddressHash) before sending it to the server.

Why Use UnoLock Drop?

  • Anonymous first contact: no account or login required.
  • Post-quantum security: ML-KEM-1024 + AES-256-GCM protect the payload.
  • Address privacy: the server receives only the hashed Receive Address.
  • Optional Tor access: use Tor Browser for extra network privacy.

Security Note

Always verify the Receive Address or shareable link provided by the recipient. If you are in a high-risk environment, use a trusted device and consider Tor.

Prerequisites

  • Receive Address or shareable URL from the recipient.
  • Modern browser with JavaScript enabled.
  • Tor Browser (recommended for high-risk use).

Step-by-Step: Send with UnoLock Drop

  1. Open the Drop Client Open the shareable URL from the recipient, or visit https://drop.unolock.com.

  2. Confirm the Receive Address If you opened a shareable URL, the address will be prefilled and a sender message may appear. Review usage limits and attachment rules shown in the client. If you and the recipient agreed on a code word, verify it appears in the sender message before sending.

  3. Compose your message Add a subject and message content.

  4. Add attachments (optional) Attach files if the address allows attachments. If attachments are disabled, the Drop Client will block file uploads.

  5. Send the drop UnoLock Drop encrypts locally and uploads the sealed payload.

  6. Save the address (optional) You can store frequently used Receive Addresses in a local, password-encrypted address book on your device.

Troubleshooting

  • Invalid address: re-check the Receive Address or link.
  • Throttled: the address is rate-limited; try again later.
  • Usage exhausted: the address has hit its usage limit.
  • Attachments blocked: the recipient disabled attachments for this address.
  • Network instability: on slow or censored networks, retry via Tor Browser.

What Happens Next

The recipient receives the message in their Safe inbox under the corresponding Receive Address. Decryption occurs client-side, and no account is required for the sender.

If you are a recipient and want to manage Receive Addresses, see Using Receive Addresses.