New Identity Required
Encrypted Vault Access
This file is the only way to recover your identity if you ever:
Without this file, your identity is permanently lost. There is no other recovery mechanism.
SKLO is an end-to-end encrypted messenger that runs entirely in your browser, built on Ukrainian state-standard cryptography (DSTU). The relay server forwards encrypted bytes between you and your contacts, but cannot read any of them, learn your aliases, or recover your messages — only the recipient's device holds the key needed to decrypt.
On first run you choose a nickname and a master password of at least 10 characters. That password is the only thing that decrypts your vault — there is no "forgot password" recovery, by design. SKLO will then force you to download a small encrypted .sklo file before you can proceed; without that file, clearing your browser data permanently destroys the identity.
Tap Copy ID in the sidebar to put your identity on the clipboard. Share that ID code with someone you want to talk to and have them paste it into Add Peer. The code is signed: nobody can forward it to a third party with a different name attached — the signature breaks if a single letter of your alias is changed.
The All view shows the list of conversations you have open — one row per contact, with their nickname on the left and the time of the last message on the right. Tap a row to enter the per-peer chat; the ← All button takes you back. A single ✓ under your sent bubble means the relay accepted your message; ✓✓ means it was actually delivered to your peer's online device.
The forced .sklo file at setup contains only your identity. To capture your contact list and message history too, click Backup in the Identity panel — it produces a larger encrypted file. To restore on a new device or after clearing data, click "Have a recovery file? Restore" on the unlock screen and provide the password.
The green slider at the bottom of the sidebar (and on this screen) erases everything if you slide its thumb to the right and hold for three seconds. "Everything" means: keys in RAM, IndexedDB, Service Worker cache, and the Service Worker registration itself — the app returns to a clean setup screen with no trace of the previous identity. Releasing the thumb early cancels. If you saved a .sklo file, you can restore from it afterwards.
Even though the relay forwards every byte you send, it is denied:
All of these are end-to-end encrypted under keys the relay never holds.
Cryptography. All cryptography is the Ukrainian state-standard set: Kupyna-256 (DSTU-7564) for hashing and PBKDF2, Kalyna-256 (DSTU-7624) for authenticated encryption, DSTU-4145 for signatures, and ECDH over a custom Edwards curve for key exchange. The session protocol is the Signal Double Ratchet, providing forward secrecy. Everything runs inside a WebAssembly module — no browser-supplied AES, no third-party JavaScript.
The browser you run this in matters. SKLO lives inside a browser tab. Any browser extension with access to web pages can read your private key, your contacts, and your messages directly from memory — there is no defence against this at the browser level. Use SKLO in a clean browser profile, with no extensions installed (or only ones you fully trust).
First-load trust. The first time you visit the site is trust-on-first-use: the Service Worker pins exact byte hashes only after that first successful load. The short App fingerprint in the bottom-left corner is sha-384 of the Service Worker code — compare it with the value published with the release on GitHub to verify you got the right bytes.
What the relay still observes. It knows which user IDs are connected right now, who is sending a message to whom, and the size + timing of each payload. This is routing metadata — the unavoidable cost of being reachable on a network. Contents stay sealed.
Full source and crypto audit → github.com/altruistor/sfera-sklo