Zero-knowledge, client-side encrypted and self-destructing messages. How does it work?
When you send a message it is encrypted using Javascript directly in your browser before it is sent to the server. The encryption key used is also generated in your browser, and the server will never get to know this key.
The key is shipped in your link as an anchor (after the #). This portion of the URL is never sent to the server by your browser.
When opening a link and click to read a message, the message body will be fetched using AJAX from the server, decrypted in your browser and presented to you. When this request is made, the server will delete the message and any knowledge of it ever existing.
All code is simple and visible if you view source. All requests can be tracked easily with the inspector in your browser.