I built a small privacy-focused web app called ChatOffRecord. It creates temporary anonymous chatrooms that automatically self-destruct in 10 minutes.
No accounts, no logs, no database of messages — everything is kept in memory and disappears when the room expires. The idea is to provide a simple way to have an off-the-record conversation with someone without needing a login or installing anything.
Core features: - Create an anonymous chatroom in one click - No sign-up or personal data - No persistent storage of messages - Rooms auto-delete in 10 minutes - Invite by sharing the URL
I also added an optional one-time $2.99 upgrade that creates a permanent private room with a custom link. Messages in those rooms are still ephemeral (no storage), but the URL never expires.
Would love feedback — especially around security assumptions, UX flows, and any edge cases you think I should consider. This is my first attempt at building an ephemeral WebSocket-based chat system with strict no-storage rules.
Live site: https://chatoffrecord.com (You can test everything directly, including free rooms.)
mistyshadow•2h ago
- Built using Node + WebSockets - All chat messages exist only in server memory per room - When a room expires (10 minutes after first join), the server destroys its in-memory data structure and disconnects clients - No logs of message bodies (explicitly disabled) - No database writes for messages; only permanent-room metadata is stored - Simple per-connection rate limiting to prevent abuse - Free rooms = 10 minutes, paid rooms = permanent URL with ephemeral messages - Paid flow uses Stripe; confirmation → claim-room pattern
I’m particularly interested in feedback on: - Whether 10 minutes is too short/long - Any privacy or anonymity pitfalls I may be missing - How to improve reliability / reduce edge case failures - Whether the paid model makes sense / feels ethical